update: 更新 go依赖包。k8s api到 v0..24.2。cert-manager依赖到 v1.9.1 。aliyunsdk …

…到 v1.62.37
scjtqs2 · Nov 25, 2022 · d66ce5e · d66ce5e
1 parent c5e5798
commit d66ce5e
Show file tree

Hide file tree

Showing 14 changed files with 355 additions and 222 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,12 +1,12 @@
-FROM golang:1.17-alpine AS build
+FROM golang:1.19-alpine3.15 AS build
 
 ADD . /workspace
 
 WORKDIR /workspace
 ENV GO111MODULE=on
 ENV GOPROXY=http:https://goproxy.cn
 
-RUN go mod tidy -compat=1.17
+RUN go mod tidy
 
 
 RUN CGO_ENABLED=0 go build -o webhook -ldflags '-s -w -extldflags "-static"' .

diff --git a/Makefile b/Makefile
@@ -1,12 +1,13 @@
-IMAGE_NAME := pragkent/alidns-webhook
+IMAGE_NAME := scjtqs/alidns-webhook
 IMAGE_TAG := $(shell cat VERSION)
 
 test:
  go test -v .
 
 docker:
- docker build -t $(IMAGE_NAME):$(IMAGE_TAG) .
+ docker buildx create --use --name myalidns
+ docker buildx build --no-cache --tag $(IMAGE_NAME):$(IMAGE_TAG) --platform linux/amd64,linux/arm64 .
+ docker buildx rm myalidns
 
 release:
- docker build -t $(IMAGE_NAME):$(IMAGE_TAG) .
- docker push $(IMAGE_NAME):$(IMAGE_TAG)
+ docker buildx build --no-cache --tag $(IMAGE_NAME):$(IMAGE_TAG) --platform linux/amd64,linux/arm64 --push .
diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@ Cert-manager ACME DNS webhook provider for alidns.
 ### Install cert manager
 Please find document here: https://cert-manager.io/docs/installation/kubernetes/
 
-### Install webhook (Cert manager v0.11 and above)
+### Install webhook (Cert manager v1.7 and above)
 1. Install alidns-webhook
 
  ```bash
@@ -30,18 +30,18 @@ Please find document here: https://cert-manager.io/docs/installation/kubernetes/
 
 3. Example Issuer
  ```yaml
- apiVersion: cert-manager.io/v1alpha2
- kind: ClusterIssuer
- metadata:
-  name: letsencrypt-staging
- spec:
-  acme:
-  # Change to your letsencrypt email
-  email: [email protected]
-  server: https://acme-staging-v02.api.letsencrypt.org/directory
-  privateKeySecretRef:
-  name: letsencrypt-staging-account-key
-  solvers:
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: alidns
+spec:
+ acme:
+ # Change to your letsencrypt email
+ email: [email protected]
+ server: https://acme-v02.api.letsencrypt.org/directory
+ privateKeySecretRef:
+ name: alidns-account-key
+ solvers:
  - dns01:
  webhook:
  groupName: acme.yourcompany.com
@@ -58,7 +58,7 @@ Please find document here: https://cert-manager.io/docs/installation/kubernetes/
 
 4. Issue a certificate
 ```yaml
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
  name: example-tls

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.1.1
+0.1.2
diff --git a/alidns/client.go b/alidns/client.go
@@ -6,7 +6,7 @@ import (
  "github.com/aliyun/alibaba-cloud-sdk-go/sdk"
  "github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
  "github.com/aliyun/alibaba-cloud-sdk-go/services/alidns"
- "github.com/jetstack/cert-manager/pkg/issuer/acme/dns/util"
+ "github.com/cert-manager/cert-manager/pkg/issuer/acme/dns/util"
 )
 
 type Client struct {

diff --git a/alidns/config.go b/alidns/config.go
@@ -4,7 +4,7 @@ import (
  "encoding/json"
  "fmt"
 
- cmmetav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
+ cmmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
  extapi "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 )
 

diff --git a/alidns/solver.go b/alidns/solver.go
@@ -6,10 +6,10 @@ import (
  "strings"
 
  "github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
- "github.com/jetstack/cert-manager/pkg/acme/webhook"
- v1alpha1 "github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
- cmmetav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
- "github.com/jetstack/cert-manager/pkg/issuer/acme/dns/util"
+ "github.com/cert-manager/cert-manager/pkg/acme/webhook"
+ v1alpha1 "github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
+ cmmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
+ "github.com/cert-manager/cert-manager/pkg/issuer/acme/dns/util"
  "github.com/pkg/errors"
  metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
  "k8s.io/client-go/kubernetes"
@@ -23,7 +23,7 @@ func NewSolver() webhook.Solver {
 
 // Solver implements the provider-specific logic needed to
 // 'present' an ACME challenge TXT record for your own DNS provider.
-// To do so, it must implement the `github.com/jetstack/cert-manager/pkg/acme/webhook.Solver`
+// To do so, it must implement the `github.com/cert-manager/cert-manager/pkg/acme/webhook.Solver`
 // interface.
 type Solver struct {
  client *kubernetes.Clientset
@@ -99,12 +99,12 @@ func (s *Solver) getCredential(cfg *Config, ns string) (*credentials.AccessKeyCr
  if err != nil {
  return nil, err
  }
-
- return credentials.NewAccessKeyCredential(string(accessKey), string(secretKey)), nil
+ // 去掉换行符 和空格。
+ return credentials.NewAccessKeyCredential(strings.TrimSpace(string(accessKey)), strings.TrimSpace(string(secretKey))), nil
 }
 
 func (s *Solver) getSecretData(selector cmmetav1.SecretKeySelector, ns string) ([]byte, error) {
- secret, err := s.client.CoreV1().Secrets(ns).Get(context.TODO(),selector.Name, metav1.GetOptions{})
+ secret, err := s.client.CoreV1().Secrets(ns).Get(context.TODO(), selector.Name, metav1.GetOptions{})
  if err != nil {
  return nil, errors.Wrapf(err, "failed to load secret %q", ns+"/"+selector.Name)
  }

diff --git a/build.sh b/build.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
 docker buildx create --use --name myalidns
-docker buildx build --no-cache --tag scjtqs/alidns-webhook:0.1.1 --platform linux/amd64,linux/arm64 --push .
+docker buildx build --no-cache --tag scjtqs/alidns-webhook:0.1.2 --platform linux/amd64,linux/arm64 --push .
 docker buildx rm myalidns
diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml
@@ -187,7 +187,7 @@ spec:
  serviceAccountName: alidns-webhook
  containers:
  - name: alidns-webhook
- image: scjtqs/alidns-webhook:0.1.1
+ image: scjtqs/alidns-webhook:0.1.2
  imagePullPolicy: IfNotPresent
  args:
  - --tls-cert-file=/tls/tls.crt

diff --git a/deploy/legacy.yaml b/deploy/legacy.yaml
@@ -152,7 +152,7 @@ spec:
  serviceAccountName: alidns-webhook
  containers:
  - name: alidns-webhook
- image: scjtqs/alidns-webhook:0.1.1
+ image: scjtqs/alidns-webhook:0.1.2
  imagePullPolicy: IfNotPresent
  args:
  - --tls-cert-file=/tls/tls.crt

diff --git a/go.mod b/go.mod
@@ -1,14 +1,17 @@
 module github.com/pragkent/alidns-webhook
 
-go 1.17
+go 1.19
 
 require (
- github.com/aliyun/alibaba-cloud-sdk-go v1.61.1422
- github.com/jetstack/cert-manager v1.6.1
+ github.com/aliyun/alibaba-cloud-sdk-go v1.62.37
+ github.com/cert-manager/cert-manager v1.9.1
  github.com/pkg/errors v0.9.1
- k8s.io/apiextensions-apiserver v0.22.2
- k8s.io/apimachinery v0.22.2
- k8s.io/client-go v0.22.2
+)
+
+require (
+ k8s.io/apiextensions-apiserver v0.24.2
+ k8s.io/apimachinery v0.24.2
+ k8s.io/client-go v0.24.2
  k8s.io/klog v1.0.0
 )
 
@@ -17,89 +20,116 @@ require (
  github.com/PuerkitoBio/purell v1.1.1 // indirect
  github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
  github.com/beorn7/perks v1.0.1 // indirect
- github.com/blang/semver v3.5.1+incompatible // indirect
- github.com/cespare/xxhash/v2 v2.1.1 // indirect
+ github.com/blang/semver/v4 v4.0.0 // indirect
+ github.com/cespare/xxhash/v2 v2.1.2 // indirect
  github.com/coreos/go-semver v0.3.0 // indirect
  github.com/coreos/go-systemd/v22 v22.3.2 // indirect
  github.com/davecgh/go-spew v1.1.1 // indirect
  github.com/emicklei/go-restful v2.9.5+incompatible // indirect
- github.com/evanphx/json-patch v4.11.0+incompatible // indirect
+ github.com/evanphx/json-patch v4.12.0+incompatible // indirect
  github.com/felixge/httpsnoop v1.0.1 // indirect
- github.com/go-logr/logr v0.4.0 // indirect
+ github.com/fsnotify/fsnotify v1.5.1 // indirect
+ github.com/go-logr/logr v1.2.2 // indirect
  github.com/go-openapi/jsonpointer v0.19.5 // indirect
  github.com/go-openapi/jsonreference v0.19.5 // indirect
  github.com/go-openapi/swag v0.19.14 // indirect
  github.com/gogo/protobuf v1.3.2 // indirect
  github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
  github.com/golang/protobuf v1.5.2 // indirect
+ github.com/google/gnostic v0.6.9 // indirect
  github.com/google/go-cmp v0.5.6 // indirect
  github.com/google/gofuzz v1.2.0 // indirect
  github.com/google/uuid v1.3.0 // indirect
- github.com/googleapis/gnostic v0.5.5 // indirect
  github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
  github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
  github.com/imdario/mergo v0.3.12 // indirect
  github.com/inconshreveable/mousetrap v1.0.0 // indirect
  github.com/jmespath/go-jmespath v0.4.0 // indirect
  github.com/josharian/intern v1.0.0 // indirect
- github.com/json-iterator/go v1.1.11 // indirect
+ github.com/json-iterator/go v1.1.12 // indirect
  github.com/mailru/easyjson v0.7.6 // indirect
  github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
- github.com/miekg/dns v1.1.34 // indirect
+ github.com/miekg/dns v1.1.47 // indirect
  github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
- github.com/modern-go/reflect2 v1.0.1 // indirect
+ github.com/modern-go/reflect2 v1.0.2 // indirect
  github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
- github.com/prometheus/client_golang v1.11.0 // indirect
+ github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
+ github.com/prometheus/client_golang v1.12.1 // indirect
  github.com/prometheus/client_model v0.2.0 // indirect
- github.com/prometheus/common v0.26.0 // indirect
- github.com/prometheus/procfs v0.6.0 // indirect
- github.com/spf13/cobra v1.2.1 // indirect
+ github.com/prometheus/common v0.32.1 // indirect
+ github.com/prometheus/procfs v0.7.3 // indirect
+ github.com/spf13/cobra v1.4.0 // indirect
  github.com/spf13/pflag v1.0.5 // indirect
- go.etcd.io/etcd/api/v3 v3.5.0 // indirect
- go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
- go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+ go.etcd.io/etcd/api/v3 v3.5.1 // indirect
+ go.etcd.io/etcd/client/pkg/v3 v3.5.1 // indirect
+ go.etcd.io/etcd/client/v3 v3.5.1 // indirect
  go.opentelemetry.io/contrib v0.20.0 // indirect
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 // indirect
+ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 // indirect
  go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 // indirect
- go.opentelemetry.io/otel v0.20.0 // indirect
+ go.opentelemetry.io/otel v1.3.0 // indirect
  go.opentelemetry.io/otel/exporters/otlp v0.20.0 // indirect
  go.opentelemetry.io/otel/metric v0.20.0 // indirect
- go.opentelemetry.io/otel/sdk v0.20.0 // indirect
+ go.opentelemetry.io/otel/sdk v1.3.0 // indirect
  go.opentelemetry.io/otel/sdk/export/metric v0.20.0 // indirect
  go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect
- go.opentelemetry.io/otel/trace v0.20.0 // indirect
- go.opentelemetry.io/proto/otlp v0.7.0 // indirect
- go.uber.org/atomic v1.7.0 // indirect
+ go.opentelemetry.io/otel/trace v1.3.0 // indirect
+ go.opentelemetry.io/proto/otlp v0.11.0 // indirect
+ go.uber.org/atomic v1.9.0 // indirect
  go.uber.org/multierr v1.6.0 // indirect
- go.uber.org/zap v1.19.0 // indirect
- golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
- golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d // indirect
- golang.org/x/oauth2 v0.0.0-20210810183815-faf39c7919d5 // indirect
+ go.uber.org/zap v1.19.1 // indirect
+ golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
+ golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect
+ golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect
+ golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
  golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
- golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 // indirect
- golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect
- golang.org/x/text v0.3.6 // indirect
- golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
+ golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8 // indirect
+ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+ golang.org/x/text v0.3.7 // indirect
+ golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
+ golang.org/x/tools v0.1.10 // indirect
+ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
  google.golang.org/appengine v1.6.7 // indirect
- google.golang.org/genproto v0.0.0-20211005153810-c76a74d43a8e // indirect
- google.golang.org/grpc v1.41.0 // indirect
+ google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 // indirect
+ google.golang.org/grpc v1.43.0 // indirect
  google.golang.org/protobuf v1.27.1 // indirect
+ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
  gopkg.in/inf.v0 v0.9.1 // indirect
  gopkg.in/ini.v1 v1.66.2 // indirect
  gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect
  gopkg.in/yaml.v2 v2.4.0 // indirect
  gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
- k8s.io/api v0.22.2 // indirect
- k8s.io/apiserver v0.22.2 // indirect
- k8s.io/component-base v0.22.2 // indirect
- k8s.io/klog/v2 v2.9.0 // indirect
- k8s.io/kube-aggregator v0.22.0 // indirect
- k8s.io/kube-openapi v0.0.0-20210527164424-3c818078ee3d // indirect
- k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a // indirect
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22 // indirect
- sigs.k8s.io/controller-runtime v0.10.1 // indirect
- sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect
- sigs.k8s.io/yaml v1.2.0 // indirect
+ k8s.io/api v0.24.2 // indirect
+ k8s.io/apiserver v0.24.2 // indirect
+ k8s.io/component-base v0.24.2 // indirect
+ k8s.io/klog/v2 v2.70.0 // indirect
+ k8s.io/kube-aggregator v0.24.2 // indirect
+ k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42 // indirect
+ k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect
+ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.30 // indirect
+ sigs.k8s.io/controller-runtime v0.11.2 // indirect
+ sigs.k8s.io/gateway-api v0.4.3 // indirect
+ sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
+ sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
+ sigs.k8s.io/yaml v1.3.0 // indirect
 )
 
-replace github.com/evanphx/json-patch => github.com/evanphx/json-patch v0.0.0-20190203023257-5858425f7550
+replace (
+ github.com/containerd/containerd => github.com/containerd/containerd v1.5.10
+ github.com/miekg/dns v1.1.41 => github.com/miekg/dns v1.1.34
+ go.opentelemetry.io/contrib => go.opentelemetry.io/contrib v0.20.0
+ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0
+ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0
+ go.opentelemetry.io/otel => go.opentelemetry.io/otel v0.20.0
+ go.opentelemetry.io/otel/exporters/otlp => go.opentelemetry.io/otel/exporters/otlp v0.20.0
+ go.opentelemetry.io/otel/metric => go.opentelemetry.io/otel/metric v0.20.0
+ go.opentelemetry.io/otel/oteltest => go.opentelemetry.io/otel/oteltest v0.20.0
+ go.opentelemetry.io/otel/sdk => go.opentelemetry.io/otel/sdk v0.20.0
+ go.opentelemetry.io/otel/sdk/export/metric => go.opentelemetry.io/otel/sdk/export/metric v0.20.0
+ go.opentelemetry.io/otel/sdk/metric => go.opentelemetry.io/otel/sdk/metric v0.20.0
+ go.opentelemetry.io/otel/trace => go.opentelemetry.io/otel/trace v0.20.0
+ go.opentelemetry.io/proto/otlp => go.opentelemetry.io/proto/otlp v0.7.0
+ golang.org/x/net => golang.org/x/net v0.0.0-20210224082022-3d97a244fca7
+
+ // Update gengo to ensure we have the --trim-path-prefix feature in code-generator tools.
+ k8s.io/gengo => k8s.io/gengo v0.0.0-20211115164449-b448ea381d54
+)