wip: update to go1.24

.golangci.yml

@@ -1,41 +1,47 @@
+version: "2"
 run:
-  deadline: 5m
   allow-parallel-runners: true
-  skip-files:
-    - api/v1alpha2/zz_generated.deepcopy.go
-issues:
-  exclude-use-default: false
-  exclude-rules:
-    - path: "internal/*"
-      linters:
-        - dupl
-    - path: (.+)_test.go
-      linters:
-        - dupl
+output:
+  sort-order:
+    - file
+    - severity
+    - linter
 linters:
-  disable-all: true
+  default: none
   enable:
     - dupl
     - errcheck
-    - exportloopref
     - goconst
     - gocyclo
-    - gofmt
-    - goimports
-    - gosimple
     - govet
     - ineffassign
     - loggercheck
     - misspell
     - nakedret
     - staticcheck
-    - typecheck
     - unconvert
     - unparam
     - unused
-output:
-  sort-results: true
-  sort-order:
-    - file
-    - severity
-    - linter
+  exclusions:
+    generated: lax
+    rules:
+      - linters:
+          - dupl
+        path: internal/*
+      - linters:
+          - dupl
+        path: (.+)_test.go
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
+    - gofmt
+    - goimports
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

Makefile

@@ -70,7 +70,7 @@ HAS_GOLINT := $(shell which $(PROJECT_DIR)/bin/golangci-lint)
 lint: ## Verifies `golint` passes
 	@echo "+ $@"
 ifndef HAS_GOLINT
-	GOBIN=$(PROJECT_DIR)/bin go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.0
+	GOBIN=$(PROJECT_DIR)/bin go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.5.0
 endif
 	@bin/golangci-lint run
 
@@ -162,7 +162,7 @@ staticcheck: ## Verifies `staticcheck` passes
 	@echo "+ $@"
 ifndef HAS_STATICCHECK
 	$(eval TMP_DIR := $(shell mktemp -d))
-	wget -O $(TMP_DIR)/staticcheck_$(PLATFORM)_amd64.tar.gz https://github.com/dominikh/go-tools/releases/download/2023.1.7/staticcheck_$(PLATFORM)_amd64.tar.gz
+	wget -O $(TMP_DIR)/staticcheck_$(PLATFORM)_amd64.tar.gz https://github.com/dominikh/go-tools/releases/download/2025.1.1/staticcheck_$(PLATFORM)_amd64.tar.gz
 	tar zxvf $(TMP_DIR)/staticcheck_$(PLATFORM)_amd64.tar.gz -C $(TMP_DIR)
 	mkdir -p $(PROJECT_DIR)/bin
 	mv $(TMP_DIR)/staticcheck/staticcheck $(PROJECT_DIR)/bin
@@ -174,7 +174,7 @@ endif
 cover: ## Runs go test with coverage
 	@echo "" > coverage.txt
 	@for d in $(PACKAGES); do \
-		ENVTEST_K8S_VERSION = 1.26
+		ENVTEST_K8S_VERSION = 1.33
 		KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" IMG_RUNNING_TESTS=1 go test -race -coverprofile=profile.out -covermode=atomic "$$d"; \
 		if [ -f profile.out ]; then \
 			cat profile.out >> coverage.txt; \
@@ -578,8 +578,8 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
-KUSTOMIZE_VERSION ?= v5.3.0
-CONTROLLER_TOOLS_VERSION ?= v0.14.0
+KUSTOMIZE_VERSION ?= v5.4.2
+CONTROLLER_TOOLS_VERSION ?= v0.18.0
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize

api/v1alpha2/jenkins_webhook.go

@@ -18,6 +18,7 @@ package v1alpha2
 
 import (
 	"compress/gzip"
+	"context"
 	"encoding/json"
 	"errors"
 	"io"
@@ -37,10 +38,10 @@ import (
 )
 
 var (
-	jenkinslog                                                = logf.Log.WithName("jenkins-resource") // log is for logging in this package.
-	SecValidator                                              = *NewSecurityValidator()
-	_                                       webhook.Validator = &Jenkins{}
-	initialSecurityWarningsDownloadSucceded                   = false
+	jenkinslog                                                      = logf.Log.WithName("jenkins-resource") // log is for logging in this package.
+	SecValidator                                                    = *NewSecurityValidator()
+	_                                       webhook.CustomValidator = &Jenkins{}
+	initialSecurityWarningsDownloadSucceded                         = false
 )
 
 const (
@@ -60,28 +61,36 @@ func (in *Jenkins) SetupWebhookWithManager(mgr ctrl.Manager) error {
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 // +kubebuilder:webhook:path=/validate-jenkins-io-jenkins-io-v1alpha2-jenkins,mutating=false,failurePolicy=fail,sideEffects=None,groups=jenkins.io.jenkins.io,resources=jenkins,verbs=create;update,versions=v1alpha2,name=vjenkins.kb.io,admissionReviewVersions={v1}
 
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (in *Jenkins) ValidateCreate() (admission.Warnings, error) {
-	if in.Spec.ValidateSecurityWarnings {
-		jenkinslog.Info("validate create", "name", in.Name)
-		err := Validate(*in)
+// ValidateCreate implements webhook.CustomValidator so a webhook will be registered for the type
+func (in *Jenkins) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	jenkins, ok := obj.(*Jenkins)
+	if !ok {
+		return nil, errors.New("expected a Jenkins object")
+	}
+	if jenkins.Spec.ValidateSecurityWarnings {
+		jenkinslog.Info("validate create", "name", jenkins.Name)
+		err := Validate(*jenkins)
 		return nil, err
 	}
 
 	return nil, nil
 }
 
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (in *Jenkins) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	if in.Spec.ValidateSecurityWarnings {
-		jenkinslog.Info("validate update", "name", in.Name)
-		return nil, Validate(*in)
+// ValidateUpdate implements webhook.CustomValidator so a webhook will be registered for the type
+func (in *Jenkins) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	jenkins, ok := newObj.(*Jenkins)
+	if !ok {
+		return nil, errors.New("expected a Jenkins object")
+	}
+	if jenkins.Spec.ValidateSecurityWarnings {
+		jenkinslog.Info("validate update", "name", jenkins.Name)
+		return nil, Validate(*jenkins)
 	}
 
 	return nil, nil
 }
 
-func (in *Jenkins) ValidateDelete() (admission.Warnings, error) {
+func (in *Jenkins) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
 

api/v1alpha2/jenkins_webhook_test.go

@@ -1,6 +1,7 @@
 package v1alpha2
 
 import (
+	"context"
 	"errors"
 	"testing"
 
@@ -79,7 +80,7 @@ func TestValidate(t *testing.T) {
 	t.Run("Validating when plugins data file is not fetched", func(t *testing.T) {
 		userplugins := []Plugin{{Name: "script-security", Version: "1.77"}, {Name: "git-client", Version: "3.9"}, {Name: "git", Version: "4.8.1"}, {Name: "plain-credentials", Version: "1.7"}}
 		jenkinscr := *createJenkinsCR(userplugins, true)
-		_, got := jenkinscr.ValidateCreate()
+		_, got := jenkinscr.ValidateCreate(context.TODO(), &jenkinscr)
 		assert.Equal(t, got, errors.New("plugins data has not been fetched"))
 	})
 
@@ -95,7 +96,7 @@ func TestValidate(t *testing.T) {
 			{Name: "plain-credentials"}}}
 		userplugins := []Plugin{{Name: "script-security", Version: "1.77"}, {Name: "git-client", Version: "3.9"}, {Name: "git", Version: "4.8.1"}, {Name: "plain-credentials", Version: "1.7"}}
 		jenkinscr := *createJenkinsCR(userplugins, true)
-		_, got := jenkinscr.ValidateCreate()
+		_, got := jenkinscr.ValidateCreate(context.TODO(), &jenkinscr)
 		assert.Nil(t, got)
 	})
 
@@ -113,7 +114,7 @@ func TestValidate(t *testing.T) {
 		}}
 		userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
 		jenkinscr := *createJenkinsCR(userplugins, true)
-		_, got := jenkinscr.ValidateCreate()
+		_, got := jenkinscr.ValidateCreate(context.TODO(), &jenkinscr)
 		assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nworkflow-cps:2.59\ngoogle-login:1.2\nmailer:1.1"))
 	})
 
@@ -136,19 +137,19 @@ func TestValidate(t *testing.T) {
 
 		userplugins = []Plugin{{Name: "handy-uri-templates-2-api", Version: "2.1.8-1.0"}, {Name: "resource-disposer", Version: "0.8"}, {Name: "jjwt-api", Version: "0.11.2-9.c8b45b8bb173"}, {Name: "blueocean-github-pipeline", Version: "1.2.0-beta-3"}, {Name: "ghprb", Version: "1.39"}}
 		newjenkinscr := *createJenkinsCR(userplugins, true)
-		_, got := newjenkinscr.ValidateUpdate(&oldjenkinscr)
+		_, got := newjenkinscr.ValidateUpdate(context.TODO(), &oldjenkinscr, &newjenkinscr)
 		assert.Equal(t, got, errors.New("security vulnerabilities detected in the following user-defined plugins: \nhandy-uri-templates-2-api:2.1.8-1.0\nresource-disposer:0.8\nblueocean-github-pipeline:1.2.0-beta-3\nghprb:1.39"))
 	})
 
 	t.Run("Validation is turned off", func(t *testing.T) {
 		userplugins := []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
 		jenkinscr := *createJenkinsCR(userplugins, false)
-		_, got := jenkinscr.ValidateCreate()
+		_, got := jenkinscr.ValidateCreate(context.TODO(), &jenkinscr)
 		assert.Nil(t, got)
 
 		userplugins = []Plugin{{Name: "google-login", Version: "1.2"}, {Name: "mailer", Version: "1.1"}, {Name: "git", Version: "4.8.1"}, {Name: "command-launcher", Version: "1.6"}, {Name: "workflow-cps", Version: "2.59"}}
 		newjenkinscr := *createJenkinsCR(userplugins, false)
-		_, got = newjenkinscr.ValidateUpdate(&jenkinscr)
+		_, got = newjenkinscr.ValidateUpdate(context.TODO(), &jenkinscr, &newjenkinscr)
 		assert.Nil(t, got)
 	})
 }

config.base.env

@@ -3,14 +3,14 @@ API_VERSION_NEXT="v1alpha3"
 API_VERSION="v1alpha2"
 CLUSTER_DOMAIN="cluster.local"
 GEN_CRD_API="gen-crd-api-reference-docs"
-GO_VERSION="1.22"
-HELM_VERSION="3.12.3"
+GO_VERSION="1.24"
+HELM_VERSION="3.19.0"
 IMAGE_PULL_MODE="local"
 KIND_CLUSTER_NAME="jenkins"
 LATEST_LTS_VERSION="2.528.3"
 NAME="kubernetes-operator"
 NAMESPACE="default"
-OPERATOR_SDK_VERSION="1.35.0"
+OPERATOR_SDK_VERSION="1.41.1"
 PKG="github.com/jenkinsci/kubernetes-operator"
 QUAY_ORGANIZATION="jenkins-kubernetes-operator"
 QUAY_REGISTRY="operator"