add tilt for local dev env

[aobort]

Added:

• tilt dev environment

Updated:

• go version -> v1.23.4
• kustomize version -> v5.5.0
• golangci-lint version -> v1.62.2
• controller-gen -> v0.16.5

What is tilt: https://tilt.dev/
Documentation: https://docs.tilt.dev/

Summary by CodeRabbit

• New Features

  • Introduced a new YAML configuration for ctlptl-kind defining a Registry and a Cluster.
  • Added a Tiltfile for configuring Kubernetes deployment settings.

• Updates

  • Updated Go version from 1.22.4 to 1.23.4 across multiple workflows and configuration files.
  • Enhanced Makefile with new variables and updated tool versions.
  • Updated Custom Resource Definitions (CRDs) for EtcdCluster and etcdclusters to reflect new statuses and improved descriptions.

• Bug Fixes

  • Adjusted role permissions in ClusterRole to include services and remove persistentvolumeclaims.

[coderabbitai]

Walkthrough

The pull request introduces several updates across multiple files, primarily focusing on upgrading the Go programming language version from 1.22.4 to 1.23.4 in various configurations, including Dockerfiles and GitHub Actions workflows. Additionally, the Makefile has been enhanced with new targets and updated tool versions, while a new Tiltfile has been added to configure Kubernetes deployments. New YAML configuration files for ctlptl-kind and local-registry-configmap have been introduced, and several Custom Resource Definitions (CRDs) have been modified to reflect changes in their schemas.

Changes

File	Change Summary
Dockerfile	Base image updated from golang:1.22.4 to golang:1.23.4.
Makefile	Added variables GOARCH, GOOS, CTLPTL, TILT, CTLPTL_VERSION, and TILT_VERSION. Updated versions for KUSTOMIZE, CONTROLLER_TOOLS, and GOLANGCI_LINT. New phony targets added.
Tiltfile	New file added to configure Kubernetes settings, including deploying cert-manager and waiting for system readiness.
config/dev/ctlptl-kind.yaml	New YAML configuration file defining Registry and Cluster resources for ctlptl-kind.
config/dev/kustomization.yaml	Added resources local-registry-configmap.yaml and ../default.
config/dev/local-registry-configmap.yaml	New ConfigMap local-registry-hosting added in kube-public namespace.
go.mod	Go version updated from 1.22.4 to 1.23.4. Multiple dependencies updated to newer versions.
charts/etcd-operator/crds/etcd-cluster.yaml	Updated CRD for EtcdCluster, changing annotation and modifying schema definitions, including status updates.
config/crd/bases/etcd.aenix.io_etcdclusters.yaml	Updated CRD with similar changes as above, including annotation and schema modifications.
config/rbac/role.yaml	Updated ClusterRole to add services resource and modify/remove other resources.
.github/workflows/make-test-e2e.yaml	Updated go-version from 1.22.4 to 1.23.4.
.github/workflows/make-test.yaml	Updated go-version from 1.22.4 to 1.23.4.
.github/workflows/nilaway-lint.yaml	Updated go-version from 1.22.4 to 1.23.4.
.github/workflows/pre-commit.yaml	Updated go-version from 1.22.4 to 1.23.4.
.github/workflows/release-assets.yaml	Updated go-version from 1.22.4 to 1.23.4.

Poem

In the meadow where the code does bloom,
A rabbit hops, dispelling gloom.
With Go upgraded, tools refined,
New features sprout, all intertwined.
Let's cheer for changes, fresh and bright,
In our coding burrow, all feels right! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Outside diff range and nitpick comments (6)

config/dev/ctlptl-kind.yaml (1)

1-4: Consider securing the local registry

While the registry configuration is correct for local development, consider adding security measures:

• Add TLS configuration for secure communication
• Implement authentication to prevent unauthorized access

Tiltfile (4)

10-11: Consider using environment variables for binary paths

The hard-coded paths for kubectl and kustomize might not work across different development environments. Consider making these configurable through environment variables.

-    "kubectl": "/usr/local/bin/kubectl",
-    "kustomize": "./bin/kustomize",
+    "kubectl": os.getenv("KUBECTL_PATH", "/usr/local/bin/kubectl"),
+    "kustomize": os.getenv("KUSTOMIZE_PATH", "./bin/kustomize"),

---

33-34: Fix incorrect comment in waitforsystem function

The comment mentions "metal-operator" but the function is waiting for "etcd-operator-system" namespace pods.

-    print("Waiting for metal-operator to start")
+    print("Waiting for etcd-operator to start")

---

39-39: Make Docker image reference configurable

The Docker image reference is hard-coded. Consider making it configurable through settings or environment variables.

-docker_build('ghcr.io/aenix-io/etcd-operator', '.')
+docker_build(settings.get("docker_image", "ghcr.io/aenix-io/etcd-operator"), '.')

---

41-43: Add error handling for kustomize command

Consider adding error handling for the kustomize command to provide better feedback if the configuration fails to load.

-yaml = kustomize("./config/dev", kustomize_bin=kustomize_binary)
-k8s_yaml(yaml)
+try:
+    yaml = kustomize("./config/dev", kustomize_bin=kustomize_binary)
+    k8s_yaml(yaml)
+except Exception as e:
+    fail("Failed to load kustomize configuration: %s" % str(e))

Makefile (1)

339-342: Consider adding version verification for ctlptl

The ctlptl installation could be improved with version verification similar to other tools in the Makefile.

 .PHONY: ctlptl
 ctlptl: $(LOCALBIN)
-	@test -x $(CTLPTL) && $(CTLPTL) version | grep -q $(CTLPTL_VERSION) || \
+	@if test -x $(CTLPTL) && ! $(CTLPTL) version | grep -q $(CTLPTL_VERSION); then \
+		rm -f $(CTLPTL); \
+	fi
+	@test -x $(CTLPTL) || \
 	GOBIN=$(LOCALBIN) go install github.com/tilt-dev/ctlptl/cmd/ctlptl@$(CTLPTL_VERSION)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between a8076da and f2be041.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (8)

• Dockerfile (1 hunks)
• Makefile (3 hunks)
• Tiltfile (1 hunks)
• config/dev/ctlptl-kind.yaml (1 hunks)
• config/dev/kustomization.yaml (1 hunks)
• config/dev/local-registry-configmap.yaml (1 hunks)
• go.mod (1 hunks)
• site/content/en/docs/v0.4/reference/api.md (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• config/dev/local-registry-configmap.yaml

🧰 Additional context used

🪛 Markdownlint (0.35.0)

site/content/en/docs/v0.4/reference/api.md

170-170: null
Link fragments should be valid

(MD051, link-fragments)

---

171-171: null
Link fragments should be valid

(MD051, link-fragments)

🔇 Additional comments (7)

config/dev/kustomization.yaml (1)

1-3: Verify referenced resources exist

The configuration looks correct, but let's ensure the referenced resources are present.

✅ Verification successful

Resources referenced in kustomization.yaml exist and are properly configured

Both required resources are present in their expected locations:

• config/dev/local-registry-configmap.yaml
• config/default/kustomization.yaml

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if referenced resources exist
echo "Checking for local-registry-configmap.yaml..."
fd "local-registry-configmap.yaml" config/dev

echo "Checking for default kustomization..."
fd "kustomization.yaml" config/default

Length of output: 345

config/dev/ctlptl-kind.yaml (1)

6-13: IPVS mode configuration looks good

The cluster configuration is well-structured:

• Descriptive cluster name with environment suffix
• IPVS mode for better proxy performance
• Correct reference to the registry

✅ Verification successful

Let me gather more information about the IPVS configuration across the codebase to ensure there are no conflicting configurations.

---

IPVS mode configuration is consistently applied

The verification shows that:

• IPVS mode is consistently configured as "ipvs" in both development (config/dev/ctlptl-kind.yaml) and test (test/e2e/config.yaml) environments
• No conflicting kube-proxy mode configurations were found
• The API version ctlptl.dev/v1alpha1 is used consistently

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify ctlptl API version compatibility
echo "Checking for other ctlptl configurations..."
rg "ctlptl.dev/v1alpha1" --type yaml

Length of output: 253

---

Script:

#!/bin/bash
# Check for any other kube-proxy mode configurations
echo "Checking for other kube-proxy mode configurations..."
rg "kubeProxyMode" --type yaml -A 1

# Check for any other kind cluster configurations
echo -e "\nChecking for other kind cluster configurations..."
fd -e yaml -e yml . | xargs grep -l "kind: Cluster" || true

Length of output: 1076

site/content/en/docs/v0.4/reference/api.md (1)

170-171: LGTM! Documentation links updated correctly

The changes properly update the IntOrString references to use internal links instead of external Kubernetes API documentation links, making the documentation more maintainable.

🧰 Tools

🪛 Markdownlint (0.35.0)

170-170: null
Link fragments should be valid

(MD051, link-fragments)

---

171-171: null
Link fragments should be valid

(MD051, link-fragments)

Makefile (4)

251-252: LGTM: Variable declarations follow Makefile conventions

The new variables for ctlptl and tilt binaries are properly defined with the ?= operator allowing for override, and follow the existing pattern of binary declarations in the Makefile.

Also applies to: 273-274

---

344-359: LGTM: Robust OS/arch detection for Tilt installation

The Tilt installation target correctly handles different operating systems and architectures:

1. Proper OS detection for Darwin/Mac
2. Architecture detection using GOARCH
3. Clean installation process with proper cleanup

---

361-364: Verify the ctlptl configuration

The tilt-up target looks good but we should verify the contents of the ctlptl configuration file.

✅ Verification successful

The ctlptl configuration is valid and well-structured

The configuration file contains proper definitions for both a local registry and a Kind cluster:

• Registry is configured on port 5000
• Kind cluster named 'etcd-operator-dev' is properly configured with IPVS proxy mode
• Both resources use the correct API version (ctlptl.dev/v1alpha1)

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check the ctlptl configuration file

echo "Checking ctlptl configuration..."
if [ -f config/dev/ctlptl-kind.yaml ]; then
    cat config/dev/ctlptl-kind.yaml
else
    echo "Warning: ctlptl configuration file not found at config/dev/ctlptl-kind.yaml"
fi

Length of output: 392

---

256-256: Verify compatibility with updated tool versions

The updates to Kustomize (v5.5.0) and golangci-lint (v1.62.2) versions are significant changes.

Run this script to check for any breaking changes or compatibility issues:

Also applies to: 261-261

✅ Verification successful

Breaking changes detected in Kustomize v5.5.0 - Starlark support removed

The Kustomize update includes a breaking change: Starlark support for KRM functions has been removed. This feature was deprecated 3 years ago. Let's verify if this impacts the codebase.

---

Tool version updates appear safe to proceed

The breaking change in Kustomize v5.5.0 (removal of Starlark support) does not impact this codebase as there are no Starlark functions or KRM function configurations in use. The golangci-lint update to v1.62.2 contains only dependency updates and minor fixes with no breaking changes.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check release notes for breaking changes in updated tools

# Check Kustomize release notes
echo "Checking Kustomize v5.5.0 release notes..."
gh api repos/kubernetes-sigs/kustomize/releases/tags/kustomize/v5.5.0 --jq .body

# Check golangci-lint release notes
echo "Checking golangci-lint v1.62.2 release notes..."
gh api repos/golangci/golangci-lint/releases/tags/v1.62.2 --jq .body

Length of output: 2074

---

Script:

#!/bin/bash
# Search for any Starlark-related usage in Kustomize configurations
echo "Searching for Starlark function references..."
rg -l "starlark" --type yaml
rg -l "\.star" --type yaml

# Look for .star files that might be Starlark scripts
echo -e "\nSearching for .star files..."
fd -e star

# Search for KRM function configurations
echo -e "\nSearching for KRM function configurations..."
rg -l "kind:\s+Function" --type yaml

Length of output: 388

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 2

🧹 Outside diff range and nitpick comments (1)

config/crd/bases/etcd.aenix.io_etcdclusters.yaml (1)

874-874: Document VolumeAttributesClass feature gate requirement

The VolumeAttributesClass feature has been promoted to beta status but requires explicit feature gate enablement. This affects volume management capabilities in the etcd cluster.

Consider adding documentation or deployment notes to clarify:

1. How to enable the VolumeAttributesClass feature gate
2. Impact on existing deployments
3. Migration steps if needed

Also applies to: 977-977, 983-983

🛑 Comments failed to post (2)

config/rbac/role.yaml (1)

32-32: 💡 Codebase verification

Removing persistentvolumeclaims resource permission will break functionality

The PVC resource permission is actively used in the codebase:

• The controller requires PVC permissions as indicated by the RBAC marker +kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=get;list;patch;watch
• The API types (etcdcluster_types.go) include PVC-related fields using corev1.PersistentVolumeClaimSpec and corev1.PersistentVolumeClaimStatus

🔗 Analysis chain

Verify impact of removing persistentvolumeclaims resource

The removal of persistentvolumeclaims resource might affect storage management capabilities. Please ensure this doesn't break existing functionality.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for PVC-related code to verify if the permission is still needed
rg -l 'persistentvolumeclaim' --type go

# Search for PVC creation/management in the codebase
ast-grep --pattern 'CreatePersistentVolumeClaim($$$)'
ast-grep --pattern 'GetPersistentVolumeClaim($$$)'

Length of output: 228

---

Script:

#!/bin/bash
# Let's check the actual usage context of PVC in the controller and types
rg 'persistentvolumeclaim' -B 2 -A 2 internal/controller/etcdcluster_controller.go api/v1alpha1/etcdcluster_types.go

# Also check for any PVC-related functions or methods
ast-grep --pattern 'func $$$PersistentVolumeClaim$$$'

# Check for any PVC-related struct fields or types
ast-grep --pattern 'type $$$PersistentVolumeClaim$$$'

Length of output: 1820

site/content/en/docs/v0.4/reference/api.md (1)

170-171: ⚠️ Potential issue

Fix invalid link fragments in documentation

The #intorstring link fragments in the documentation are invalid. Please ensure these links point to the correct anchor tags.

-| `minAvailable` _[IntOrString](#intorstring)_ |
+| `minAvailable` _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30.0/#intorstring-intstr-util)_ |
-| `maxUnavailable` _[IntOrString](#intorstring)_ |
+| `maxUnavailable` _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30.0/#intorstring-intstr-util)_ |

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

| `minAvailable` _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30.0/#intorstring-intstr-util)_ | MinAvailable describes minimum ready replicas. If both are empty, controller will implicitly<br />calculate MaxUnavailable based on number of replicas<br />Mutually exclusive with MaxUnavailable. |  |  |
| `maxUnavailable` _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30.0/#intorstring-intstr-util)_ | MinAvailable describes maximum not ready replicas. If both are empty, controller will implicitly<br />calculate MaxUnavailable based on number of replicas<br />Mutually exclusive with MinAvailable |  |  |

🧰 Tools

🪛 Markdownlint (0.35.0)

170-170: null
Link fragments should be valid

(MD051, link-fragments)

---

171-171: null
Link fragments should be valid

(MD051, link-fragments)

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (2)

.github/workflows/make-test-e2e.yaml (1)

Line range hint 1-42: Ensure consistent Go version across all workflows

The Go version update to 1.23.4 appears in multiple workflow files. This is a significant version bump that requires careful coordination.

Consider the following recommendations:

1. Document the minimum Go version requirement in the project README
2. Update the development setup instructions for local development with Tilt
3. Consider using a centralized version variable in the workflows to maintain consistency

Makefile (1)

352-359: Improve Tilt installation robustness

The Tilt installation process could be improved:

1. Add checksum verification for security
2. Use mktemp for temporary file
3. Add error handling

-TILT_ARCHIVE=tilt.$(TILT_VERSION).$(TILT_OS).$(TILT_ARCH).tar.gz
+TILT_ARCHIVE_NAME=tilt.$(TILT_VERSION).$(TILT_OS).$(TILT_ARCH).tar.gz
 .PHONY: tilt
 tilt: $(LOCALBIN)
-	@test -x $(TILT) && $(TILT) version | grep -q $(TILT_VERSION) || \
-	rm -f $(TILT) && \
-	curl -sL https://github.com/tilt-dev/tilt/releases/download/v$(TILT_VERSION)/$(TILT_ARCHIVE) -o /tmp/$(TILT_ARCHIVE) && \
-	tar xzf /tmp/$(TILT_ARCHIVE) -C $(LOCALBIN) && \
-	rm -f /tmp/$(TILT_ARCHIVE)
+	@if ! test -x $(TILT) || ! $(TILT) version | grep -q $(TILT_VERSION); then \
+		TMPDIR=$$(mktemp -d) && \
+		trap 'rm -rf "$$TMPDIR"' EXIT && \
+		curl -sL https://github.com/tilt-dev/tilt/releases/download/v$(TILT_VERSION)/$(TILT_ARCHIVE_NAME) -o "$$TMPDIR/$(TILT_ARCHIVE_NAME)" && \
+		curl -sL https://github.com/tilt-dev/tilt/releases/download/v$(TILT_VERSION)/$(TILT_ARCHIVE_NAME).sha256 -o "$$TMPDIR/$(TILT_ARCHIVE_NAME).sha256" && \
+		cd "$$TMPDIR" && sha256sum -c "$(TILT_ARCHIVE_NAME).sha256" && \
+		tar xzf "$(TILT_ARCHIVE_NAME)" -C $(LOCALBIN) || exit 1; \
+	fi

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 1db0381 and cccb072.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (15)

• .github/workflows/make-test-e2e.yaml (1 hunks)
• .github/workflows/make-test.yaml (1 hunks)
• .github/workflows/nilaway-lint.yaml (1 hunks)
• .github/workflows/pre-commit.yaml (1 hunks)
• .github/workflows/release-assets.yaml (1 hunks)
• Dockerfile (1 hunks)
• Makefile (3 hunks)
• Tiltfile (1 hunks)
• charts/etcd-operator/crds/etcd-cluster.yaml (8 hunks)
• config/crd/bases/etcd.aenix.io_etcdclusters.yaml (8 hunks)
• config/dev/ctlptl-kind.yaml (1 hunks)
• config/dev/kustomization.yaml (1 hunks)
• config/dev/local-registry-configmap.yaml (1 hunks)
• config/rbac/role.yaml (2 hunks)
• go.mod (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/nilaway-lint.yaml

🚧 Files skipped from review as they are similar to previous changes (8)

• config/dev/kustomization.yaml
• config/dev/local-registry-configmap.yaml
• Dockerfile
• Tiltfile
• config/dev/ctlptl-kind.yaml
• config/rbac/role.yaml
• charts/etcd-operator/crds/etcd-cluster.yaml
• config/crd/bases/etcd.aenix.io_etcdclusters.yaml

🔇 Additional comments (6)

.github/workflows/pre-commit.yaml (1)

13-13: Verify pre-commit hooks compatibility with Go 1.23

While updating to Go 1.23.4 is good for staying current, this is a major version update that warrants verification of pre-commit hook compatibility.

✅ Verification successful

Go version update is compatible with pre-commit hooks

The pre-commit hooks use standard Go toolchain commands (go fmt, go vet, go mod tidy) and golangci-lint, which are all forward-compatible. The go.mod file already specifies Go 1.23.4, indicating the codebase is prepared for this version.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check .pre-commit-config.yaml for any Go-related hooks and their versions
if [ -f ".pre-commit-config.yaml" ]; then
    echo "Checking .pre-commit-config.yaml for Go-related hooks:"
    rg -A 5 "golang|go" .pre-commit-config.yaml
fi

Length of output: 201

---

Script:

#!/bin/bash
# Let's check what pre-commit hooks are actually configured
if [ -f ".pre-commit-config.yaml" ]; then
    echo "Content of .pre-commit-config.yaml:"
    cat .pre-commit-config.yaml
fi

# Also check if there are any Go-related files in the repo
echo -e "\nChecking for Go files in the repository:"
fd -e go

Length of output: 3338

---

Script:

#!/bin/bash
# Let's check the Makefile to understand what Go-related commands are used in pre-commit hooks
echo "Checking Go-related commands in Makefile:"
if [ -f "Makefile" ]; then
    echo "=== fmt target ==="
    rg -A 3 "^fmt:" Makefile
    echo -e "\n=== vet target ==="
    rg -A 3 "^vet:" Makefile
    echo -e "\n=== lint-fix target ==="
    rg -A 3 "^lint-fix:" Makefile
    echo -e "\n=== mod-tidy target ==="
    rg -A 3 "^mod-tidy:" Makefile
fi

# Check if there's a go.mod file and its Go version
echo -e "\nChecking go.mod version:"
if [ -f "go.mod" ]; then
    rg "^go " go.mod
fi

Length of output: 887

.github/workflows/make-test.yaml (1)

29-29: Verify Go 1.23 compatibility with test matrix

The workflow tests against multiple Kubernetes versions. Please ensure Go 1.23.4 is compatible with all tested K8s versions (v1.28.0, v1.29.0, latest).

✅ Verification successful

Let me gather more information about the Kubernetes version compatibility.

---

Let me check the specific Kubernetes version matrix in the test workflows.

---

Go 1.23.4 is compatible with the test matrix

Based on the verification:

• The codebase uses Kubernetes v0.31.0 dependencies (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go)
• Test workflows run against K8s v1.28.0, v1.29.0, and latest versions
• Go 1.23.4 is explicitly set as the required version in go.mod
• Both test workflows (make-test.yaml and make-test-e2e.yaml) use the same Go and K8s version matrix

The Go version is compatible with the Kubernetes versions in the test matrix, as K8s v1.28+ supports Go 1.23.x.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check go.mod for kubernetes-related dependencies
echo "Checking go.mod for k8s dependencies:"
rg "k8s.io/" go.mod

# Check for any version constraints in go.mod
echo -e "\nChecking version constraints:"
if [ -f "go.mod" ]; then
    cat go.mod | awk '/^go / {print "Go version requirement: " $2}'
fi

Length of output: 776

---

Script:

#!/bin/bash
# Check the kubernetes version requirements in go.mod
echo "Checking k8s.io/api version details:"
rg -A 2 "k8s.io/api" go.mod

# Check if there are any version-specific tests or configurations
echo -e "\nChecking for k8s version-specific test configurations:"
fd -e yaml -e yml . .github/workflows/ --exec rg -l "kubernetes|k8s.*version"

# Check for any kubernetes version constraints in test files
echo -e "\nChecking test files for k8s version constraints:"
fd -e go -g "*_test.go" . --exec rg "kubernetes.*version|k8s.*version"

Length of output: 855

---

Script:

#!/bin/bash
# Check the Kubernetes version matrix in test workflows
echo "Checking make-test.yaml for k8s version matrix:"
cat .github/workflows/make-test.yaml

echo -e "\nChecking make-test-e2e.yaml for k8s version matrix:"
cat .github/workflows/make-test-e2e.yaml

Length of output: 2734

.github/workflows/make-test-e2e.yaml (1)

29-29: Verify Go 1.23 compatibility with E2E test environment

The E2E test environment involves multiple components (buildx, kubectl). Please ensure all components are compatible with Go 1.23.4.

✅ Verification successful

Let me gather more information about the E2E test dependencies and environment.

---

Based on the analysis of the shell script outputs, I can now provide a final response:

Go 1.23.4 update is consistent across the codebase

The Go version 1.23.4 is consistently used across:

• All GitHub workflows (.github/workflows/*)
• Dockerfile
• E2E test environment uses standard Go packages and well-maintained frameworks:
  • github.com/onsi/ginkgo/v2
  • github.com/onsi/gomega
  • go.etcd.io/etcd/client/v3

These testing frameworks are actively maintained and support the latest Go versions.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for E2E test framework dependencies
echo "Checking for E2E test framework in go.mod:"
rg "test|e2e" go.mod

# Look for Docker-related files that might need updating
echo -e "\nChecking Dockerfile Go versions:"
fd Dockerfile | xargs rg "golang:"

Length of output: 274

---

Script:

#!/bin/bash
# Check E2E test files and their imports
echo "Checking E2E test files and their dependencies:"
fd -e go -E vendor test_e2e
fd -e go -E vendor e2e

# Check GitHub workflow files for any other Go version references
echo -e "\nChecking workflow files for Go versions:"
fd -e yaml -e yml . .github/workflows/ | xargs rg "go-version"

# Look for test framework imports in Go files
echo -e "\nChecking test framework imports:"
rg "import \(" -A 10 $(fd -e go -E vendor test_e2e)
rg "import \(" -A 10 $(fd -e go -E vendor e2e)

Length of output: 26878

go.mod (2)

3-3: Invalid Go version specified

---

15-19: Verify compatibility with updated Kubernetes dependencies

The update of multiple Kubernetes-related packages (api, apimachinery, client-go, utils, controller-runtime) should be tested thoroughly to ensure compatibility.

✅ Verification successful

Based on the comprehensive analysis of the codebase, I can now provide a final response:

Kubernetes dependency updates appear safe to proceed

The codebase shows consistent and standard usage of Kubernetes APIs:

• Uses stable v1 APIs (core/v1, apps/v1, policy/v1)
• No usage of deprecated or beta APIs detected
• Clean dependency structure with controller-runtime v0.19.0 which is compatible with Kubernetes 0.31.0
• No custom usage patterns that would be affected by API changes

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for breaking changes in Kubernetes dependencies

# Check for any deprecated API usage
rg -A 3 "k8s.io/(api|apimachinery|client-go).*deprecated"

# Check for any beta API usage that might be affected
rg "k8s.io/api/.*/v1beta[0-9]"

Length of output: 92

---

Script:

#!/bin/bash
# Let's check for any direct imports of k8s.io packages to understand usage patterns
rg --type go "^import.*k8s.io/(api|apimachinery|client-go)" -A 3

# Also check for any specific version constraints in go.mod
cat go.mod

# Check for any replace directives that might affect compatibility
rg "replace.*k8s.io" go.mod

# Look for any kubernetes version references in documentation or configs
fd -e yaml -e md | xargs rg "kubernetes.*version|k8s.*version" -i

Length of output: 4691

---

Script:

#!/bin/bash
# Let's check the actual Kubernetes API usage in the codebase
rg --type go -B 2 -A 2 "k8s.io/api/" 

# Check for any custom resource definitions or API types
fd -e yaml | xargs rg "apiVersion:"

# Look for controller-runtime version-specific features
rg --type go "sigs.k8s.io/controller-runtime"

# Check for any explicit version-related code
rg --type go "v1\.|v1alpha|v1beta"

Length of output: 65793

Makefile (1)

256-261: Verify compatibility with updated tool versions

Multiple tool versions have been updated:

• Kustomize: v5.5.0
• Controller Tools: v0.16.5
• Golangci-lint: v1.62.2

Please ensure these versions are compatible with the project's requirements.

✅ Verification successful

Let me analyze the results and generate the final response.

Tool version updates are compatible with the codebase

The codebase inspection shows:

• Kustomize v5.5.0: The patches usage in config/ follows the current syntax and no deprecated features are found
• Controller-tools v0.16.5: All kubebuilder markers are using standard patterns (RBAC rules, webhooks, object definitions) that are supported in recent versions
• The codebase follows modern Kubernetes controller patterns and doesn't use any deprecated features

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for any breaking changes in tool configurations

# Check for deprecated kustomize features
rg -A 3 "bases:|patches:" config/

# Check for controller-gen markers that might be affected
rg -A 2 "//\s*\+kubebuilder:"

Length of output: 6579

[kvaps]

LGTM

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (2)

Tiltfile (2)

18-20: Enhance context validation with error handling

The context validation could be more robust with proper error handling and user feedback.

 if "allowed_contexts" in settings:
+    contexts = settings.get("allowed_contexts")
+    if not contexts:
+        fail("No allowed Kubernetes contexts specified in settings")
-    allow_k8s_contexts(settings.get("allowed_contexts"))
+    allow_k8s_contexts(contexts)
+else:
+    fail("Missing 'allowed_contexts' in settings")

---

31-34: Add version tagging for Docker image

The Docker build should include proper version tagging for better image management and traceability.

 def prepare_etcd_operator():
-    docker_build('ghcr.io/aenix-io/etcd-operator', '.')
+    # Read version from VERSION file or environment
+    version = str(local('cat VERSION', quiet=True)).strip()
+    image_name = 'ghcr.io/aenix-io/etcd-operator'
+    docker_build(
+        image_name,
+        '.',
+        tag=version,
+        build_args={'VERSION': version}
+    )
     return kustomize("./config/dev", kustomize_bin=kustomize_binary)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c814e14 and 6fd1047.

📒 Files selected for processing (2)

• Makefile (5 hunks)
• Tiltfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• Makefile

🔇 Additional comments (1)

Tiltfile (1)

1-11: Verify cert-manager version compatibility

The cert-manager version is hardcoded to v1.15.3. Please ensure this version is compatible with the Kubernetes version used in the development environment.

✅ Verification successful

Cert-manager version v1.15.3 is compatible with development environment

The development environment uses Kubernetes v1.30.0 (from Makefile), and cert-manager v1.15.3 is within an acceptable version range. While v1.16.2 is the latest available, v1.15.3 is a recent stable version that doesn't pose compatibility issues with K8s v1.30.0. The version choice appears deliberate and suitable for the development environment.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check latest cert-manager releases and compatibility
# Get latest cert-manager release
echo "Latest cert-manager release:"
gh api repos/cert-manager/cert-manager/releases/latest --jq .tag_name

# Check for any breaking changes or compatibility issues in release notes
echo -e "\nRecent releases and compatibility notes:"
gh api repos/cert-manager/cert-manager/releases --jq '.[0:3] | .[] | {version: .tag_name, body: .body}' | grep -i -A 5 "compatibility\|breaking"

Length of output: 390

---

Script:

#!/bin/bash
# Let's check the Kubernetes version used in the development environment
# First, check if there are any Kubernetes version references in the codebase
echo "Searching for Kubernetes version references:"
rg -i "kubernetes.*version|k8s.*version" -A 2

# Check for kind configuration which might specify K8s version
echo -e "\nChecking kind configuration files:"
fd -e yaml -e yml . | xargs rg -l "kind:" | xargs rg "image:|version:" -A 1

# Look for any documentation about development environment setup
echo -e "\nChecking README and docs for environment setup:"
fd "README|CONTRIBUTING" | xargs cat

Length of output: 15350

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

Makefile (1)

365-372: Improve temporary directory cleanup handling.

While the temporary directory cleanup is implemented, it could be more robust.

Consider this improvement:

-    	TMPDIR=$$(mktemp -d) && \
-    	trap 'rm -rf "$$TMPDIR"' EXIT && \
+    	TMPDIR=$$(mktemp -d) && \
+    	trap 'rm -rf "$$TMPDIR"' EXIT ERR && \

This ensures cleanup even if the script exits due to an error.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6fd1047 and 38eb90d.

📒 Files selected for processing (2)

• Makefile (7 hunks)
• Tiltfile (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• Tiltfile

🔇 Additional comments (6)

Makefile (6)

16-17: LGTM! Good practice for cross-platform compatibility.

The addition of GOARCH and GOOS variables using go env ensures correct tool downloads across different platforms.

---

283-288: LGTM! Robust kubectl installation target.

The implementation includes:

• Version checking to prevent unnecessary downloads
• Retry mechanism for resilient downloads
• Platform-specific binary downloads

---

349-352: LGTM! Consistent implementation with other tool targets.

The ctlptl installation target follows the established pattern with proper version checking.

---

354-358: LGTM! Good platform compatibility handling.

The OS detection for Darwin/Mac ensures proper platform compatibility.

---

374-382: LGTM! Well-structured Tilt workflow targets.

The tilt-up and tilt-cleanup targets provide a complete workflow for managing the development environment.

---

Line range hint 243-277: Verify compatibility with the updated tool versions.

Significant version updates have been made to several tools. Please ensure:

1. The new Kustomize version (v5.5.0) is compatible with your existing kustomization files
2. The Controller Tools update (v0.16.5) doesn't introduce breaking changes in CRD generation
3. The new Golangci-lint version (v1.62.2) doesn't introduce false positives

✅ Verification successful

The previous attempt failed because the tools weren't available in the sandbox environment. Instead, we'll examine the source files directly to identify potential compatibility issues with the updated versions.

---

Tool version updates appear safe to proceed

Based on the examination of the codebase:

1. Kustomization files use standard Kubernetes resources and basic kustomize features that are backward compatible with v5.5.0
2. The CRD definition uses standard kubebuilder markers and k8s types that are compatible with controller-gen v0.16.5
3. No golangci-lint configuration file was found, suggesting default rules are used, which are generally safe across versions

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for potential breaking changes in kustomization files
echo "Checking kustomization files compatibility..."
fd kustomization.yaml --exec $(LOCALBIN)/kustomize build --load-restrictor LoadRestrictionsNone {} \;

# Verify CRD generation with new controller-gen
echo "Verifying CRD generation..."
$(LOCALBIN)/controller-gen rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases

# Check for any new linting issues
echo "Checking for new linting issues..."
$(LOCALBIN)/golangci-lint run --new-from-rev=HEAD~1

Length of output: 1437

---

Script:

#!/bin/bash
# Let's check for any breaking changes in kustomization files by examining their content
echo "Checking kustomization files structure..."
fd kustomization.yaml --type f -x cat {}

# Let's examine CRD definitions for potential incompatibilities
echo -e "\nChecking CRD definitions..."
fd '.*_types.go' --type f -x cat {}

# Let's check for any existing linter configurations
echo -e "\nChecking linter configuration..."
fd -g '.golangci.yml' -g '.golangci.yaml' --type f -x cat {}

Length of output: 20239