fix: use the latest Fleet package to ensure API compatibility

Makefile

@@ -39,7 +39,8 @@ GOLANGCI_LINT := $(abspath $(TOOLS_BIN_DIR)/$(GOLANGCI_LINT_BIN)-$(GOLANGCI_LINT
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
 ENVTEST_K8S_VERSION = 1.24.x
 # ENVTEST_VER is the version of the ENVTEST binary
-ENVTEST_VER = latest
+# Use a fixed version to avoid Go version conflicts.
+ENVTEST_VER = v0.0.0-20240317073005-bd9ea79e8d18
 ENVTEST_BIN := setup-envtest
 ENVTEST :=  $(abspath $(TOOLS_BIN_DIR)/$(ENVTEST_BIN)-$(ENVTEST_VER))
 

cmd/hub-net-controller-manager/main.go

@@ -22,6 +22,8 @@ import (
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
+	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
 	//+kubebuilder:scaffold:imports
 
@@ -74,9 +76,13 @@ func main() {
 	})
 
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
-		Scheme:                  scheme,
-		MetricsBindAddress:      *metricsAddr,
-		Port:                    9443,
+		Scheme: scheme,
+		Metrics: metricsserver.Options{
+			BindAddress: *metricsAddr,
+		},
+		WebhookServer: webhook.NewServer(webhook.Options{
+			Port: 9443,
+		}),
 		HealthProbeBindAddress:  *probeAddr,
 		LeaderElection:          *enableLeaderElection,
 		LeaderElectionNamespace: *leaderElectionNamespace,

cmd/mcs-controller-manager/main.go

@@ -21,7 +21,10 @@ import (
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2"
+	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
+	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -193,24 +196,37 @@ func prepareHubParameters(memberConfig *rest.Config) (*rest.Config, *ctrl.Option
 	}
 
 	hubOptions := &ctrl.Options{
-		Scheme:                  scheme,
-		MetricsBindAddress:      *hubMetricsAddr,
-		Port:                    9443,
+		Scheme: scheme,
+		Metrics: metricsserver.Options{
+			BindAddress: *hubMetricsAddr,
+		},
+		WebhookServer: webhook.NewServer(webhook.Options{
+			Port: 9443,
+		}),
 		HealthProbeBindAddress:  *hubProbeAddr,
 		LeaderElection:          *enableLeaderElection,
 		LeaderElectionID:        "2bf2b407.mcs.hub.networking.fleet.azure.com",
 		LeaderElectionNamespace: *leaderElectionNamespace, // This requires we have access to resource "leases" in API group "coordination.k8s.io" under leaderElectionNamespace.
 		LeaderElectionConfig:    memberConfig,
-		Namespace:               mcHubNamespace, // Restricts the manager's cache to watch objects in the member hub namespace.
+		// Restricts the manager's cache to watch objects in the member hub namespace.
+		Cache: cache.Options{
+			DefaultNamespaces: map[string]cache.Config{
+				mcHubNamespace: {},
+			},
+		},
 	}
 	return hubConfig, hubOptions, nil
 }
 
 func prepareMemberParameters() (*rest.Config, *ctrl.Options) {
 	memberOpts := &ctrl.Options{
-		Scheme:                  scheme,
-		MetricsBindAddress:      *metricsAddr,
-		Port:                    8443,
+		Scheme: scheme,
+		Metrics: metricsserver.Options{
+			BindAddress: *metricsAddr,
+		},
+		WebhookServer: webhook.NewServer(webhook.Options{
+			Port: 8443,
+		}),
 		HealthProbeBindAddress:  *probeAddr,
 		LeaderElection:          *enableLeaderElection,
 		LeaderElectionNamespace: *leaderElectionNamespace,

cmd/member-net-controller-manager/main.go

@@ -26,8 +26,11 @@ import (
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
+	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
 	//+kubebuilder:scaffold:imports
 	clusterv1beta1 "go.goms.io/fleet/apis/cluster/v1beta1"
@@ -199,24 +202,37 @@ func prepareHubParameters(memberConfig *rest.Config) (*rest.Config, *ctrl.Option
 	}
 
 	hubOptions := &ctrl.Options{
-		Scheme:                  scheme,
-		MetricsBindAddress:      *hubMetricsAddr,
-		Port:                    9443,
+		Scheme: scheme,
+		Metrics: metricsserver.Options{
+			BindAddress: *hubMetricsAddr,
+		},
+		WebhookServer: webhook.NewServer(webhook.Options{
+			Port: 9443,
+		}),
 		HealthProbeBindAddress:  *hubProbeAddr,
 		LeaderElection:          *enableLeaderElection,
 		LeaderElectionID:        "2bf2b407.hub.networking.fleet.azure.com",
 		LeaderElectionNamespace: *leaderElectionNamespace, // This requires we have access to resource "leases" in API group "coordination.k8s.io" under leaderElectionNamespace.
 		LeaderElectionConfig:    memberConfig,
-		Namespace:               mcHubNamespace, // Restricts the manager's cache to watch objects in the member hub namespace.
+		// Restricts the manager's cache to watch objects in the member hub namespace.
+		Cache: cache.Options{
+			DefaultNamespaces: map[string]cache.Config{
+				mcHubNamespace: {},
+			},
+		},
 	}
 	return hubConfig, hubOptions, nil
 }
 
 func prepareMemberParameters() (*rest.Config, *ctrl.Options) {
 	memberOpts := &ctrl.Options{
-		Scheme:                  scheme,
-		MetricsBindAddress:      *metricsAddr,
-		Port:                    8443,
+		Scheme: scheme,
+		Metrics: metricsserver.Options{
+			BindAddress: *metricsAddr,
+		},
+		WebhookServer: webhook.NewServer(webhook.Options{
+			Port: 8443,
+		}),
 		HealthProbeBindAddress:  *probeAddr,
 		LeaderElection:          *enableLeaderElection,
 		LeaderElectionNamespace: *leaderElectionNamespace,

config/crd/bases/networking.fleet.azure.com_endpointsliceexports.yaml

@@ -140,31 +140,40 @@ spec:
                   description: EndpointPort represents a Port used by an EndpointSlice
                   properties:
                     appProtocol:
-                      description: The application protocol for this port. This field
-                        follows standard Kubernetes label syntax. Un-prefixed names
-                        are reserved for IANA standard service names (as per RFC-6335
-                        and https://www.iana.org/assignments/service-names). Non-standard
-                        protocols should use prefixed names such as mycompany.com/my-custom-protocol.
+                      description: "The application protocol for this port. This is
+                        used as a hint for implementations to offer richer behavior
+                        for protocols that they understand. This field follows standard
+                        Kubernetes label syntax. Valid values are either: \n * Un-prefixed
+                        protocol names - reserved for IANA standard service names
+                        (as per RFC-6335 and https://www.iana.org/assignments/service-names).
+                        \n * Kubernetes-defined prefixed names:   * 'kubernetes.io/h2c'
+                        - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540
+                        \  * 'kubernetes.io/ws'  - WebSocket over cleartext as described
+                        in https://www.rfc-editor.org/rfc/rfc6455   * 'kubernetes.io/wss'
+                        - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455
+                        \n * Other protocols should use implementation-defined prefixed
+                        names such as mycompany.com/my-custom-protocol."
                       type: string
                     name:
-                      description: 'The name of this port. All ports in an EndpointSlice
-                        must have a unique name. If the EndpointSlice is dervied from
-                        a Kubernetes service, this corresponds to the Service.ports[].name.
-                        Name must either be an empty string or pass DNS_LABEL validation:
-                        * must be no more than 63 characters long. * must consist
-                        of lower case alphanumeric characters or ''-''. * must start
-                        and end with an alphanumeric character. Default is empty string.'
+                      description: 'name represents the name of this port. All ports
+                        in an EndpointSlice must have a unique name. If the EndpointSlice
+                        is dervied from a Kubernetes service, this corresponds to
+                        the Service.ports[].name. Name must either be an empty string
+                        or pass DNS_LABEL validation: * must be no more than 63 characters
+                        long. * must consist of lower case alphanumeric characters
+                        or ''-''. * must start and end with an alphanumeric character.
+                        Default is empty string.'
                       type: string
                     port:
-                      description: The port number of the endpoint. If this is not
-                        specified, ports are not restricted and must be interpreted
-                        in the context of the specific consumer.
+                      description: port represents the port number of the endpoint.
+                        If this is not specified, ports are not restricted and must
+                        be interpreted in the context of the specific consumer.
                       format: int32
                       type: integer
                     protocol:
                       default: TCP
-                      description: The IP protocol for this port. Must be UDP, TCP,
-                        or SCTP. Default is TCP.
+                      description: protocol represents the IP protocol for this port.
+                        Must be UDP, TCP, or SCTP. Default is TCP.
                       type: string
                   type: object
                 type: array

config/crd/bases/networking.fleet.azure.com_endpointsliceimports.yaml

@@ -140,31 +140,40 @@ spec:
                   description: EndpointPort represents a Port used by an EndpointSlice
                   properties:
                     appProtocol:
-                      description: The application protocol for this port. This field
-                        follows standard Kubernetes label syntax. Un-prefixed names
-                        are reserved for IANA standard service names (as per RFC-6335
-                        and https://www.iana.org/assignments/service-names). Non-standard
-                        protocols should use prefixed names such as mycompany.com/my-custom-protocol.
+                      description: "The application protocol for this port. This is
+                        used as a hint for implementations to offer richer behavior
+                        for protocols that they understand. This field follows standard
+                        Kubernetes label syntax. Valid values are either: \n * Un-prefixed
+                        protocol names - reserved for IANA standard service names
+                        (as per RFC-6335 and https://www.iana.org/assignments/service-names).
+                        \n * Kubernetes-defined prefixed names:   * 'kubernetes.io/h2c'
+                        - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540
+                        \  * 'kubernetes.io/ws'  - WebSocket over cleartext as described
+                        in https://www.rfc-editor.org/rfc/rfc6455   * 'kubernetes.io/wss'
+                        - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455
+                        \n * Other protocols should use implementation-defined prefixed
+                        names such as mycompany.com/my-custom-protocol."
                       type: string
                     name:
-                      description: 'The name of this port. All ports in an EndpointSlice
-                        must have a unique name. If the EndpointSlice is dervied from
-                        a Kubernetes service, this corresponds to the Service.ports[].name.
-                        Name must either be an empty string or pass DNS_LABEL validation:
-                        * must be no more than 63 characters long. * must consist
-                        of lower case alphanumeric characters or ''-''. * must start
-                        and end with an alphanumeric character. Default is empty string.'
+                      description: 'name represents the name of this port. All ports
+                        in an EndpointSlice must have a unique name. If the EndpointSlice
+                        is dervied from a Kubernetes service, this corresponds to
+                        the Service.ports[].name. Name must either be an empty string
+                        or pass DNS_LABEL validation: * must be no more than 63 characters
+                        long. * must consist of lower case alphanumeric characters
+                        or ''-''. * must start and end with an alphanumeric character.
+                        Default is empty string.'
                       type: string
                     port:
-                      description: The port number of the endpoint. If this is not
-                        specified, ports are not restricted and must be interpreted
-                        in the context of the specific consumer.
+                      description: port represents the port number of the endpoint.
+                        If this is not specified, ports are not restricted and must
+                        be interpreted in the context of the specific consumer.
                       format: int32
                       type: integer
                     protocol:
                       default: TCP
-                      description: The IP protocol for this port. Must be UDP, TCP,
-                        or SCTP. Default is TCP.
+                      description: protocol represents the IP protocol for this port.
+                        Must be UDP, TCP, or SCTP. Default is TCP.
                       type: string
                   type: object
                 type: array

go.mod

@@ -3,21 +3,21 @@ module go.goms.io/fleet-networking
 go 1.20
 
 require (
-	github.com/google/go-cmp v0.5.9
-	github.com/onsi/ginkgo/v2 v2.9.5
-	github.com/onsi/gomega v1.27.7
-	github.com/prometheus/client_golang v1.15.1
+	github.com/google/go-cmp v0.6.0
+	github.com/onsi/ginkgo/v2 v2.13.0
+	github.com/onsi/gomega v1.29.0
+	github.com/prometheus/client_golang v1.17.0
 	github.com/prometheus/common v0.44.0
-	k8s.io/api v0.26.1
-	k8s.io/apimachinery v0.26.1
-	k8s.io/client-go v0.26.1
-	k8s.io/klog/v2 v2.100.1
-	sigs.k8s.io/controller-runtime v0.14.6
+	k8s.io/api v0.28.3
+	k8s.io/apimachinery v0.28.3
+	k8s.io/client-go v0.28.3
+	k8s.io/klog/v2 v2.110.1
+	sigs.k8s.io/controller-runtime v0.16.3
 )
 
 require (
-	github.com/stretchr/testify v1.8.1
-	go.goms.io/fleet v0.6.11
+	github.com/stretchr/testify v1.8.4
+	go.goms.io/fleet v0.9.7
 )
 
 replace (
@@ -35,23 +35,23 @@ require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/emicklei/go-restful/v3 v3.10.2 // indirect
-	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
+	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
-	github.com/go-logr/logr v1.2.4 // indirect
-	github.com/go-logr/zapr v1.2.4 // indirect
-	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-logr/logr v1.3.0 // indirect
+	github.com/go-logr/zapr v1.3.0 // indirect
+	github.com/go-openapi/jsonpointer v0.20.0 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-openapi/swag v0.22.3 // indirect
+	github.com/go-openapi/swag v0.22.4 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/gnostic v0.6.9 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20230705174524-200ffdc848b8 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 // indirect
+	github.com/google/uuid v1.3.1 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -62,30 +62,30 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/client_model v0.4.0 // indirect
-	github.com/prometheus/procfs v0.10.0 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.24.0 // indirect
-	golang.org/x/net v0.12.0 // indirect
-	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/term v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.11.0 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
-	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	go.uber.org/zap v1.26.0 // indirect
+	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
+	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/oauth2 v0.13.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
+	golang.org/x/term v0.13.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.4.0 // indirect
+	golang.org/x/tools v0.14.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
+	google.golang.org/appengine v1.6.8 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.26.1 // indirect
-	k8s.io/component-base v0.26.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 // indirect
-	k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect
+	k8s.io/apiextensions-apiserver v0.28.3 // indirect
+	k8s.io/component-base v0.28.3 // indirect
+	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
+	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )