Adopt to cloud-api v0.28.0

.github/workflows/docker.yml

@@ -26,7 +26,7 @@ jobs:
           cache: false
 
       - name: Lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v6
         with:
           args: --build-tags integration -p bugs -p unused --timeout=5m
 

cmd/cluster.go

@@ -222,17 +222,14 @@ func newClusterCmd(c *config) *cobra.Command {
 	clusterCreateCmd.Flags().String("firewallimage", "", "machine image to use for the firewall. [optional]")
 	clusterCreateCmd.Flags().String("firewallcontroller", "", "version of the firewall-controller to use. [optional]")
 	clusterCreateCmd.Flags().BoolP("logacceptedconns", "", false, "also log accepted connections on the cluster firewall [optional]")
-	clusterCreateCmd.Flags().String("cri", "", "container runtime to use, currently only containerd is supported. [optional]")
 	clusterCreateCmd.Flags().Int32("minsize", 1, "minimal workers of the cluster.")
 	clusterCreateCmd.Flags().Int32("maxsize", 1, "maximal workers of the cluster.")
 	clusterCreateCmd.Flags().String("maxsurge", "1", "max number (e.g. 1) or percentage (e.g. 10%) of workers created during a update of the cluster.")
 	clusterCreateCmd.Flags().String("maxunavailable", "0", "max number (e.g. 0) or percentage (e.g. 10%) of workers that can be unavailable during a update of the cluster.")
 	clusterCreateCmd.Flags().StringSlice("labels", []string{}, "labels of the cluster")
 	clusterCreateCmd.Flags().StringSlice("external-networks", []string{}, "external networks of the cluster")
 	clusterCreateCmd.Flags().StringSlice("egress", []string{}, "static egress ips per network, must be in the form <network>:<ip>; e.g.: --egress internet:1.2.3.4,extnet:123.1.1.1 --egress internet:1.2.3.5 [optional]")
-	clusterCreateCmd.Flags().BoolP("allowprivileged", "", false, "allow privileged containers the cluster (this is achieved through pod security policies and has no effect anymore on clusters >= v1.25")
 	clusterCreateCmd.Flags().String("default-pod-security-standard", "", "sets default pod security standard for clusters >= v1.23.x, defaults to restricted on clusters >= v1.25 (valid values: empty string, privileged, baseline, restricted)")
-	clusterCreateCmd.Flags().BoolP("disable-pod-security-policies", "", false, "disable pod security policies")
 	clusterCreateCmd.Flags().Duration("healthtimeout", 0, "period (e.g. \"24h\") after which an unhealthy node is declared failed and will be replaced. [optional]")
 	clusterCreateCmd.Flags().Duration("draintimeout", 0, "period (e.g. \"3h\") after which a draining node will be forcefully deleted. [optional]")
 	clusterCreateCmd.Flags().Bool("encrypted-storage-classes", false, "enables the deployment of encrypted duros storage classes into the cluster. please refer to the user manual to properly use volume encryption. [optional]")
@@ -265,9 +262,6 @@ func newClusterCmd(c *config) *cobra.Command {
 	genericcli.Must(clusterCreateCmd.RegisterFlagCompletionFunc("firewallcontroller", c.comp.FirewallControllerVersionListCompletion))
 	genericcli.Must(clusterCreateCmd.RegisterFlagCompletionFunc("purpose", c.comp.ClusterPurposeListCompletion))
 	genericcli.Must(clusterCreateCmd.RegisterFlagCompletionFunc("default-pod-security-standard", c.comp.PodSecurityListCompletion))
-	genericcli.Must(clusterCreateCmd.RegisterFlagCompletionFunc("cri", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
-		return []string{"containerd"}, cobra.ShellCompDirectiveNoFileComp
-	}))
 	genericcli.Must(clusterCreateCmd.RegisterFlagCompletionFunc("cni", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
 		return []string{
 			"calico\tcalico networking plugin. this is the cluster default.",
@@ -320,9 +314,7 @@ func newClusterCmd(c *config) *cobra.Command {
 	clusterUpdateCmd.Flags().String("machineimage", "", "machine image to use for the nodes, must be in the form of <name>-<version> ")
 	clusterUpdateCmd.Flags().StringSlice("addlabels", []string{}, "labels to add to the cluster")
 	clusterUpdateCmd.Flags().StringSlice("removelabels", []string{}, "labels to remove from the cluster")
-	clusterUpdateCmd.Flags().BoolP("allowprivileged", "", false, "allow privileged containers the cluster (this is achieved through pod security policies and has no effect anymore on clusters >=v1.25")
 	clusterUpdateCmd.Flags().String("default-pod-security-standard", "", "set default pod security standard for cluster >=v 1.23.x, send empty string explicitly to disable pod security standards (valid values: empty string, privileged, baseline, restricted)")
-	clusterUpdateCmd.Flags().BoolP("disable-pod-security-policies", "", false, "disable pod security policies")
 	clusterUpdateCmd.Flags().String("purpose", "", fmt.Sprintf("purpose of the cluster, can be one of %s. SLA is only given on production clusters.", strings.Join(completion.ClusterPurposes, "|")))
 	clusterUpdateCmd.Flags().StringSlice("egress", []string{}, "static egress ips per network, must be in the form <networkid>:<semicolon-separated ips>; e.g.: --egress internet:1.2.3.4;1.2.3.5 --egress extnet:123.1.1.1 [optional]. Use \"--egress none\" to remove all egress rules.")
 	clusterUpdateCmd.Flags().StringSlice("external-networks", []string{}, "external networks of the cluster")
@@ -456,7 +448,6 @@ func (c *config) clusterCreate() error {
 	enableNodeLocalDNS := viper.GetBool("enable-node-local-dns")
 	disableForwardToUpstreamDNS := viper.GetBool("disable-forwarding-to-upstream-dns")
 
-	cri := viper.GetString("cri")
 	var cni string
 	if viper.IsSet("cni") {
 		cni = viper.GetString("cni")
@@ -470,18 +461,10 @@ func (c *config) clusterCreate() error {
 	healthtimeout := viper.GetDuration("healthtimeout")
 	draintimeout := viper.GetDuration("draintimeout")
 
-	var allowprivileged *bool
-	if viper.IsSet("allowprivileged") {
-		allowprivileged = pointer.Pointer(viper.GetBool("allowprivileged"))
-	}
 	var defaultPodSecurityStandard *string
 	if viper.IsSet("default-pod-security-standard") {
 		defaultPodSecurityStandard = pointer.Pointer(viper.GetString("default-pod-security-standard"))
 	}
-	var disablePodSecurityPolicies *bool
-	if viper.IsSet("disable-pod-security-policies") {
-		disablePodSecurityPolicies = pointer.Pointer(viper.GetBool("disable-pod-security-policies"))
-	}
 
 	var networkAccessType *string
 	if viper.IsSet("network-isolation") {
@@ -570,13 +553,6 @@ WARNING: You are going to create a cluster that has no default internet access w
 		log.Fatal(err)
 	}
 
-	switch cri {
-	case "containerd":
-	case "":
-	default:
-		log.Fatalf("provided cri:%s is not supported, only containerd at the moment", cri)
-	}
-
 	var customDefaultStorageClass *models.V1CustomDefaultStorageClass
 	if viper.IsSet("default-storage-class") {
 		class := viper.GetString("default-storage-class")
@@ -599,17 +575,14 @@ WARNING: You are going to create a cluster that has no default internet access w
 				MaxUnavailable: &maxunavailable,
 				MachineType:    &machineType,
 				MachineImage:   &machineImage,
-				CRI:            &cri,
 			},
 		},
 		FirewallSize:              &firewallType,
 		FirewallImage:             &firewallImage,
 		FirewallControllerVersion: &firewallController,
 		Kubernetes: &models.V1Kubernetes{
-			AllowPrivilegedContainers:  allowprivileged,
 			Version:                    &version,
 			DefaultPodSecurityStandard: defaultPodSecurityStandard,
-			DisablePodSecurityPolicies: disablePodSecurityPolicies,
 		},
 		Maintenance: &models.V1Maintenance{
 			TimeWindow: &models.V1MaintenanceTimeWindow{
@@ -1282,24 +1255,12 @@ func (c *config) updateCluster(args []string) error {
 	if version != "" {
 		k8s.Version = &version
 	}
-	if viper.IsSet("allowprivileged") {
-		if !viper.GetBool("yes-i-really-mean-it") {
-			return fmt.Errorf("--allowprivileged is set but you forgot to add --yes-i-really-mean-it")
-		}
-		k8s.AllowPrivilegedContainers = pointer.Pointer(viper.GetBool("allowprivileged"))
-	}
 	if viper.IsSet("default-pod-security-standard") {
 		if !viper.GetBool("yes-i-really-mean-it") {
 			return fmt.Errorf("--default-pod-security-standard is set but you forgot to add --yes-i-really-mean-it")
 		}
 		k8s.DefaultPodSecurityStandard = pointer.Pointer(viper.GetString("default-pod-security-standard"))
 	}
-	if viper.IsSet("disable-pod-security-policies") {
-		if !viper.GetBool("yes-i-really-mean-it") {
-			return fmt.Errorf("--disable-pod-security-policies set but you forgot to add --yes-i-really-mean-it")
-		}
-		k8s.DisablePodSecurityPolicies = pointer.Pointer(viper.GetBool("disable-pod-security-policies"))
-	}
 
 	cur.Kubernetes = k8s
 	cur.EgressRules = makeEgressRules(egress)

cmd/dashboard.go

@@ -21,13 +21,12 @@ import (
 	"github.com/fi-ts/cloud-go/api/client/volume"
 	"github.com/fi-ts/cloud-go/api/models"
 	"github.com/fi-ts/cloudctl/cmd/helper"
-	"github.com/fi-ts/cloudctl/cmd/output"
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	"github.com/google/go-cmp/cmp"
 	"github.com/metal-stack/metal-lib/pkg/cache"
 	"github.com/metal-stack/metal-lib/pkg/genericcli"
+	"github.com/metal-stack/metal-lib/pkg/healthstatus"
 	"github.com/metal-stack/metal-lib/pkg/pointer"
-	"github.com/metal-stack/metal-lib/rest"
 	"github.com/metal-stack/v"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@@ -305,11 +304,11 @@ func (d *dashboard) Render() {
 	defer func() {
 		var coloredHealth string
 		switch apiHealth {
-		case string(rest.HealthStatusHealthy):
+		case string(healthstatus.HealthStatusHealthy):
 			coloredHealth = "[" + apiHealth + "](fg:green)"
-		case string(rest.HealthStatusDegraded), string(rest.HealthStatusPartiallyUnhealthy):
+		case string(healthstatus.HealthStatusDegraded), string(healthstatus.HealthStatusPartiallyUnhealthy):
 			coloredHealth = "[" + apiHealth + "](fg:yellow)"
-		case string(rest.HealthStatusUnhealthy):
+		case string(healthstatus.HealthStatusUnhealthy):
 			if apiHealthMessage != "" {
 				coloredHealth = "[" + apiHealth + fmt.Sprintf(" (%s)](fg:red)", apiHealthMessage)
 			} else {
@@ -1266,9 +1265,9 @@ func newCache(cloud *client.CloudAPI, expiration time.Duration, partition, tenan
 	return &apiCache{
 		clusters: cache.New(expiration, func(ctx context.Context, _ string) ([]*models.V1ClusterResponse, error) {
 			resp, err := cloud.Cluster.FindClusters(cluster.NewFindClustersParams().WithBody(&models.V1ClusterFindRequest{
-				PartitionID: output.StrDeref(partition),
-				Tenant:      output.StrDeref(tenant),
-				Purpose:     output.StrDeref(purpose),
+				PartitionID: pointer.PointerOrNil(partition),
+				Tenant:      pointer.PointerOrNil(tenant),
+				Purpose:     pointer.PointerOrNil(purpose),
 			}).WithReturnMachines(pointer.Pointer(false)).WithContext(ctx), nil)
 			if err != nil {
 				return nil, err
@@ -1277,8 +1276,8 @@ func newCache(cloud *client.CloudAPI, expiration time.Duration, partition, tenan
 		}),
 		volumes: cache.New(expiration, func(ctx context.Context, _ string) ([]*models.V1VolumeResponse, error) {
 			resp, err := cloud.Volume.FindVolumes(volume.NewFindVolumesParams().WithBody(&models.V1VolumeFindRequest{
-				PartitionID: output.StrDeref(partition),
-				TenantID:    output.StrDeref(tenant),
+				PartitionID: pointer.PointerOrNil(partition),
+				TenantID:    pointer.PointerOrNil(tenant),
 			}).WithContext(ctx), nil)
 			if err != nil {
 				return nil, err

cmd/output/healthprinter.go

@@ -1,10 +1,11 @@
 package output
 
 import (
+	"maps"
+	"slices"
 	"sort"
 
 	"github.com/fi-ts/cloud-go/api/models"
-	"golang.org/x/exp/maps"
 )
 
 type (
@@ -34,7 +35,7 @@ func (p HealthTablePrinter) Print(health *models.RestHealthResponse) {
 	p.render()
 }
 
-func (p HealthTablePrinter) PrintServices(services map[string]models.RestHealthResult) {
+func (p HealthTablePrinter) PrintServices(services map[string]models.RestHealthResponse) {
 	p.wideHeader = []string{"Service", "Status", "Message"}
 	p.shortHeader = p.wideHeader
 
@@ -62,9 +63,9 @@ func (p HealthTablePrinter) PrintServices(services map[string]models.RestHealthR
 
 		i := 0
 		skeys := maps.Keys(s.Services)
-		sort.Strings(skeys)
-
-		for _, sname := range skeys {
+		sortedServiceKeys := slices.Collect(skeys)
+		slices.Sort(sortedServiceKeys)
+		for _, sname := range sortedServiceKeys {
 			sresult := s.Services[sname]
 			prefix := "├"
 			if i == len(s.Services)-1 {

cmd/output/helper.go

@@ -74,44 +74,10 @@ func sortIPs(v1ips []*models.ModelsV1IPResponse) []*models.ModelsV1IPResponse {
 	return result
 }
 
-// strValue returns the value of a string pointer of not nil, otherwise empty string
-func strValue(strPtr *string) string {
-	if strPtr != nil {
-		return *strPtr
-	}
-	return ""
-}
-
-func StrDeref(s string) *string {
-	if s == "" {
-		return nil
-	}
-	return &s
-}
-
-func int64Value(i *int64) int64 {
-	if i != nil {
-		return *i
-	}
-	return 0
-}
-
 func printStringSlice(s []string) {
 	var dashed []string
 	for _, elem := range s {
 		dashed = append(dashed, "- "+elem)
 	}
 	fmt.Println(strings.Join(dashed, "\n"))
 }
-
-func uniqueStringSlice(s []string) []string {
-	m := make(map[string]bool)
-	var res []string
-	for _, elem := range s {
-		if _, ok := m[elem]; !ok {
-			m[elem] = true
-			res = append(res, elem)
-		}
-	}
-	return res
-}

cmd/output/machine.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/fi-ts/cloud-go/api/models"
 	metalmodels "github.com/metal-stack/metal-go/api/models"
+	"github.com/metal-stack/metal-lib/pkg/pointer"
 )
 
 type (
@@ -43,13 +44,13 @@ func (m MachineTablePrinter) Print(data []*models.ModelsV1MachineResponse) {
 		// status := strValue(machine.Liveliness)
 		var sizeID string
 		if machine.Size != nil {
-			sizeID = strValue(machine.Size.ID)
+			sizeID = pointer.SafeDeref(machine.Size.ID)
 		}
 		var partitionID string
 		if machine.Partition != nil {
-			partitionID = strValue(machine.Partition.ID)
+			partitionID = pointer.SafeDeref(machine.Partition.ID)
 		}
-		hostname := strValue(alloc.Hostname)
+		hostname := pointer.SafeDeref(alloc.Hostname)
 		//truncatedHostname := truncate(hostname, "...", 30)
 
 		var nwIPs []string
@@ -59,9 +60,9 @@ func (m MachineTablePrinter) Print(data []*models.ModelsV1MachineResponse) {
 		ips := strings.Join(nwIPs, "\n")
 		image := ""
 		if alloc.Image != nil {
-			image = strValue(alloc.Image.ID)
+			image = pointer.SafeDeref(alloc.Image.ID)
 		}
-		started := strValue(alloc.Created)
+		started := pointer.SafeDeref(alloc.Created)
 		age := ""
 		format := "2006-01-02T15:04:05.999Z"
 		created, err := time.Parse(format, *alloc.Created)
@@ -85,7 +86,7 @@ func (m MachineTablePrinter) Print(data []*models.ModelsV1MachineResponse) {
 			when = humanizeDuration(since)
 			lastEvent = *machine.Events.Log[0].Event
 		}
-		status := strValue(machine.Liveliness)
+		status := pointer.SafeDeref(machine.Liveliness)
 		statusEmoji := ""
 		switch status {
 		case "Alive":

cmd/output/printer.go

@@ -242,7 +242,7 @@ func (t tablePrinter) Print(data interface{}) error {
 		TenantTablePrinter{t}.Print([]*models.V1TenantResponse{d})
 	case *models.RestHealthResponse:
 		HealthTablePrinter{t}.Print(d)
-	case map[string]models.RestHealthResult:
+	case map[string]models.RestHealthResponse:
 		HealthTablePrinter{t}.PrintServices(d)
 	case []*models.ModelsV1IPResponse:
 		IPTablePrinter{t}.Print(d)

cmd/output/projectprinter.go

@@ -59,21 +59,21 @@ func (p ProjectTableDetailPrinter) Print(data *models.V1ProjectResponse) {
 		if qs.Cluster != nil {
 			cq := "∞"
 			if qs.Cluster.Quota != 0 {
-				cq = strconv.FormatInt(int64(qs.Cluster.Quota), 10)
+				cq = strconv.FormatInt(int64(qs.Cluster.Quota), 10) // nolint:gosec
 			}
 			clusterQuota = fmt.Sprintf("%d/%s", qs.Cluster.Used, cq)
 		}
 		if qs.Machine != nil {
 			mq := "∞"
 			if qs.Machine.Quota != 0 {
-				mq = strconv.FormatInt(int64(qs.Machine.Quota), 10)
+				mq = strconv.FormatInt(int64(qs.Machine.Quota), 10) // nolint:gosec
 			}
 			machineQuota = fmt.Sprintf("%d/%s", qs.Machine.Used, mq)
 		}
 		if qs.IP != nil {
 			iq := "∞"
 			if qs.IP.Quota != 0 {
-				iq = strconv.FormatInt(int64(qs.IP.Quota), 10)
+				iq = strconv.FormatInt(int64(qs.IP.Quota), 10) // nolint:gosec
 			}
 			ipQuota = fmt.Sprintf("%d/%s", qs.IP.Used, iq)
 		}