diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index a300be5..d1ca7b6 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,8 +1,8 @@ ack_generate_info: - build_date: "2024-08-29T08:00:08Z" - build_hash: 3385813a5940f3d307e32dd11064efb490b5b5b6 - go_version: go1.22.4 - version: v0.38.0-4-g3385813 + build_date: "2024-08-29T17:09:54Z" + build_hash: f8f98563404066ac3340db0a049d2e530e5c51cc + go_version: go1.22.5 + version: v0.38.1 api_directory_checksum: 761a2c708651b0273bf39d98dddaf029de23d337 api_version: v1alpha1 aws_sdk_go_version: v1.49.0 diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index f316ca9..7f43ffd 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/iam-controller - newTag: 1.3.11 + newTag: 1.3.12 diff --git a/go.mod b/go.mod index e5cd32a..17fe20c 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.22.0 toolchain go1.22.5 require ( - github.com/aws-controllers-k8s/runtime v0.37.2-0.20240829063928-a606fd18ca1f + github.com/aws-controllers-k8s/runtime v0.38.0 github.com/aws/aws-sdk-go v1.49.0 github.com/go-logr/logr v1.4.1 github.com/micahhausler/aws-iam-policy v0.4.2 diff --git a/go.sum b/go.sum index 5862b1f..593a4ad 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,7 @@ github.com/a-hilaly/aws-iam-policy v0.0.0-20231121054900-2c56e839ca53 h1:2uNM0nR2WUDN88EYFxjEaroH+PZJ6k/h9kl+KO0dWVc= github.com/a-hilaly/aws-iam-policy v0.0.0-20231121054900-2c56e839ca53/go.mod h1:Ojgst9ZFn+VEEJpqtuw/LxVGqEf2+hwWBlkYWvF/XWM= -github.com/aws-controllers-k8s/runtime v0.36.0 h1:XEMVGfUwsT9QMShihuCLHlape+daJWyYtXj45s/iJiU= -github.com/aws-controllers-k8s/runtime v0.36.0/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= -github.com/aws-controllers-k8s/runtime v0.37.2-0.20240829063928-a606fd18ca1f h1:N5WNMehmiBNdthmGYlua3P0P+i6hctfGVEtPe4QHme8= -github.com/aws-controllers-k8s/runtime v0.37.2-0.20240829063928-a606fd18ca1f/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= +github.com/aws-controllers-k8s/runtime v0.38.0 h1:gSEpmBm7OwTPd2kIOU+AIDIivi3teSm5FFrhROfu4wg= +github.com/aws-controllers-k8s/runtime v0.38.0/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 3f5eb61..1139869 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: iam-chart description: A Helm chart for the ACK service controller for AWS Identity & Access Management (IAM) -version: 1.3.11 -appVersion: 1.3.11 +version: 1.3.12 +appVersion: 1.3.12 home: https://github.com/aws-controllers-k8s/iam-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index bc62a99..5b22a73 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/iam-controller:1.3.11". +This chart deploys "public.ecr.aws/aws-controllers-k8s/iam-controller:1.3.12". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/values.yaml b/helm/values.yaml index da0f499..c89051a 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/iam-controller - tag: 1.3.11 + tag: 1.3.12 pullPolicy: IfNotPresent pullSecrets: [] @@ -158,4 +158,7 @@ leaderElection: # can be individually enabled ("true") or disabled ("false") by adding key/value # pairs below. featureGates: - CARMv2: false + # Enables the Service level granularity for CARM. See https://github.com/aws-controllers-k8s/community/issues/2031 + ServiceLevelCARM: false + # Enables the Team level granularity for CARM. See https://github.com/aws-controllers-k8s/community/issues/2031 + TeamLevelCARM: false diff --git a/pkg/resource/group/references.go b/pkg/resource/group/references.go index 17c5996..595dea8 100644 --- a/pkg/resource/group/references.go +++ b/pkg/resource/group/references.go @@ -132,12 +132,8 @@ func getReferencedResourceState_Policy( if err != nil { return err } - var refResourceSynced, refResourceTerminal bool + var refResourceTerminal bool for _, cond := range obj.Status.Conditions { - if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && - cond.Status == corev1.ConditionTrue { - refResourceSynced = true - } if cond.Type == ackv1alpha1.ConditionTypeTerminal && cond.Status == corev1.ConditionTrue { return ackerr.ResourceReferenceTerminalFor( @@ -150,6 +146,13 @@ func getReferencedResourceState_Policy( "Policy", namespace, name) } + var refResourceSynced bool + for _, cond := range obj.Status.Conditions { + if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && + cond.Status == corev1.ConditionTrue { + refResourceSynced = true + } + } if !refResourceSynced { return ackerr.ResourceReferenceNotSyncedFor( "Policy", diff --git a/pkg/resource/instance_profile/references.go b/pkg/resource/instance_profile/references.go index c463c9d..8ab8a11 100644 --- a/pkg/resource/instance_profile/references.go +++ b/pkg/resource/instance_profile/references.go @@ -127,12 +127,8 @@ func getReferencedResourceState_Role( if err != nil { return err } - var refResourceSynced, refResourceTerminal bool + var refResourceTerminal bool for _, cond := range obj.Status.Conditions { - if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && - cond.Status == corev1.ConditionTrue { - refResourceSynced = true - } if cond.Type == ackv1alpha1.ConditionTypeTerminal && cond.Status == corev1.ConditionTrue { return ackerr.ResourceReferenceTerminalFor( @@ -145,6 +141,13 @@ func getReferencedResourceState_Role( "Role", namespace, name) } + var refResourceSynced bool + for _, cond := range obj.Status.Conditions { + if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && + cond.Status == corev1.ConditionTrue { + refResourceSynced = true + } + } if !refResourceSynced { return ackerr.ResourceReferenceNotSyncedFor( "Role", diff --git a/pkg/resource/role/references.go b/pkg/resource/role/references.go index e3d43ca..94c4f6f 100644 --- a/pkg/resource/role/references.go +++ b/pkg/resource/role/references.go @@ -141,12 +141,8 @@ func getReferencedResourceState_Policy( if err != nil { return err } - var refResourceSynced, refResourceTerminal bool + var refResourceTerminal bool for _, cond := range obj.Status.Conditions { - if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && - cond.Status == corev1.ConditionTrue { - refResourceSynced = true - } if cond.Type == ackv1alpha1.ConditionTypeTerminal && cond.Status == corev1.ConditionTrue { return ackerr.ResourceReferenceTerminalFor( @@ -159,6 +155,13 @@ func getReferencedResourceState_Policy( "Policy", namespace, name) } + var refResourceSynced bool + for _, cond := range obj.Status.Conditions { + if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && + cond.Status == corev1.ConditionTrue { + refResourceSynced = true + } + } if !refResourceSynced { return ackerr.ResourceReferenceNotSyncedFor( "Policy", diff --git a/pkg/resource/user/references.go b/pkg/resource/user/references.go index 2659152..b07e706 100644 --- a/pkg/resource/user/references.go +++ b/pkg/resource/user/references.go @@ -141,12 +141,8 @@ func getReferencedResourceState_Policy( if err != nil { return err } - var refResourceSynced, refResourceTerminal bool + var refResourceTerminal bool for _, cond := range obj.Status.Conditions { - if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && - cond.Status == corev1.ConditionTrue { - refResourceSynced = true - } if cond.Type == ackv1alpha1.ConditionTypeTerminal && cond.Status == corev1.ConditionTrue { return ackerr.ResourceReferenceTerminalFor( @@ -159,6 +155,13 @@ func getReferencedResourceState_Policy( "Policy", namespace, name) } + var refResourceSynced bool + for _, cond := range obj.Status.Conditions { + if cond.Type == ackv1alpha1.ConditionTypeResourceSynced && + cond.Status == corev1.ConditionTrue { + refResourceSynced = true + } + } if !refResourceSynced { return ackerr.ResourceReferenceNotSyncedFor( "Policy",