📖 Bump sigs.k8s.io/kubebuilder/v4 from 4.3.1 to 4.4.0 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1

[dependabot]

Bumps sigs.k8s.io/kubebuilder/v4 from 4.3.1 to 4.4.0.

Release notes

Sourced from sigs.k8s.io/kubebuilder/v4's releases.

v4.4.0

changes since v4.3.1

✨ New Features

• (go/v4): Upgrade golangci-lint from v1.61.0 to v1.62.2 (#4448)
• (go/v4): Add support for go 1.23 (#4446)
• (go/v4): Upgraded controller-gen from v0.16.4 to v0.17.0. (#4254, #4457)
• (go/v4): Upgrade controller-runtime v0.19.1 to v0.19.4 (#4482)
• (kustomize/v2): Kubebuilder scaffolds rules under config/rbac to help cluster admins manage the permissions for their solutions. The comments and explanations added to these scaffolds have been improved. Furthermore, it now includes admin-specific rules to make it easier for cluster admins to work with features like aggregation (e.g., rbac.authorization.k8s.io/aggregate-to-admin). More info. (#4299)
• (go/v4): Added configurations for securing Metrics Server and Prometheus integration using TLS and certificates managed by CertManager, enabling users to align their solutions with best practices, enhance security, and achieve production readiness. (#4243, #4312, #4400)
• (go/v4): Added webhook CertWatcher and flags for custom certificate configuration #4429)
• (go/v4): Ensures that the manager container adheres to Restricted Pod Security Standards and can operate in namespaces labelled for restricted policies, following best practices. (#4251).
• (go/v4): Ensure that e2e test scaffolds will validate that the enforcement is prepared to ensure that all can run as restricted. See that the curl pod to use the metrics was updated and changed (#4435)
• (go/v4): Improved developer experience and maintainability by updating actions and the Makefile to utilize go.mod for Go version management and automating ENVTEST versioning by retrieving the version directly from go.mod, based on the controller-runtime dependency in use. (#4385) (#4401)
• (helm/v1-alpha): Introduced the new helm.kubebuilder.io/v1-alpha plugin to enable users to distribute solutions using Helm Charts. Example scaffolds are available under testdata/project-v4-with-plugins/dist/chart. (#4227, #4315, #4350, #4351, #4356, #4357, #4371, #4377, #4383, #4380, #4373, #4386, #4375, #4388, #4406, #4399, #4419,#4451). IMPORTANT: The helm.kubebuilder.io/v1-alpha is an experimental initial version. (More info)
• (go/v4,kustomize/v2): Add app.kubernetes.io/name label to allow more precise configurations (#4437)
• (go/v4): Standardize the webhook and controller test suites (#4447)
• (go/v4): Add new makefile target to check and validate the linter config (#4462)
• (go/v4): Added Hub and Spoke support for conversion webhooks. Developers can now scaffold webhooks for resource conversion more easily. (#4254) Example:

  # Create API to test conversion from v1 to v2
  $ kubebuilder create api --group crew --version v1 --kind FirstMate --controller=true --resource=true --make=false
  $ kubebuilder create api --group crew --version v2 --kind FirstMate --controller=false --resource=true --make=false
  $ kubebuilder create webhook --group crew --version v1 --kind FirstMate --conversion --make=false --spoke v2

🐛 Bug Fixes

• (go/v4): Fixed an issue where GitHub Actions workflows were overwritten by commands, ensuring users can now customize workflows freely without their changes being overridden. (#4379)
• (go/v4): Resolved linting issues in generated scaffolds. (#4384)
• (kustomize/v2, go/v4): Fixed CA injection for conversion webhooks. Previously, the CA injection patch was not accurate; The injection should occur only for CRDs, which are conversion types and not for all CRDs when a webhook with --conversion option is scaffolded. The issue goes back to release 3.5.0 (where to replace vars for replacements was done and the kustomize/v2-alpha plugin was introduced). It was not previously found, likely because conversion webhook features were incomplete, which is addressed in this release. Now, users can use the tool to generate the conversion webhooks properly (#4254). (#4282)
• (go/v4): Ensure that schemas are added before starting EnvTest-based suite tests for webhooks and controllers (#4466)
• (go/v4): e2e-tests: cleanup by removing calls to call make generate and manifests (#4471)

What's Changed

• ✨ Adds a patch to configure ServiceMonitor to ensure TLS verification using cert-manager certificates by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4243
• ✨ Include admin ClusterRole and add it to the scaffold by @​damsien in kubernetes-sigs/kubebuilder#4299
• ✨ (go/v4): Enable seccompProfile.type: RuntimeDefault by default in scaffolded projects by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4251
• ✨ Add helm plugin to distribute projects by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4227
• 📖 Proposal: New Plugin to allow project distribution via helm charts by @​dashanji in kubernetes-sigs/kubebuilder#3632
• ✨ Follow-up to PR #4243: Limit permissions to access the metrics-server-cert secret by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4312
• 📖 doc: update roadmap for 2024 by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4313
• ✨ (helm/v1-alpha): add missed info to chart values by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4315
• 📖 Update README.md - Fix typo by @​monteiro-renato in kubernetes-sigs/kubebuilder#4318
• 📖 Bump sigs.k8s.io/kubebuilder/v4 from 4.3.0 to 4.3.1 in /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1 by @​dependabot in kubernetes-sigs/kubebuilder#4322
• 📖: Fix typo in CONTRIBUTING-ROLES.md by @​monteiro-renato in kubernetes-sigs/kubebuilder#4324
• 📖 Fix readme wrong url your-own-plugin by @​damsien in kubernetes-sigs/kubebuilder#4325
• 📖 doc: add .github/SECURITY.md with further information by @​camilamacedo86 in kubernetes-sigs/kubebuilder#4253
• 📖: update testdata reference by @​emmanuel-ferdman in kubernetes-sigs/kubebuilder#4328

... (truncated)

Commits

• 55097d0 🐛 (helm/v1alpha1) - fix webhooks generation by removing data from helm chart ...
• c074cfe ✨ Upgrade controller-runtime v0.19.1 to v0.19.4 (#4482)
• b9489ec 🌱 Bump github.com/spf13/afero from 1.11.0 to 1.12.0 (#4480)
• 458615a 🌱 : fix: remove unnecessary make manifests and make generate in E2E scaffold ...
• 250d677 🌱 Bump golang.org/x/tools from 0.28.0 to 0.29.0 (#4473)
• 998dcba 🌱 fix: remove unused nolint comments (#4468)
• d741ec6 🌱 fix: remaining Go upgrades (#4470)
• 18ef6dd 🌱: simplify E2E Book Samples job (#4469)
• 18df538 🌱 Enable govet settings and fix issue found (#4465)
• f051464 🐛 (go/v4) ensure that schemas are added before start EnvTest-based suite test...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[camilamacedo86]

/ok-to-test
/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: camilamacedo86, dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [camilamacedo86]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment