Open camilamacedo86 opened 1 day ago
achetronic
commented
1 day ago @camilamacedo86 Hi, is this an automated message?
If this is automated, why is not appearing on github.com/prosimcorp repos?
I understand the changes and the causes, so actios will be performed related to this :)
camilamacedo86
commented
1 day ago Hi @achetronic,
Thank you for taking a look at this!
We created a script as a best effort to identify projects that have not moved forward and might be impacted by the changes, prompting us to raise these issues.
In this case, I manually confirmed that this project is impacted by referencing the following search:
I also noticed that your project closely follows the proposed Kubebuilder layout. A great approach here would be:
kubebuilder alpha generate to regenerate the project based on the PROJECT configuration file.This process ensures your project adopts a default implementation (similar to kube-rbac-proxy) with enhanced options for production readiness, such as securely configuring certificates. Additionally, it enables you to leverage other improvements, bug fixes, and the latest updates.
Another option might be to fix it manually; check out the FAQ section: "How can I manually change my project to switch to Controller-Runtime's built-in auth protection?" for detailed instructions.
Let me know if you need any help with this process!
achetronic
commented
1 day ago Oh, I see. Thank you for taking care about this!
Don't worry about the process. As I maintain several operators, I have the process quite clear. I will release a new version using the last scaffolding :)
camilamacedo86
commented
1 day ago Hi @achetronic
That is amazing !!! 🚀 By the way, it's out of topic.
I know that this manual process is painful, and we are looking for solutions to improve it and make things simpler in the future. If you want to take a look at the proposal (https://github.com/kubernetes-sigs/kubebuilder/pull/4302) and contribute to it, please feel free. Your input is invaluable to us.
achetronic
commented
22 hours ago Of course, I will take a look on it and give some feedback about the process and the things I have done in my own to make it easier :)
Description
:warning: The image
gcr.io/kubebuilder/kube-rbac-proxyis deprecated and will become unavailable. You must move as soon as possible, sometime from early 2025, the GCR will go away.If your project uses
gcr.io/kubebuilder/kube-rbac-proxy, it will be affected. Your project may fail to work if the image cannot be pulled. You must take action as soon as possible.However, if your project is no longer using this image, no action is required, and you can close this issue.
Using the image
gcr.io/kubebuilder/kube-rbac-proxy?kube-rbac-proxy was historically used to protect the metrics endpoint. However, its usage has been discontinued in Kubebuilder. The default scaffold now leverages the
WithAuthenticationAndAuthorizationfeature provided by Controller-Runtime.This feature provides integrated support for securing metrics endpoints by embedding authentication (
authn) and authorization (authz) mechanisms directly into the controller manager's metrics server, replacing the need for (https://github.com/brancz/kube-rbac-proxy) to secure metrics endpoints.What To Do?
You must replace the deprecated image
gcr.io/kubebuilder/kube-rbac-proxywith an alternative approach. For example:WithAuthenticationAndAuthorization:For further information, suggestions, and guidance:
We sincerely apologize for any inconvenience this may cause.
Thank you for your cooperation and understanding! :pray: