Merge pull request #113 from marklogic/release/1.1.0

MLE-24161: Releasing MarkLogic Kubernetes Operator 1.1.0

Author: barkhachoithani

.github/workflows/pr-workflow.yaml

@@ -0,0 +1,16 @@
+name: 🏷️ JIRA ID Validator
+
+on:
+  # Using pull_request_target instead of pull_request to handle PRs from forks
+  pull_request_target:
+    types: [opened, edited, reopened, synchronize]
+    # No branch filtering - will run on all PRs
+
+jobs:
+  jira-pr-check:
+    name: 🏷️ Validate JIRA ticket ID
+    # Use the reusable workflow from the central repository
+    uses: marklogic/pr-workflows/.github/workflows/jira-id-check.yml@main
+    with:
+      # Pass the PR title from the event context
+      pr-title: ${{ github.event.pull_request.title }}

.golangci.yml

@@ -16,25 +16,28 @@ issues:
       linters:
         - dupl
         - lll
+    - path: "test/*"
+      linters:
+        - dupl
+        - errcheck
+        - goconst
+        - gocyclo
+        - lll
+        - unused
+    - path: "pkg/*"
+      linters:
+        - lll
+        - unparam
 linters:
   disable-all: true
   enable:
-    - dupl
     - errcheck
-    - exportloopref
-    - goconst
-    - gocyclo
     - gofmt
     - goimports
     - gosimple
     - govet
     - ineffassign
-    - lll
-    - misspell
-    - nakedret
-    - prealloc
     - staticcheck
     - typecheck
     - unconvert
-    - unparam
     - unused

Dockerfile

@@ -1,5 +1,7 @@
+# Copyright (c) 2024-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+
 # Build the manager binary
-FROM golang:1.23.6 AS builder
+FROM golang:1.24.9 AS builder
 ARG TARGETOS
 ARG TARGETARCH
 

Jenkinsfile

@@ -1,3 +1,5 @@
+// Copyright (c) 2024-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+
 /* groovylint-disable CompileStatic, LineLength, VariableTypeRequired */
 // This Jenkinsfile defines internal MarkLogic build pipeline.
 
@@ -6,10 +8,14 @@
 import groovy.json.JsonSlurperClassic
 
 emailList = 'vitaly.korolev@progress.com, sumanth.ravipati@progress.com, peng.zhou@progress.com, barkha.choithani@progress.com, romain.winieski@progress.com'
-emailSecList = 'Rangan.Doreswamy@progress.com, Mahalakshmi.Srinivasan@progress.com'
+emailSecList = 'Mahalakshmi.Srinivasan@progress.com'
 gitCredID = 'marklogic-builder-github'
+operatorRegistry = 'ml-marklogic-operator-dev.bed-artifactory.bedford.progress.com'
 JIRA_ID = ''
 JIRA_ID_PATTERN = /(?i)(MLE)-\d{3,6}/
+operatorRepo = 'marklogic-kubernetes-operator'
+timeStamp = new Date().format('yyyyMMdd')
+branchNameTag = env.BRANCH_NAME.replaceAll('/', '-')
 
 // Define local funtions
 void preBuildCheck() {
@@ -35,6 +41,7 @@ void preBuildCheck() {
     }
 
     // our VMs sometimes disable bridge traffic. this should help to restore it.
+    sh 'sudo modprobe br_netfilter'
     sh 'sudo sh -c "echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables"'
 }
 
@@ -92,7 +99,7 @@ def getReviewState() {
     return reviewState
 }
 
-void resultNotification(message) {
+void resultNotification(status) {
     def author, authorEmail, emailList
     //add author of a PR to email list if available
     if (env.CHANGE_AUTHOR) {
@@ -107,11 +114,11 @@ void resultNotification(message) {
     jira_email_body = "${email_body} <br><br><b>Jira URL: </b><br><a href='${jira_link}'>${jira_link}</a>"
 
     if (JIRA_ID) {
-        def comment = [ body: "Jenkins pipeline build result: ${message}" ]
+        def comment = [ body: "Jenkins pipeline build result: ${status}" ]
         jiraAddComment site: 'JIRA', idOrKey: JIRA_ID, failOnError: false, input: comment
-        mail charset: 'UTF-8', mimeType: 'text/html', to: "${emailList}", body: "${jira_email_body}", subject: "${message}: ${env.JOB_NAME} #${env.BUILD_NUMBER} - ${JIRA_ID}"
+        mail charset: 'UTF-8', mimeType: 'text/html', to: "${emailList}", body: "${jira_email_body}", subject: "🥷 ${status}: ${env.JOB_NAME} #${env.BUILD_NUMBER} - ${JIRA_ID}"
     } else {
-        mail charset: 'UTF-8', mimeType: 'text/html', to: "${emailList}", body: "${email_body}", subject: "${message}: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
+        mail charset: 'UTF-8', mimeType: 'text/html', to: "${emailList}", body: "${email_body}", subject: "🥷 ${status}: ${env.JOB_NAME} #${env.BUILD_NUMBER}"
     }
 }
 
@@ -125,15 +132,15 @@ void runTests() {
 }
 
 void runMinikubeSetup() {
-    sh '''
-        make e2e-setup-minikube
-    '''
+    sh """
+        make e2e-setup-minikube IMG=${operatorRepo}:${VERSION}
+    """
 }
 
 void runE2eTests() {
-    sh '''
-        make e2e-test
-    '''
+    sh """
+        make e2e-test IMG=${operatorRepo}:${VERSION}
+    """
 }
 
 void runMinikubeCleanup() {
@@ -142,6 +149,43 @@ void runMinikubeCleanup() {
     '''
 }
 
+void runBlackDuckScan() {
+    // Trigger BlackDuck scan job with CONTAINER_IMAGES parameter when params.PUBLISH_IMAGE is true
+    if (params.PUBLISH_IMAGE) {
+        build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}"), string(name: 'CONTAINER_IMAGES', value: "${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}-${timeStamp}") ]
+    } else {
+        build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}") ]
+    }
+}
+
+/**
+ * Publishes the built Docker image to the internal Artifactory registry.
+ * Tags the image with multiple tags (version-specific, branch-specific, latest).
+ * Requires Artifactory credentials.
+ */
+void publishToInternalRegistry() {
+    withCredentials([usernamePassword(credentialsId: 'builder-credentials-artifactory', passwordVariable: 'docker_password', usernameVariable: 'docker_user')]) {
+        
+        sh """
+            # make sure to logout first to avoid issues with cached credentials
+            docker logout ${operatorRegistry}
+            echo "${docker_password}" | docker login --username ${docker_user} --password-stdin ${operatorRegistry}
+
+            # Create tags
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}-${timeStamp}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:latest
+
+            # Push images to internal registry
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}-${timeStamp}
+            docker push ${operatorRegistry}/${operatorRepo}:latest
+        """
+    }
+}
+
 pipeline {
     agent {
         label {
@@ -153,15 +197,25 @@ pipeline {
         buildDiscarder logRotator(artifactDaysToKeepStr: '20', artifactNumToKeepStr: '', daysToKeepStr: '30', numToKeepStr: '')
         skipStagesAfterUnstable()
     }
-    // triggers {
-    //     //TODO: add scheduled runs
-    // }
-    // environment {
-    //     //TODO
-    // }
+    
+    triggers {
+        // Trigger nightly builds on the develop branch
+        parameterizedCron( env.BRANCH_NAME == 'develop' ? '''00 05 * * * % E2E_MARKLOGIC_IMAGE_VERSION=ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-12
+                                                             00 05 * * * % E2E_MARKLOGIC_IMAGE_VERSION=ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-11; PUBLISH_IMAGE=false''' : '')
+    }
+
+    environment {
+        PATH = "/space/go/bin:${env.PATH}"
+        MINIKUBE_HOME = "/space/minikube/"
+        KUBECONFIG = "/space/.kube-config"
+        GOPATH = "/space/go"
+    }
+
 
     parameters {
-        string(name: 'dockerImage', defaultValue: 'ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi:latest-11', description: 'Docker image to use for tests.', trim: true)
+        string(name: 'E2E_MARKLOGIC_IMAGE_VERSION', defaultValue: 'ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-12', description: 'Docker image to use for tests.', trim: true)
+        string(name: 'VERSION', defaultValue: '1.1.0', description: 'Version to tag the image with.', trim: true)
+        booleanParam(name: 'PUBLISH_IMAGE', defaultValue: false, description: 'Publish image to internal registry')
         string(name: 'emailList', defaultValue: emailList, description: 'List of email for build notification', trim: true)
     }
 
@@ -195,6 +249,26 @@ pipeline {
                 runMinikubeCleanup()
             }
         }
+
+        // Publish image to internal registries (conditional)
+        stage('Publish Image') {
+            when {
+                    anyOf {
+                        branch 'develop'
+                        expression { return params.PUBLISH_IMAGE }
+                    }
+            }
+            steps {
+                publishToInternalRegistry()
+            }
+        }
+
+        stage('Run-BlackDuck-Scan') {
+
+            steps {
+                runBlackDuckScan()
+            }
+        }
 
     }
 
@@ -203,13 +277,16 @@ pipeline {
             publishTestResults()
         }
         success {
-            resultNotification('BUILD SUCCESS ✅')
+            resultNotification('✅ Success')
         }
         failure {
-            resultNotification('BUILD ERROR ❌')
+            resultNotification('❌ Failure')
         }
         unstable {
-            resultNotification('BUILD UNSTABLE 🉑')
+            resultNotification('⚠️ Unstable')
+        }
+        aborted {
+            resultNotification('🚫 Aborted')
         }
     }
 }

LICENSE

@@ -1,4 +1,4 @@
-Copyright © 2024-2025 MarkLogic Corporation.
+Copyright (c) 2024-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
 
                                  Apache License
                            Version 2.0, January 2004

Makefile

@@ -1,18 +1,20 @@
+# Copyright (c) 2024-2025 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.
+
 # VERSION defines the project version for the bundle.
 # Update this value when you upgrade the version of your project.
 # To re-generate a bundle for another specific version without changing the standard setup, you can:
 # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
 # - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
-VERSION ?= 1.0.0
+VERSION ?= 1.1.0
 
 # VERIFY_HUGE_PAGES defines if hugepages test is enabled or not for e2e test
 VERIFY_HUGE_PAGES ?= false
 
 export E2E_DOCKER_IMAGE ?= $(IMG)
 export E2E_KUSTOMIZE_VERSION ?= $(KUSTOMIZE_VERSION)
 export E2E_CONTROLLER_TOOLS_VERSION ?= $(CONTROLLER_TOOLS_VERSION)
-export E2E_MARKLOGIC_IMAGE_VERSION ?= progressofficial/marklogic-db:11.3.1-ubi-rootless-2.1.0
-export E2E_KUBERNETES_VERSION ?= v1.31.0
+export E2E_MARKLOGIC_IMAGE_VERSION ?= progressofficial/marklogic-db:12.0.0-ubi9-rootless-2.2.2
+export E2E_KUBERNETES_VERSION ?= v1.31.13
 
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
 ENVTEST_K8S_VERSION = 1.31.0
@@ -157,22 +159,26 @@ endif
 
 .PHONY: e2e-setup-minikube
 e2e-setup-minikube: kustomize controller-gen build docker-build
+	minikube version
 	minikube delete || true
 	minikube start --driver=docker --kubernetes-version=$(E2E_KUBERNETES_VERSION) --memory=8192 --cpus=2
 	minikube addons enable ingress
 	minikube image load $(IMG)
+	minikube image load $(E2E_MARKLOGIC_IMAGE_VERSION)
+	minikube image load "docker.io/haproxytech/haproxy-alpine:3.2"
+	minikube image ls
 
 .PHONY: e2e-cleanup-minikube
 e2e-cleanup-minikube:
 	@echo "=====Delete minikube cluster"
 	minikube delete
 
 GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint
-GOLANGCI_LINT_VERSION ?= v1.54.2
+GOLANGCI_LINT_VERSION ?= v1.62.2
 golangci-lint:
 	@[ -f $(GOLANGCI_LINT) ] || { \
 	set -e ;\
-	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell dirname $(GOLANGCI_LINT)) $(GOLANGCI_LINT_VERSION) ;\
+	GOBIN=$(shell dirname $(GOLANGCI_LINT)) go install github.com/golangci/golangci-lint/cmd/golangci-lint@$(GOLANGCI_LINT_VERSION) ;\
 	}
 
 .PHONY: lint
@@ -199,7 +205,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
 # More info: https://docs.docker.com/develop/develop-images/build_enhancements/
 .PHONY: docker-build
 docker-build: ## Build docker image with the manager. to build for linux, add --platform="linux/amd64"
-	$(CONTAINER_TOOL) buildx build -t ${IMG} .
+	$(CONTAINER_TOOL) buildx build --platform="linux/amd64" -t ${IMG} .
 
 .PHONY: docker-push
 docker-push: ## Push docker image with the manager.
@@ -260,7 +266,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v5.5.0
-CONTROLLER_TOOLS_VERSION ?= v0.17.1
+CONTROLLER_TOOLS_VERSION ?= v0.19.0
 
 .PHONY: kustomize
 kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading.
@@ -363,6 +369,7 @@ $(HELMIFY): $(LOCALBIN)
 	test -s $(LOCALBIN)/helmify || GOBIN=$(LOCALBIN) go install github.com/arttor/helmify/cmd/helmify@latest
 
 helm: manifests kustomize helmify
+	cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
 	$(KUSTOMIZE) build config/default | $(HELMIFY) -image-pull-secrets -original-name charts/marklogic-operator-kubernetes 
 
 .PHONY: image-scan