Merge branch 'main' into main

Author: egegunes

.github/ISSUE_TEMPLATE/1-feature-request.yml

@@ -0,0 +1,33 @@
+name: Feature request 🧭
+description: Suggest an idea for this project
+labels: "feature-request"
+body:
+- type: textarea
+  attributes:
+    label: Proposal
+    description: "What would you like to have as a feature"
+    placeholder: "A clear and concise description of what you want to happen."
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Use-Case
+    description: "How would this help you?"
+    placeholder: "Tell us more what you'd like to achieve."
+  validations:
+    required: false
+- type: dropdown
+  id: interested-in-implementing-the-feature
+  attributes:
+    label: Is this a feature you are interested in implementing yourself?
+    options:
+      - 'No'
+      - 'Maybe'
+      - 'Yes'
+  validations:
+    required: true
+- type: textarea
+  id: anything-else
+  attributes:
+    label: Anything else?
+    description: "Let us know if you have anything else to share"

.github/ISSUE_TEMPLATE/2-bug-report.yml

@@ -0,0 +1,53 @@
+name: Report a bug 🐛
+description: Create a report to help us improve
+labels: "bug"
+body:
+- type: markdown
+  attributes:
+    value: |
+      ## Self-help
+      Thank you for considering to open a bug report!
+
+      Before you do, however, make sure to check our existing resources to see if it has already been discussed/reported:
+      - [Reported bugs](https://github.com/percona/percona-server-mongodb-operator/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+label%3Abug)
+      - [JIRA bugs](https://perconadev.atlassian.net/issues/K8SPSMDB-1028?jql=project%20%3D%20k8spsmdb%20and%20issuetype%20%3D%20Bug%20and%20resolution%20%3D%20Unresolved)
+      - [Percona Operator for MongoDB forum](https://forums.percona.com/c/mongodb/percona-kubernetes-operator-for-mongodb/29)
+- type: textarea
+  attributes:
+    label: Report
+    description: "What bug have you encountered?"
+    placeholder: "A clear and concise description of what the bug is."
+  validations:
+    required: true  
+- type: textarea
+  attributes:
+    label: More about the problem
+    description: What do you see happening
+    placeholder: Logs, expected behavior, other
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Steps to reproduce
+    description: "Tell us how to reproduce the problem" 
+    value: |
+      1. 
+      2. 
+      3. 
+  validations:
+    required: true
+- type: textarea
+  attributes:
+    label: Versions
+    description: "Tell us which versions do you use" 
+    value: |
+      1. Kubernetes
+      2. Operator
+      3. Database
+  validations:
+    required: true
+- type: textarea
+  id: anything-else
+  attributes:
+    label: Anything else?
+    description: "Let us know if you have anything else to share"

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Ask a question about Percona Operator for MongoDB or get support
+    url: https://forums.percona.com/c/mongodb/percona-kubernetes-operator-for-mongodb/29
+    about: Ask a question or request support for using Percona Operator for MongoDB
+  - name: Report vulnerability or security concern
+    url: https://www.percona.com/security
+    about: For any security issues or concerns

.github/dependabot.yml

@@ -42,7 +42,7 @@ updates:
     labels:
       - "dependencies"
     schedule:
-      interval: monthly
+      interval: weekly
       day: "monday"
       time: "01:00"
 

.github/workflows/reviewdog.yml

@@ -28,9 +28,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - uses: actions/setup-go@v4
+      - uses: actions/setup-go@v5
         with:
-          go-version: '^1.17'
+          go-version: '^1.21'
       - run: go install mvdan.cc/sh/v3/cmd/shfmt@latest
       - run: $(go env GOPATH)/bin/shfmt -f . | grep -v 'vendor' | xargs $(go env GOPATH)/bin/shfmt -bn -ci -s -w
       - name: suggester / shfmt

.github/workflows/scan.yml

@@ -1,22 +1,56 @@
 name: Scan docker
 on: [pull_request]
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: docker.io
+
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: perconalab/percona-server-mongodb-operator
+
 jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/[email protected]
-      - name: Build an image from Dockerfile
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build an image from Dockerfile (linux/arm64)
         run: |
-          export IMAGE=perconalab/percona-server-mongodb-operator:${{ github.sha }}
+          export IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64
           export DOCKER_PUSH=0
           export DOCKER_SQUASH=0
+          export DOCKER_DEFAULT_PLATFORM='linux/arm64'
           ./e2e-tests/build
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.13.1
+        uses: aquasecurity/trivy-action@0.16.1
         with:
-          image-ref: 'docker.io/perconalab/percona-server-mongodb-operator:${{ github.sha }}'
+          image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
+
+      - name: Build an image from Dockerfile (linux/amd64)
+        run: |
+          export IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64
+          export DOCKER_PUSH=0
+          export DOCKER_SQUASH=0
+          export DOCKER_DEFAULT_PLATFORM='linux/amd64'
+          ./e2e-tests/build
+
+      - name: Run Trivy vulnerability scanner image (linux/amd64)
+        uses: aquasecurity/[email protected]
+        with:
+          image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64'
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true

.github/workflows/test.yml

@@ -5,9 +5,9 @@ jobs:
     name: Test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/setup-go@v4
+      - uses: actions/setup-go@v5
         with:
-          go-version: '^1.19'
+          go-version: '^1.21'
       - uses: actions/[email protected]
       - name: go test
         run: go test -v ./...

Jenkinsfile

@@ -323,6 +323,7 @@ EOF
                                 docker login -u '${USER}' -p '${PASS}'
                                 export RELEASE=0
                                 export IMAGE=\$DOCKER_TAG
+                                docker buildx create --use
                                 ./e2e-tests/build
                                 docker logout
                             "
@@ -349,7 +350,7 @@ EOF
                             -v $WORKSPACE/src/github.com/percona/percona-server-mongodb-operator:/go/src/github.com/percona/percona-server-mongodb-operator \
                             -w /go/src/github.com/percona/percona-server-mongodb-operator \
                             -e GOFLAGS='-buildvcs=false' \
-                            golang:1.19 sh -c '
+                            golang:1.21 sh -c '
                                 go install github.com/google/[email protected];
                                 /go/bin/go-licenses csv github.com/percona/percona-server-mongodb-operator/cmd/manager \
                                     | cut -d , -f 3 \
@@ -377,7 +378,7 @@ EOF
                             -v $WORKSPACE/src/github.com/percona/percona-server-mongodb-operator:/go/src/github.com/percona/percona-server-mongodb-operator \
                             -w /go/src/github.com/percona/percona-server-mongodb-operator \
                             -e GOFLAGS='-buildvcs=false' \
-                            golang:1.19 sh -c 'go build -v -o percona-server-mongodb-operator github.com/percona/percona-server-mongodb-operator/cmd/manager'
+                            golang:1.21 sh -c 'go build -v -o percona-server-mongodb-operator github.com/percona/percona-server-mongodb-operator/cmd/manager'
                     "
                 '''
 

build/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.20 AS go_builder
+FROM golang:1.21 AS go_builder
 WORKDIR /go/src/github.com/percona/percona-server-mongodb-operator
 
 COPY . .
@@ -7,17 +7,16 @@ ARG GIT_COMMIT
 ARG GIT_BRANCH
 ARG GO_LDFLAGS
 ARG GOOS=linux
-ARG GOARCH=amd64
 ARG CGO_ENABLED=0
 
 RUN go mod download \
     && mkdir -p build/_output/bin \
-    && GOOS=$GOOS GOARCH=$GOARCH CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \
+    && GOOS=$GOOS CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \
        go build -ldflags "-w -s -X main.GitCommit=$GIT_COMMIT -X main.GitBranch=$GIT_BRANCH" \
            -o build/_output/bin/percona-server-mongodb-operator \
                cmd/manager/main.go \
     && cp -r build/_output/bin/percona-server-mongodb-operator /usr/local/bin/percona-server-mongodb-operator \
-    && GOOS=$GOOS GOARCH=$GOARCH CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \
+    && GOOS=$GOOS CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \
        go build -ldflags "-w -s -X main.GitCommit=$GIT_COMMIT -X main.GitBranch=$GIT_BRANCH" \
            -o build/_output/bin/mongodb-healthcheck \
                cmd/mongodb-healthcheck/main.go \

build/pbm-entry.sh

@@ -4,8 +4,8 @@ PBM_MONGODB_URI="mongodb://${PBM_AGENT_MONGODB_USERNAME}:${PBM_AGENT_MONGODB_PAS
 
 MONGO_SSL_DIR=/etc/mongodb-ssl
 if [[ -f "${MONGO_SSL_DIR}/tls.crt" ]] && [[ -f "${MONGO_SSL_DIR}/tls.key" ]]; then
-	cat "${MONGO_SSL_DIR}/tls.key" "${MONGO_SSL_DIR}/tls.crt" >/tmp/tls.pem
 	PBM_MONGODB_URI="${PBM_MONGODB_URI}&tls=true&tlsCertificateKeyFile=%2Ftmp%2Ftls.pem&tlsCAFile=${MONGO_SSL_DIR}%2Fca.crt&tlsInsecure=true"
+	cat "${MONGO_SSL_DIR}/tls.key" "${MONGO_SSL_DIR}/tls.crt" > /tmp/tls.pem
 fi
 
 export PBM_MONGODB_URI