chore(repo): removing lts support (#1361)

* chore(repo): removing lts support

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>

.github/workflows/coverage.yml

@@ -79,6 +79,6 @@ jobs:
         if: ${{ steps.checksecret.outputs.result == 'true' }}
         uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5.3.1
         with:
-          file: ./coverage.out
+          files: ./coverage.out
           fail_ci_if_error: true
           verbose: true

.github/workflows/e2e.yml

@@ -21,21 +21,9 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  kind:
-    name: Kubernetes
-    strategy:
-      fail-fast: false
-      matrix:
-        k8s-version:
-          - "v1.24.7"
-          - "v1.25.3"
-          - "v1.26.3"
-          - "v1.27.2"
-          - "v1.28.0"
-          - "v1.29.0"
-          - "v1.30.0"
-          - "v1.31.0"
-    runs-on: ubuntu-24.04
+  e2e:
+    name: E2E Testing
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
@@ -46,5 +34,14 @@ jobs:
       - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4
         with:
           version: v3.14.2
-      - name: e2e testing
-        run: KIND_K8S_VERSION=${{ matrix.k8s-version }} make e2e
+      - name: unit tracing
+        run: sudo make trace-unit
+      - name: e2e tracing
+        run: sudo make trace-e2e
+      - name: build seccomp profile
+        run: make seccomp
+      - name: upload artifact
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        with:
+          name: capsule-seccomp
+          path: capsule-seccomp.json

.github/workflows/helm-test.yml

@@ -5,6 +5,11 @@ on:
   pull_request:
     branches:
       - "main"
+    paths:
+      - '.github/configs/**'
+      - '.github/workflows/helm-*.yml'
+      - 'charts/**'
+      - 'Makefile'
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -31,18 +36,9 @@ jobs:
       - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4
       - name: Linting Chart
         run: helm lint ./charts/capsule
-      - name: Setup Chart Linting
-        id: lint
-        uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0
-      - name: Run chart-testing (list-changed)
-        id: list-changed
-        run: |
-          changed=$(ct list-changed --config ./.github/configs/ct.yaml)
-          if [[ -n "$changed" ]]; then
-            echo "::set-output name=changed::true"
-          fi
+
       - name: Run chart-testing (lint)
-        run: ct lint --debug --config ./.github/configs/ct.yaml --lint-conf ./.github/configs/lintconf.yaml
+        run: make helm-lint
 
       - name: Run docs-testing (helm-docs)
         id: helm-docs
@@ -68,4 +64,3 @@ jobs:
           fi
       - name: Run chart-testing (install)
         run: HELM_KIND_CONFIG="./hack/kind-cluster.yml" make helm-test
-        if: steps.list-changed.outputs.changed == 'true'

.github/workflows/lint.yml

@@ -49,8 +49,4 @@ jobs:
         with:
           go-version-file: 'go.mod'
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@e60da84bfae8c7920a47be973d75e15710aa8bd7 # v6.3.0
-        with:
-          version: v1.56.2
-          only-new-issues: false
-          args: --timeout 5m --config .golangci.yml
+        run: make golint

.github/workflows/seccomp.yaml

@@ -1,53 +0,0 @@
-name: seccomp
-permissions: {}
-
-on:
-  pull_request:
-    branches:
-      - "*"
-    paths:
-      - '.github/workflows/e2e.yml'
-      - 'api/**'
-      - 'controllers/**'
-      - 'pkg/**'
-      - 'e2e/*'
-      - '.ko.yaml'
-      - 'Dockerfile.tracing'
-      - 'go.*'
-      - 'main.go'
-      - 'Makefile'
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  seccomp-generation:
-    name: Seccomp Generation
-    strategy:
-      fail-fast: false
-      matrix:
-        k8s-version:
-          - "v1.30.0"
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          fetch-depth: 0
-      - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
-        with:
-          go-version-file: 'go.mod'
-      - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4
-        with:
-          version: v3.14.2
-      - name: unit tracing
-        run: sudo make trace-unit
-      - name: e2e tracing
-        run: sudo KIND_K8S_VERSION=${{ matrix.k8s-version }} make trace-e2e
-      - name: build seccomp profile
-        run: make seccomp
-      - name: upload artifact
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
-        with:
-          name: capsule-seccomp
-          path: capsule-seccomp.json

.golangci.yml

@@ -1,6 +1,4 @@
 linters-settings:
-  govet:
-    check-shadowing: true
   dupl:
     threshold: 100
   goconst:
@@ -32,37 +30,31 @@ linters-settings:
 linters:
   enable-all: true
   disable:
+    - err113
     - depguard
     - perfsprint
     - funlen
     - gochecknoinits
     - lll
-    - exhaustivestruct
-    - maligned
-    - interfacer
-    - scopelint
-    - golint
     - gochecknoglobals
-    - goerr113
-    - gomnd
+    - mnd
+    - nilnil
+    - recvcheck
+    - unparam
     - paralleltest
     - ireturn
     - testpackage
     - varnamelen
     - wrapcheck
     - exhaustruct
-    - varcheck
-    - structcheck
-    - nosnakecase
-    - deadcode
-    - ifshort
     - nonamedreturns
-run:
-  timeout: 3m
-  allow-parallel-runners: true
-  tests: false
-  skip-files:
+issues:
+  exclude-files:
     - "zz_.*\\.go$"
     - ".+\\.generated.go"
     - ".+_test.go"
     - ".+_test_.+.go"
+run:
+  timeout: 3m
+  allow-parallel-runners: true
+  tests: false

.goreleaser.yml

@@ -31,8 +31,6 @@ builds:
 release:
   prerelease: auto
   footer: |
-    Thanks to all the contributors!
-
     **Full Changelog**: https://github.com/projectcapsule/{{ .ProjectName }}/compare/{{ .PreviousTag }}...{{ .Tag }}
 
     **Docker Images**
@@ -45,6 +43,19 @@ release:
     - `ghcr.io/projectcapsule/charts/{{ .ProjectName }}:{{ .Version }}`
 
     [Review the Major Changes section first before upgrading to a new version](https://artifacthub.io/packages/helm/projectcapsule/capsule/{{ .Version }}#major-changes)
+
+    **Kubernetes compatibility**
+
+    [!IMPORTANT]
+    Note that the Capsule project offers support only for the latest minor version of Kubernetes.
+    Backwards compatibility with older versions of Kubernetes and OpenShift is [offered by vendors](https://projectcapsule.dev/support/).
+
+    | Kubernetes version | Minimum required |
+    |--------------------|------------------|
+    | `v1.31`            | `>= 1.31.0`      |
+
+
+    Thanks to all the contributors! 🚀 🦄
   extra_files:
     - glob: ./capsule-seccomp.json
 checksum:

Makefile

@@ -18,6 +18,9 @@ IMG             ?= $(IMG_BASE):$(VERSION)
 CAPSULE_IMG     ?= $(REGISTRY)/$(IMG_BASE)
 CLUSTER_NAME    ?= capsule
 
+## Kubernetes Version Support
+KUBERNETES_SUPPORTED_VERSION ?= "v1.31.0"
+
 ## Tool Binaries
 KUBECTL ?= kubectl
 HELM ?= helm
@@ -68,6 +71,10 @@ generate: controller-gen
 # Helm
 SRC_ROOT = $(shell git rev-parse --show-toplevel)
 
+helm-controller-version:
+	$(eval VERSION := $(shell grep 'appVersion:' charts/capsule/Chart.yaml | awk '{print "v"$$2}'))
+	$(eval KO_TAGS := $(shell grep 'appVersion:' charts/capsule/Chart.yaml | awk '{print "v"$$2}'))
+
 helm-docs: helm-doc
 	$(HELM_DOCS) --chart-search-root ./charts
 
@@ -78,27 +85,21 @@ helm-schema: helm-plugin-schema
 	cd charts/capsule && $(HELM) schema -output values.schema.json
 
 helm-test: HELM_KIND_CONFIG ?= ""
-helm-test: kind ct ko-build-all
+helm-test: kind
 	@mkdir -p /tmp/results || true
-	@$(KIND) create cluster --wait=60s --name capsule-charts --image kindest/node:$${KIND_K8S_VERSION:-v1.27.0} --config $(HELM_KIND_CONFIG)
+	@$(KIND) create cluster --wait=60s --name capsule-charts --image kindest/node:$(KUBERNETES_SUPPORTED_VERSION) --config $(HELM_KIND_CONFIG)
 	@make helm-test-exec
 	@$(KIND) delete cluster --name capsule-charts
 
-helm-test-exec: kind
+helm-test-exec: ct helm-controller-version ko-build-all
 	$(MAKE) docker-build-capsule-trace
-	$(MAKE) e2e-load-image CLUSTER_NAME=capsule-charts IMAGE=$(CAPSULE_IMG) VERSION=latest
+	$(MAKE) e2e-load-image CLUSTER_NAME=capsule-charts IMAGE=$(CAPSULE_IMG) VERSION=v0.0.0
 	$(MAKE) e2e-load-image CLUSTER_NAME=capsule-charts IMAGE=$(CAPSULE_IMG) VERSION=tracing
 	@$(KUBECTL) create ns capsule-system || true
-	@$(KUBECTL) apply --server-side=true -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
-	@$(KUBECTL) apply --server-side=true -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.58.0/bundle.yaml
+	@$(KUBECTL) apply --force-conflicts --server-side=true -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.crds.yaml
+	@$(KUBECTL) apply --force-conflicts --server-side=true -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.58.0/bundle.yaml
 	@$(CT) install --config $(SRC_ROOT)/.github/configs/ct.yaml --namespace=capsule-system --all --debug
 
-docker:
-	@hash docker 2>/dev/null || {\
-		echo "You need docker" &&\
-		exit 1;\
-	}
-
 # Setup development env
 # Usage:
 # 	LAPTOP_HOST_IP=<YOUR_LAPTOP_IP> make dev-setup
@@ -224,11 +225,11 @@ e2e: ginkgo
 	$(MAKE) e2e-build && $(MAKE) e2e-exec && $(MAKE) e2e-destroy
 
 e2e-build: kind
-	$(KIND) create cluster --wait=60s --name $(CLUSTER_NAME) --image kindest/node:$${KIND_K8S_VERSION:-v1.27.0}
+	$(KIND) create cluster --wait=60s --name $(CLUSTER_NAME) --image kindest/node:$(KUBERNETES_SUPPORTED_VERSION)
 	$(MAKE) e2e-install
 
 .PHONY: e2e-install
-e2e-install:
+e2e-install: ko-build-all
 	$(MAKE) e2e-load-image CLUSTER_NAME=$(CLUSTER_NAME) IMAGE=$(CAPSULE_IMG) VERSION=$(VERSION)
 	$(HELM) upgrade \
 	    --dependency-update \
@@ -262,7 +263,7 @@ trace-install:
 .PHONY: trace-e2e
 trace-e2e: kind
 	$(MAKE) docker-build-capsule-trace
-	$(KIND) create cluster --wait=60s --image kindest/node:$${KIND_K8S_VERSION:-v1.27.0} --config hack/kind-cluster.yml
+	$(KIND) create cluster --wait=60s --image kindest/node:$(KUBERNETES_SUPPORTED_VERSION) --config hack/kind-cluster.yml
 	$(MAKE) e2e-load-image CLUSTER_NAME=capsule-tracing IMAGE=$(CAPSULE_IMG) VERSION=tracing
 	$(MAKE) trace-install
 	$(MAKE) e2e-exec
@@ -278,7 +279,7 @@ seccomp:
 	$(HARPOON) build --add-syscall-sets=dynamic,docker -D /tmp/results --name capsule-seccomp.json --save
 
 .PHONY: e2e-load-image
-e2e-load-image: kind ko-build-all
+e2e-load-image: kind
 	$(KIND) load docker-image $(IMAGE):$(VERSION) --name $(CLUSTER_NAME)
 
 .PHONY: e2e-exec

charts/capsule/Chart.yaml

@@ -25,9 +25,9 @@ name: capsule
 sources:
 - https://github.com/projectcapsule/capsule
 # Note: The version is overwritten by the release workflow.
-version: 0.6.0
+version: 0.0.0
 # Note: The version is overwritten by the release workflow.
-appVersion: 0.5.0
+appVersion: 0.0.0
 annotations:
   artifacthub.io/operator: "true"
   artifacthub.io/prerelease: "false"