#81 update makefiles and regenerate mocks

Makefile

@@ -3,7 +3,7 @@ ARTIFACT_ID=k8s-blueprint-operator
 VERSION=1.1.0
 IMAGE=cloudogu/${ARTIFACT_ID}:${VERSION}
 GOTAG=1.22
-MAKEFILES_VERSION=9.0.3
+MAKEFILES_VERSION=9.2.1
 LINT_VERSION=v1.55.2
 STAGE?=production
 

build/make/bats.mk

@@ -9,7 +9,7 @@ BATS_SUPPORT=$(BATS_LIBRARY_DIR)/bats-support
 BATS_FILE=$(BATS_LIBRARY_DIR)/bats-file
 BATS_BASE_IMAGE?=bats/bats
 BATS_CUSTOM_IMAGE?=cloudogu/bats
-BATS_TAG?=1.2.1
+BATS_TAG?=1.11.0
 BATS_DIR=build/make/bats
 BATS_WORKDIR="${WORKDIR}"/"${BATS_DIR}"
 

build/make/bats/Dockerfile

@@ -1,7 +1,9 @@
 ARG BATS_BASE_IMAGE
 ARG BATS_TAG
 
-FROM ${BATS_BASE_IMAGE}:${BATS_TAG}
+FROM ${BATS_BASE_IMAGE:-bats/bats}:${BATS_TAG:-1.11.0}
 
 # Make bash more findable by scripts and tests
 RUN apk add make git bash
+# suppress git "detected dubious ownership" error/warning for repos which are checked out later
+RUN git config --global --add safe.directory /workspace

build/make/build.mk

@@ -3,7 +3,7 @@
 ADDITIONAL_LDFLAGS?=-extldflags -static
 LDFLAGS?=-ldflags "$(ADDITIONAL_LDFLAGS) -X main.Version=$(VERSION) -X main.CommitID=$(COMMIT_ID)"
 GOIMAGE?=golang
-GOTAG?=1.14.13
+GOTAG?=1.22
 GOOS?=linux
 GOARCH?=amd64
 PRE_COMPILE?=

build/make/k8s-component.mk

@@ -2,7 +2,9 @@ COMPONENT_DEV_VERSION?=${VERSION}-dev
 
 include ${BUILD_DIR}/make/k8s.mk
 
-BINARY_HELM_ADDITIONAL_PUSH_ARGS?=--plain-http
+ifeq (${RUNTIME_ENV}, local)
+	BINARY_HELM_ADDITIONAL_PUSH_ARGS?=--plain-http
+endif
 BINARY_HELM_ADDITIONAL_PACK_ARGS?=
 BINARY_HELM_ADDITIONAL_UNINST_ARGS?=
 BINARY_HELM_ADDITIONAL_UPGR_ARGS?=
@@ -12,6 +14,9 @@ HELM_SOURCE_DIR ?= k8s/helm
 HELM_RELEASE_TGZ=${HELM_TARGET_DIR}/${ARTIFACT_ID}-${VERSION}.tgz
 HELM_DEV_RELEASE_TGZ=${HELM_TARGET_DIR}/${ARTIFACT_ID}-${COMPONENT_DEV_VERSION}.tgz
 HELM_ARTIFACT_NAMESPACE?=k8s
+ifeq (${RUNTIME_ENV}, remote)
+	HELM_ARTIFACT_NAMESPACE?=testing/k8s
+endif
 
 K8S_RESOURCE_COMPONENT ?= "${K8S_RESOURCE_TEMP_FOLDER}/component-${ARTIFACT_ID}-${VERSION}.yaml"
 K8S_RESOURCE_COMPONENT_CR_TEMPLATE_YAML ?= $(BUILD_DIR)/make/k8s-component.tpl
@@ -75,24 +80,24 @@ helm-update-dependencies: ${BINARY_HELM} ## Update Helm chart dependencies
 .PHONY: helm-apply
 helm-apply: ${BINARY_HELM} check-k8s-namespace-env-var ${IMAGE_IMPORT_TARGET} helm-generate ${HELM_PRE_APPLY_TARGETS} ## Generates and installs the Helm chart.
 	@echo "Apply generated helm chart"
-	@${BINARY_HELM} upgrade -i ${ARTIFACT_ID} ${HELM_TARGET_DIR} ${BINARY_HELM_ADDITIONAL_UPGR_ARGS} --namespace ${NAMESPACE}
+	@${BINARY_HELM} --kube-context="${KUBE_CONTEXT_NAME}" upgrade -i ${ARTIFACT_ID} ${HELM_TARGET_DIR} ${BINARY_HELM_ADDITIONAL_UPGR_ARGS} --namespace ${NAMESPACE}
 
 .PHONY: helm-delete
 helm-delete: ${BINARY_HELM} check-k8s-namespace-env-var ## Uninstalls the current Helm chart.
 	@echo "Uninstall helm chart"
-	@${BINARY_HELM} uninstall ${ARTIFACT_ID} --namespace=${NAMESPACE} ${BINARY_HELM_ADDITIONAL_UNINST_ARGS} || true
+	@${BINARY_HELM} --kube-context="${KUBE_CONTEXT_NAME}" uninstall ${ARTIFACT_ID} --namespace=${NAMESPACE} ${BINARY_HELM_ADDITIONAL_UNINST_ARGS} || true
 
 .PHONY: helm-reinstall
 helm-reinstall: helm-delete helm-apply ## Uninstalls the current helm chart and reinstalls it.
 
 .PHONY: helm-chart-import
 helm-chart-import: ${CHECK_VAR_TARGETS} helm-generate helm-package ${IMAGE_IMPORT_TARGET} ## Imports the currently available chart into the cluster-local registry.
 	@if [[ ${STAGE} == "development" ]]; then \
-		echo "Import ${HELM_DEV_RELEASE_TGZ} into K8s cluster ${K3CES_REGISTRY_URL_PREFIX}..."; \
-		${BINARY_HELM} push ${HELM_DEV_RELEASE_TGZ} oci://${K3CES_REGISTRY_URL_PREFIX}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
+		echo "Import ${HELM_DEV_RELEASE_TGZ} into K8s cluster ${CES_REGISTRY_HOST}..."; \
+		${BINARY_HELM} push ${HELM_DEV_RELEASE_TGZ} oci://${CES_REGISTRY_HOST}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
 	else \
-	  	echo "Import ${HELM_RELEASE_TGZ} into K8s cluster ${K3CES_REGISTRY_URL_PREFIX}..."; \
-        ${BINARY_HELM} push ${HELM_RELEASE_TGZ} oci://${K3CES_REGISTRY_URL_PREFIX}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
+	  	echo "Import ${HELM_RELEASE_TGZ} into K8s cluster ${CES_REGISTRY_HOST}..."; \
+        ${BINARY_HELM} push ${HELM_RELEASE_TGZ} oci://${CES_REGISTRY_HOST}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
     fi
 	@echo "Done."
 
@@ -115,7 +120,7 @@ ${HELM_RELEASE_TGZ}: ${BINARY_HELM} ${HELM_TARGET_DIR}/Chart.yaml ${HELM_POST_GE
 .PHONY: helm-delete-existing-tgz
 helm-delete-existing-tgz: ## Remove an existing Helm package from the target directory.
 	@echo "Delete ${HELM_RELEASE_TGZ}*"
-	@rm -f ${HELM_RELEASE_TGZ}*
+	@rm -f ${HELM_TARGET_DIR}/${ARTIFACT_ID}-*.tgz
 
 ##@ K8s - Helm lint targets
 
@@ -138,12 +143,12 @@ ${K8S_RESOURCE_COMPONENT_CR_TEMPLATE_YAML}: ${K8S_RESOURCE_TEMP_FOLDER}
 
 .PHONY: component-apply
 component-apply: check-k8s-namespace-env-var ${COMPONENT_PRE_APPLY_TARGETS} ${IMAGE_IMPORT_TARGET} helm-generate helm-chart-import component-generate ## Applies the component yaml resource to the actual defined context.
-	@kubectl apply -f "${K8S_RESOURCE_COMPONENT}" --namespace="${NAMESPACE}"
+	@kubectl apply -f "${K8S_RESOURCE_COMPONENT}" --namespace="${NAMESPACE}" --context="${KUBE_CONTEXT_NAME}"
 	@echo "Done."
 
 .PHONY: component-delete
 component-delete: check-k8s-namespace-env-var component-generate $(K8S_POST_GENERATE_TARGETS) ## Deletes the component yaml resource from the actual defined context.
-	@kubectl delete -f "${K8S_RESOURCE_COMPONENT}" --namespace="${NAMESPACE}" || true
+	@kubectl delete -f "${K8S_RESOURCE_COMPONENT}" --namespace="${NAMESPACE}" --context="${KUBE_CONTEXT_NAME}" || true
 	@echo "Done."
 
 .PHONY: component-reinstall

build/make/k8s-crd.mk

@@ -62,19 +62,19 @@ validate-crd-chart:
 .PHONY: crd-helm-apply
 crd-helm-apply: ${BINARY_HELM} check-k8s-namespace-env-var crd-helm-generate ## Generates and installs the Helm CRD chart.
 	@echo "Apply generated Helm CRD chart"
-	@${BINARY_HELM} upgrade -i ${ARTIFACT_CRD_ID} ${HELM_CRD_TARGET_DIR} ${BINARY_HELM_ADDITIONAL_UPGR_ARGS} --namespace ${NAMESPACE}
+	@${BINARY_HELM} --kube-context="${KUBE_CONTEXT_NAME}" upgrade -i ${ARTIFACT_CRD_ID} ${HELM_CRD_TARGET_DIR} ${BINARY_HELM_ADDITIONAL_UPGR_ARGS} --namespace ${NAMESPACE}
 
 .PHONY: crd-helm-delete
 crd-helm-delete: ${BINARY_HELM} check-k8s-namespace-env-var ## Uninstalls the current Helm CRD chart.
 	@echo "Uninstall Helm CRD chart"
-	@${BINARY_HELM} uninstall ${ARTIFACT_CRD_ID} --namespace=${NAMESPACE} ${BINARY_HELM_ADDITIONAL_UNINST_ARGS} || true
+	@${BINARY_HELM} --kube-context="${KUBE_CONTEXT_NAME}" uninstall ${ARTIFACT_CRD_ID} --namespace=${NAMESPACE} ${BINARY_HELM_ADDITIONAL_UNINST_ARGS} || true
 
 .PHONY: crd-helm-package
 crd-helm-package: crd-helm-delete-existing-tgz ${HELM_CRD_RELEASE_TGZ} ## Generates and packages the Helm CRD chart.
 
 .PHONY: crd-helm-delete-existing-tgz
 crd-helm-delete-existing-tgz: ## Remove an existing Helm CRD package.
-	@rm -f ${HELM_CRD_RELEASE_TGZ}*
+	@rm -f ${HELM_CRD_TARGET_DIR}/${ARTIFACT_CRD_ID}-*.tgz
 
 ${HELM_CRD_RELEASE_TGZ}: ${BINARY_HELM} crd-helm-generate ## Generates and packages the Helm CRD chart.
 	@echo "Package generated helm crd-chart"
@@ -83,11 +83,11 @@ ${HELM_CRD_RELEASE_TGZ}: ${BINARY_HELM} crd-helm-generate ## Generates and packa
 .PHONY: crd-helm-chart-import
 crd-helm-chart-import: ${CHECK_VAR_TARGETS} check-k8s-artifact-id crd-helm-generate crd-helm-package ## Imports the currently available Helm CRD chart into the cluster-local registry.
 	@if [[ ${STAGE} == "development" ]]; then \
-		echo "Import ${HELM_CRD_DEV_RELEASE_TGZ} into K8s cluster ${K3CES_REGISTRY_URL_PREFIX}..."; \
-		${BINARY_HELM} push ${HELM_CRD_DEV_RELEASE_TGZ} oci://${K3CES_REGISTRY_URL_PREFIX}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
+		echo "Import ${HELM_CRD_DEV_RELEASE_TGZ} into K8s cluster ${CES_REGISTRY_HOST}..."; \
+		${BINARY_HELM} push ${HELM_CRD_DEV_RELEASE_TGZ} oci://${CES_REGISTRY_HOST}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
 	else \
-	  	echo "Import ${HELM_CRD_RELEASE_TGZ} into K8s cluster ${K3CES_REGISTRY_URL_PREFIX}..."; \
-        ${BINARY_HELM} push ${HELM_CRD_RELEASE_TGZ} oci://${K3CES_REGISTRY_URL_PREFIX}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
+	  	echo "Import ${HELM_CRD_RELEASE_TGZ} into K8s cluster ${CES_REGISTRY_HOST}..."; \
+        ${BINARY_HELM} push ${HELM_CRD_RELEASE_TGZ} oci://${CES_REGISTRY_HOST}/${HELM_ARTIFACT_NAMESPACE} ${BINARY_HELM_ADDITIONAL_PUSH_ARGS}; \
     fi
 	@echo "Done."
 
@@ -106,10 +106,10 @@ crd-component-generate: ${K8S_RESOURCE_TEMP_FOLDER} ## Generate the CRD componen
 
 .PHONY: crd-component-apply
 crd-component-apply: check-k8s-namespace-env-var crd-helm-chart-import crd-component-generate ## Applies the CRD component YAML resource to the actual defined context.
-	@kubectl apply -f "${K8S_RESOURCE_CRD_COMPONENT}" --namespace="${NAMESPACE}"
+	@kubectl apply -f "${K8S_RESOURCE_CRD_COMPONENT}" --namespace="${NAMESPACE}" --context="${KUBE_CONTEXT_NAME}"
 	@echo "Done."
 
 .PHONY: crd-component-delete
 crd-component-delete: check-k8s-namespace-env-var crd-component-generate ## Deletes the CRD component YAML resource from the actual defined context.
-	@kubectl delete -f "${K8S_RESOURCE_CRD_COMPONENT}" --namespace="${NAMESPACE}" || true
+	@kubectl delete -f "${K8S_RESOURCE_CRD_COMPONENT}" --namespace="${NAMESPACE}" --context="${KUBE_CONTEXT_NAME}" || true
 	@echo "Done."

build/make/k8s-dogu.mk

@@ -10,8 +10,6 @@ ARTIFACT_NAMESPACE=$(shell $(BINARY_YQ) -oy -e ".Name" $(DOGU_JSON_FILE) | sed "
 VERSION=$(shell $(BINARY_YQ) -oy -e ".Version" $(DOGU_JSON_FILE))
 # Image of the dogu is extracted from the dogu.json
 IMAGE=$(shell $(BINARY_YQ) -oy -e ".Image" $(DOGU_JSON_FILE)):$(VERSION)
-IMAGE_DEV_WITHOUT_TAG=$(shell $(BINARY_YQ) -oy -e ".Image" $(DOGU_JSON_FILE) | sed "s|registry\.cloudogu\.com\(.\+\)|${K3CES_REGISTRY_URL_PREFIX}\1|g")
-IMAGE_DEV=${IMAGE_DEV_WITHOUT_TAG}
 
 include $(BUILD_DIR)/make/k8s.mk
 
@@ -37,13 +35,13 @@ create-dogu-resource: ${BINARY_YQ} $(K8S_RESOURCE_TEMP_FOLDER)
 
 .PHONY: apply-dogu-resource
 apply-dogu-resource:
-	@kubectl apply -f "$(K8S_RESOURCE_DOGU)"
+	@kubectl --context="${KUBE_CONTEXT_NAME}" --namespace=${NAMESPACE} apply -f "$(K8S_RESOURCE_DOGU)"
 
 ##@ K8s - Dogu
 
 .PHONY: install-dogu-descriptor
 install-dogu-descriptor: ${BINARY_YQ} $(TARGET_DIR) ## Installs a configmap with current dogu.json into the cluster.
 	@echo "Generate configmap from dogu.json..."
-	@$(BINARY_YQ) -oj ".Image=\"${IMAGE_DEV_WITHOUT_TAG}\"" ${DOGU_JSON_FILE} > ${DOGU_JSON_DEV_FILE}
-	@kubectl create configmap "$(ARTIFACT_ID)-descriptor" --from-file=$(DOGU_JSON_DEV_FILE) --dry-run=client -o yaml | kubectl apply -f - --namespace=${NAMESPACE}
+	@$(BINARY_YQ) -oj ".Image=\"${IMAGE_DEV}\" | .Version=\"${VERSION}\""  ${DOGU_JSON_FILE} > ${DOGU_JSON_DEV_FILE}
+	@kubectl --context="${KUBE_CONTEXT_NAME}" create configmap "$(ARTIFACT_ID)-descriptor" --from-file=$(DOGU_JSON_DEV_FILE) --dry-run=client -o yaml | kubectl --context="${KUBE_CONTEXT_NAME}" --namespace=${NAMESPACE} apply -f -
 	@echo "Done."

build/make/k8s.mk

@@ -22,14 +22,48 @@ SHELL = /usr/bin/env bash -o pipefail
 IMAGE ?=
 
 # Set production as default stage. Use "development" as stage in your .env file to generate artifacts
-# with development images pointing to K3S_CLUSTER_FQDN.
+# with development images pointing to CES_REGISTRY_URL_PREFIX.
 STAGE?=production
+
+# Set the "local" as runtime-environment, to push images to the container-registry of the local cluster and to apply resources to the local cluster.
+# Use "remote" as runtime-environment in your .env file to push images to the container-registry at "registry.cloudogu.com/testing" and to apply resources to the configured kubernetes-context in KUBE_CONTEXT_NAME.
+RUNTIME_ENV?=local
+$(info RUNTIME_ENV=$(RUNTIME_ENV))
+
+# The host and port of the local cluster
 K3S_CLUSTER_FQDN?=k3ces.local
 K3S_LOCAL_REGISTRY_PORT?=30099
-K3CES_REGISTRY_URL_PREFIX="${K3S_CLUSTER_FQDN}:${K3S_LOCAL_REGISTRY_PORT}"
+
+# The URL of the container-registry to use. Defaults to the registry of the local-cluster.
+# If RUNTIME_ENV is "remote" it is "registry.cloudogu.com/testing"
+CES_REGISTRY_HOST?="${K3S_CLUSTER_FQDN}:${K3S_LOCAL_REGISTRY_PORT}"
+CES_REGISTRY_NAMESPACE ?=
+ifeq (${RUNTIME_ENV}, remote)
+	CES_REGISTRY_HOST="registry.cloudogu.com"
+	CES_REGISTRY_NAMESPACE="/testing"
+endif
+$(info CES_REGISTRY_HOST=$(CES_REGISTRY_HOST))
+
+# The name of the kube-context to use for applying resources.
+# If KUBE_CONTEXT_NAME is empty and RUNTIME_ENV is "remote" the currently configured kube-context is used.
+# If KUBE_CONTEXT_NAME is empty and RUNTIME_ENV is not "remote" the "k3ces.local" is used as kube-context.
+ifeq (${KUBE_CONTEXT_NAME}, )
+	ifeq (${RUNTIME_ENV}, remote)
+		KUBE_CONTEXT_NAME = $(shell kubectl config current-context)
+	else
+		KUBE_CONTEXT_NAME = k3ces.local
+	endif
+endif
+$(info KUBE_CONTEXT_NAME=$(KUBE_CONTEXT_NAME))
+
+# The git branch-name in lowercase, shortened to 63 bytes, and with everything except 0-9 and a-z replaced with -. No leading / trailing -.
+GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | tr '[:upper:]' '[:lower:]' | sed -E 's/[^a-z0-9]+/-/g; s/^-+|-+$$//g' | cut -c1-63)
+# The short git commit-hash
+GIT_HASH := $(shell git rev-parse --short HEAD)
+
 ## Image URL to use all building/pushing image targets
-IMAGE_DEV?=${K3CES_REGISTRY_URL_PREFIX}/${ARTIFACT_ID}
-IMAGE_DEV_VERSION=${IMAGE_DEV}:${VERSION}
+IMAGE_DEV?=$(CES_REGISTRY_HOST)$(CES_REGISTRY_NAMESPACE)/$(ARTIFACT_ID)/$(GIT_BRANCH)
+IMAGE_DEV_VERSION=$(IMAGE_DEV):$(VERSION)
 
 # Variables for the temporary yaml files. These are used as template to generate a development resource containing
 # the current namespace and the dev image.
@@ -64,13 +98,36 @@ check-k8s-artifact-id:
 
 .PHONY: check-etc-hosts
 check-etc-hosts:
-	@grep -E "^.+\s+${K3S_CLUSTER_FQDN}\$$" /etc/hosts > /dev/null || \
-		(echo "Missing /etc/hosts entry for ${K3S_CLUSTER_FQDN}" && exit 1)
+	@if [[ ${RUNTIME_ENV} == "local" ]]; then \
+		grep -E "^.+\s+${K3S_CLUSTER_FQDN}\$$" /etc/hosts > /dev/null || \
+      		(echo "Missing /etc/hosts entry for ${K3S_CLUSTER_FQDN}" && exit 1) \
+	fi
 
 .PHONY: check-insecure-cluster-registry
 check-insecure-cluster-registry:
-	@grep "${K3CES_REGISTRY_URL_PREFIX}" /etc/docker/daemon.json > /dev/null || \
-		(echo "Missing /etc/docker/daemon.json for ${K3CES_REGISTRY_URL_PREFIX}" && exit 1)
+	@if [[ ${RUNTIME_ENV} == "local" ]]; then \
+		grep "${CES_REGISTRY_HOST}" /etc/docker/daemon.json > /dev/null || \
+			(echo "Missing /etc/docker/daemon.json for ${CES_REGISTRY_HOST}" && exit 1) \
+	fi
+
+# If the RUNTIME_ENV is "remote" checks if the current docker-client has credentials for CES_REGISTRY_HOST
+# If no credentials could be found, the credentials are queried and docker-login is performed
+check-docker-credentials:
+	@if [[ "$(RUNTIME_ENV)" == "remote" ]]; then \
+		if ! grep -q $(CES_REGISTRY_HOST) ~/.docker/config.json ; then \
+			echo "Error: Docker is not logged in to $(CES_REGISTRY_HOST)"; \
+			read -p "Enter Docker Username for $(CES_REGISTRY_HOST): " username; \
+			read -sp "Enter Docker Password for $(CES_REGISTRY_HOST): " password; \
+			echo ""; \
+			echo "$$password" | docker login -u "$$username" --password-stdin $(CES_REGISTRY_HOST); \
+			if [ $$? -eq 0 ]; then \
+				echo "Docker login to $(CES_REGISTRY_HOST) successful"; \
+			else \
+				echo "Docker login to $(CES_REGISTRY_HOST) failed"; \
+				exit 1; \
+			fi \
+		fi \
+	fi
 
 ##@ K8s - Resources
 
@@ -81,7 +138,7 @@ ${K8S_RESOURCE_TEMP_FOLDER}:
 ##@ K8s - Docker
 
 .PHONY: docker-build
-docker-build: check-k8s-image-env-var ## Builds the docker image of the K8s app.
+docker-build: check-docker-credentials check-k8s-image-env-var ${BINARY_YQ} ## Builds the docker image of the K8s app.
 	@echo "Building docker image $(IMAGE)..."
 	@DOCKER_BUILDKIT=1 docker build . -t $(IMAGE)
 
@@ -93,13 +150,13 @@ docker-dev-tag: check-k8s-image-dev-var docker-build ## Tags a Docker image for
 .PHONY: check-k8s-image-dev-var
 check-k8s-image-dev-var:
 ifeq (${IMAGE_DEV},)
-	@echo "Missing make variable IMAGE_DEV detected. It should look like \$${K3CES_REGISTRY_URL_PREFIX}/docker-image:tag"
+	@echo "Missing make variable IMAGE_DEV detected. It should look like \$${CES_REGISTRY_HOST}/docker-image:tag"
 	@exit 19
 endif
 
 .PHONY: image-import
-image-import: check-all-vars check-k8s-artifact-id docker-dev-tag ## Imports the currently available image into the cluster-local registry.
-	@echo "Import $(IMAGE_DEV_VERSION) into K8s cluster ${K3S_CLUSTER_FQDN}..."
+image-import: check-all-vars check-k8s-artifact-id docker-dev-tag ## Imports the currently available image into the configured ces-registry.
+	@echo "Import $(IMAGE_DEV_VERSION) into K8s cluster ${KUBE_CONTEXT_NAME}..."
 	@docker push $(IMAGE_DEV_VERSION)
 	@echo "Done."
 
@@ -145,4 +202,4 @@ ENVTEST = $(UTILITY_BIN_PATH)/setup-envtest
 envtest: ${ENVTEST} ## Download envtest-setup locally if necessary.
 
 ${ENVTEST}:
-	$(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)
+	$(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)

build/make/static-analysis.mk

@@ -2,14 +2,14 @@
 
 STATIC_ANALYSIS_DIR=$(TARGET_DIR)/static-analysis
 GOIMAGE?=golang
-GOTAG?=1.18
+GOTAG?=1.22
 CUSTOM_GO_MOUNT?=-v /tmp:/tmp
 
 REVIEW_DOG=$(TMP_DIR)/bin/reviewdog
 LINT=$(TMP_DIR)/bin/golangci-lint
-LINT_VERSION?=v1.49.0
+LINT_VERSION?=v1.58.2
 # ignore tests and mocks
-LINTFLAGS=--tests=false --skip-files="^.*_mock.go$$" --skip-files="^.*/mock.*.go$$" --timeout 10m --issues-exit-code 0
+LINTFLAGS=--tests=false --exclude-files="^.*_mock.go$$" --exclude-files="^.*/mock.*.go$$" --timeout 10m --issues-exit-code 0
 ADDITIONAL_LINTER=-E bodyclose -E containedctx -E contextcheck -E decorder -E dupl -E errname -E forcetypeassert -E funlen -E unparam
 
 .PHONY: static-analysis

build/make/vulnerability-scan.mk

@@ -0,0 +1,13 @@
+##@ Vulnerability scan
+
+GOVULNCHECK_BIN=${UTILITY_BIN_PATH}/govulncheck
+GOVULNCHECK_VERSION?=latest
+
+${GOVULNCHECK_BIN}: ${UTILITY_BIN_PATH}
+	$(call go-get-tool,$(GOVULNCHECK_BIN),golang.org/x/vuln/cmd/govulncheck@$(GOVULNCHECK_VERSION))
+
+.PHONY: govulncheck
+govulncheck: ${GOVULNCHECK_BIN} ## This target is used to scan the go repository against known vulnerabilities
+	@echo "Start vulnerability against repository"
+	${GOVULNCHECK_BIN} -show verbose ./...
+	@echo "Finished scan"