KRA-1027 - change release name generation to avoid conflicts (#156)

* chore: moved cdc specific functions from runtime to internal library

* feat: implement deterministic release name generation to avoid conflicts

* chore: update deps

* docs: update Helm release name logic to avoid conflicts in different namespaces

* feat: enhance release name generation to handle missing UID by generating a random suffix

* refactor: remove logging dependency from handler and update context usage in HTTP tracing

* chore: update unstructured-runtime dependency to v0.3.0

* fix: update tracer initialization to use verbose mode based on metadata

Author: matteogastaldello

README.md

@@ -3,11 +3,23 @@ The composition-dynamic-controller is an operator that is instantiated by the [c
 
 ## Summary
 
-- [Summary](#summary)
-- [Architecture](#architecture)
-- [Overview](#overview)
-- [Examples](#examples)
-- [Configuration](#configuration)
+- [Composition Dynamic Controller](#composition-dynamic-controller)
+  - [Summary](#summary)
+  - [Architecture](#architecture)
+  - [Workflow](#workflow)
+    - [Composition Dynamic Controller (CDC) \& Chart Inspector: Secure Helm Lifecycle Management](#composition-dynamic-controller-cdc--chart-inspector-secure-helm-lifecycle-management)
+      - [Core CDC Workflow (with Chart Inspector Integration)](#core-cdc-workflow-with-chart-inspector-integration)
+    - [Key Capabilities Enabled by This Collaboration](#key-capabilities-enabled-by-this-collaboration)
+    - [Why This Architecture Matters](#why-this-architecture-matters)
+    - [Real-World Example: Handling a Breaking Chart Change](#real-world-example-handling-a-breaking-chart-change)
+  - [Helm Release Name Logic](#helm-release-name-logic)
+    - [Prior Versions (\<= 0.19.9)](#prior-versions--0199)
+    - [Subsequent Versions (\>= 0.20.0)](#subsequent-versions--0200)
+  - [Composition Dynamic Controller Values Injection](#composition-dynamic-controller-values-injection)
+    - [About the `gracefullyPaused` value](#about-the-gracefullypaused-value)
+  - [Configuration](#configuration)
+    - [Operator Env Vars](#operator-env-vars)
+
 
 
 ## Architecture
@@ -18,11 +30,11 @@ The composition-dynamic-controller is an operator that is instantiated by the [c
 
 ![composition-dynamic-controller State Diagram](_diagrams/composition-dynamic-controller-flow.png "composition-dynamic-controller  State Diagram")
 
-### **Composition Dynamic Controller (CDC) & Chart Inspector: Secure Helm Lifecycle Management**
+### Composition Dynamic Controller (CDC) & Chart Inspector: Secure Helm Lifecycle Management
 
 The **Composition Dynamic Controller (CDC)** is a specialized Kubernetes operator that orchestrates the end-to-end lifecycle of Krateo compositions. Acting as the reconciliation engine for Composition custom resources, it bridges declarative application definitions with Helm’s packaging system through intelligent automation. The **Chart Inspector** serves as its "safety advisor," enabling proactive decision-making via dry-run analysis.
 
-#### **Core CDC Workflow (with Chart Inspector Integration)**
+#### Core CDC Workflow (with Chart Inspector Integration)
 1. **Reconciliation Trigger**  
    - Watches for changes to `Composition` CRs or Helm chart versions.  
    - Invokes the **Chart Inspector** to simulate installations/upgrades *before* execution.
@@ -43,7 +55,7 @@ The **Composition Dynamic Controller (CDC)** is a specialized Kubernetes operato
 
 ---
 
-### **Key Capabilities Enabled by This Collaboration**
+### Key Capabilities Enabled by This Collaboration
 
 | **Feature**                | **CDC’s Role**                          | **Chart Inspector’s Contribution**                  |
 |----------------------------|-----------------------------------------|----------------------------------------------------|
@@ -55,7 +67,7 @@ The **Composition Dynamic Controller (CDC)** is a specialized Kubernetes operato
 
 ---
 
-### **Why This Architecture Matters**
+### Why This Architecture Matters
 1. **Safety Net**  
    - The Chart Inspector’s dry-run prevents "helm surprises" (e.g., undeclared CRD creations or namespace pollution).  
    - Example: Blocks a chart upgrade if the new version requires a `ClusterRole` the CDC isn’t authorized to manage.
@@ -70,7 +82,7 @@ The **Composition Dynamic Controller (CDC)** is a specialized Kubernetes operato
 
 ---
 
-### **Real-World Example: Handling a Breaking Chart Change**
+### Real-World Example: Handling a Breaking Chart Change
 1. **Scenario**: A Helm chart v1.2.0 introduces a new `CustomResourceDefinition` (CRD).  
 2. **CDC+Inspector Flow**:  
    - **Dry-run** detects the new CRD and its required API group permissions.  
@@ -79,6 +91,33 @@ The **Composition Dynamic Controller (CDC)** is a specialized Kubernetes operato
 3. **Result**: Zero downtime; no "helm upgrade failed: CRD missing" errors.
 
 
+---
+
+## Helm Release Name Logic
+
+### Prior Versions (<= 0.19.9)
+
+For versions up to 0.19.9, the **`composition-dynamic-controller`** used the following logic to determine the **Helm release name** associated with a composition resource:
+
+1.  If the **label** `krateo.io/release-name` is set on the composition resource, its value is used as the Helm release name.
+2.  Otherwise, the **composition resource name** is used as the Helm release name.
+
+---
+
+### Subsequent Versions (>= 0.20.0)
+
+Starting from version 0.20.0, the **`composition-dynamic-controller`** uses the following logic to determine the Helm release name associated with a composition resource:
+
+1.  If the **annotation** `krateo.io/release-name` is set on the composition resource, its value is used as the Helm release name.
+2.  Otherwise, the release name is composed as follows: **`{composition.metadata.name}-{composition.metadata.uid[:8]}`**.
+
+**N.B.:** From this version onward, the `metadata.name` field of the composition cannot exceed **44 characters**. This is because the UID suffix adds **9 characters** to the release name (the hyphen `-` plus the 8 characters of the UID), and Helm release names cannot exceed **53 characters** in total.
+
+This change was implemented to avoid conflicts when multiple resources belonging to the `composition.krateo.io` group with the same `metadata.name` are created in **different namespaces**.
+
+---
+
+
 ## Composition Dynamic Controller Values Injection
 
 The composition-dynamic-controller inject labels and values into the installed resources and in the helm chart release values. This values contains informations about the composition resource associated with the helm release.

go.mod

@@ -4,22 +4,22 @@ go 1.25.0
 
 require (
 	github.com/Masterminds/semver v1.5.0
-	github.com/Masterminds/semver/v3 v3.3.0
+	github.com/Masterminds/semver/v3 v3.4.0
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
 	github.com/go-logr/logr v1.4.3
 	github.com/gobuffalo/flect v1.0.3
 	github.com/golang/mock v1.6.0
 	github.com/krateoplatformops/plumbing v0.7.2
-	github.com/krateoplatformops/unstructured-runtime v0.2.8
+	github.com/krateoplatformops/unstructured-runtime v0.3.0
 	github.com/pkg/errors v0.9.1
-	github.com/spf13/pflag v1.0.7
-	github.com/stretchr/testify v1.10.0
-	helm.sh/helm/v3 v3.18.6
-	k8s.io/api v0.34.1
-	k8s.io/apiextensions-apiserver v0.33.3
-	k8s.io/apimachinery v0.34.1
-	k8s.io/cli-runtime v0.34.0
-	k8s.io/client-go v0.34.1
+	github.com/spf13/pflag v1.0.10
+	github.com/stretchr/testify v1.11.1
+	helm.sh/helm/v3 v3.19.2
+	k8s.io/api v0.34.2
+	k8s.io/apiextensions-apiserver v0.34.2
+	k8s.io/apimachinery v0.34.2
+	k8s.io/cli-runtime v0.34.2
+	k8s.io/client-go v0.34.2
 	sigs.k8s.io/e2e-framework v0.6.0
 	sigs.k8s.io/kustomize/kyaml v0.20.1
 	sigs.k8s.io/yaml v1.6.0
@@ -38,17 +38,17 @@ require (
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
-	github.com/containerd/containerd v1.7.27 // indirect
+	github.com/containerd/containerd v1.7.29 // indirect
 	github.com/containerd/errdefs v1.0.0 // indirect
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/containerd/platforms v0.2.1 // indirect
-	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
+	github.com/cyphar/filepath-securejoin v0.6.0 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.2 // indirect
 	github.com/evanphx/json-patch v5.9.11+incompatible // indirect
 	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
 	github.com/fatih/color v1.18.0 // indirect
-	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
 	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-gorp/gorp/v3 v3.1.0 // indirect
@@ -106,35 +106,35 @@ require (
 	github.com/shopspring/decimal v1.4.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/spf13/cast v1.7.0 // indirect
-	github.com/spf13/cobra v1.9.1 // indirect
+	github.com/spf13/cobra v1.10.1 // indirect
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/twmb/murmur3 v1.1.8 // indirect
 	github.com/vladimirvivien/gexe v0.4.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xlab/treeprint v1.2.0 // indirect
-	go.opentelemetry.io/otel v1.33.0 // indirect
-	go.opentelemetry.io/otel/trace v1.33.0 // indirect
+	go.opentelemetry.io/otel v1.35.0 // indirect
+	go.opentelemetry.io/otel/trace v1.35.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.2 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/crypto v0.40.0 // indirect
-	golang.org/x/net v0.41.0 // indirect
-	golang.org/x/oauth2 v0.28.0 // indirect
-	golang.org/x/sync v0.16.0 // indirect
-	golang.org/x/sys v0.34.0 // indirect
-	golang.org/x/term v0.33.0 // indirect
-	golang.org/x/text v0.27.0 // indirect
-	golang.org/x/time v0.9.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
-	google.golang.org/grpc v1.68.1 // indirect
+	golang.org/x/crypto v0.45.0 // indirect
+	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/oauth2 v0.30.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sys v0.38.0 // indirect
+	golang.org/x/term v0.37.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/time v0.12.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250303144028-a0af3efb3deb // indirect
+	google.golang.org/grpc v1.72.1 // indirect
 	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiserver v0.33.3 // indirect
-	k8s.io/component-base v0.33.3 // indirect
+	k8s.io/apiserver v0.34.2 // indirect
+	k8s.io/component-base v0.34.2 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect
-	k8s.io/kubectl v0.33.3 // indirect
+	k8s.io/kubectl v0.34.0 // indirect
 	k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect
 	oras.land/oras-go/v2 v2.6.0 // indirect
 	sigs.k8s.io/controller-runtime v0.20.0 // indirect