Upgrade sbo #2627
Upgrade sbo #2627
Conversation
| func installServiceBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool) error { | ||
| return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer, | ||
| "/rbac/operator-role-service-binding.yaml", | ||
| "/rbac/operator-role-binding-service-binding.yaml", |
There was a problem hiding this comment.
It seems the operator-role-binding-service-binding.yaml file can also be removed.
johnpoth
force-pushed
the
upgrade-sbo
branch
from
ccbc884
to
e893026
Compare
|
The install is failing on OpenShift because of privileges escalation. The admin user that is used to install the operator is not granted permission to get CRDs. I think we can keep a separate RBAC manifest for the permissions required by the embedded SBO, and warn when the install user cannot create it, as we already do for other "addons". |
johnpoth
force-pushed
the
upgrade-sbo
branch
4 times, most recently
from
4af5f1b
to
8a56858
Compare
|
Thanks for reviewing ! PR should be ok now, switched to |
| } | ||
|
|
||
| secret := createSecret(ctx, e.Integration.Namespace) | ||
| if secret != nil { |
There was a problem hiding this comment.
what is the reason for not injecting binding through SBO default pipeline?
There was a problem hiding this comment.
Hi @pedjak ! Thanks for taking a look!
The Camel K Operator has it's own pipeline for creating Kubernetes resources (here the Secret). This allows to do versioning and garbage collection when those resources aren't needed anymore. This is why I didn't want SBO to create the Secret through it's default pipeline. I also didn't want it to create the "ServiceBinding" CR as it's not really needed in our "simple" case.
All in all it was a pretty fluid experience using the API
|
@johnpoth could you please rebase the PR so we can have it merged? Thanks. |
…ult in order to resolve Service Bindings
johnpoth
force-pushed
the
upgrade-sbo
branch
from
f634e2e
to
3ce9a17
Compare
johnpoth
force-pushed
the
upgrade-sbo
branch
from
3ce9a17
to
63b7f53
Compare
|
The |
|
Yeah looks like there was a new test to make sure the correct number of Roles etc... were installed. Looks all good now |
|
Awesome, thanks! |
This leverages some of the work by @pedjak in sbo-919 that allows us to use SBO as a library. This means that the Service Binding Operator no longers needs to be installed.
This has the benefit of simplifying the code a bit and allows us to upgrade to the latest version (#2553) without having to wait for sbo-#927. It also avoids us having to use SBO as a service through CRDs which was a little messy. I've removed:
As the specification is still work in progress (which we mention in the docs), I think that's o.k
Thanks !
Release Note