Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(mesh): disables default network policy management #798

Merged

Conversation

bartoszmajsak
Copy link
Contributor

@bartoszmajsak bartoszmajsak commented Jan 12, 2024

Description

Disables automatic network policy management in Openshift Service Mesh. See https://docs.openshift.com/container-platform/4.14/service_mesh/v2x/ossm-traffic-manage.html#ossm-understanding-networkpolicy_traffic-management for more context.

Fixes https://issues.redhat.com/browse/RHOAIENG-1014

How Has This Been Tested?

Merge criteria:

  • The commits are squashed in a cohesive manner and have meaningful messages.
  • Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has manually tested the changes and verified that the changes work

@bartoszmajsak bartoszmajsak removed the request for review from etirelli January 12, 2024 19:30
@bartoszmajsak bartoszmajsak changed the title fix: disables default network policy management fix(mesh): disables default network policy management Jan 12, 2024
return smcp, nil
}

func fromTestTmpDir(fileName string) string {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is temporary and will be removed when #797 gets merged

controllers/dscinitialization/servicemesh_setup.go Outdated Show resolved Hide resolved
kind: CustomResourceDefinition
metadata:
labels:
maistra-version: 2.4.2
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we just use the latest 2.4.5 ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't matter for these tests I guess, or does it? At this point it's only CRD, there's no cluster behavior implied in the tests, as we do not install an actual operator.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, not matter for the test.
was only thinking to be as close as to the real env.

Co-authored-by: Wen Zhou <wenzhou@redhat.com>
Copy link
Member

@zdtsw zdtsw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

Copy link

openshift-ci bot commented Jan 15, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: zdtsw
Once this PR has been reviewed and has the lgtm label, please assign etirelli for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@zdtsw zdtsw merged commit df0c15a into opendatahub-io:incubation Jan 15, 2024
6 of 7 checks passed
zdtsw added a commit to zdtsw-forking/rhods-operator that referenced this pull request Jan 15, 2024
…#798)

* fix: disables default network policy management

* fix: returns correct error

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

---------

Co-authored-by: Wen Zhou <wenzhou@redhat.com>
zdtsw added a commit to zdtsw-forking/rhods-operator that referenced this pull request Jan 15, 2024
…#798)

* fix: disables default network policy management

* fix: returns correct error

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

---------

Co-authored-by: Wen Zhou <wenzhou@redhat.com>
zdtsw added a commit to red-hat-data-services/rhods-operator that referenced this pull request Jan 16, 2024
* Add recording and alerting rules for TrustyAI

Update SOP url, RHODS to RHOAI

Fix trustyai-alerting.rules indentation

* fix(kserve): check on multiple depends operators if all pre-installed (opendatahub-io#744)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update: rewrite func to check operator (opendatahub-io#745)

creds to: @bartoszmajsak

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(cleanup): cleans up dependant resources (opendatahub-io#748)

* feat: implements failing test for deletion using configmap

* fix(cleanup): cleans up dependant resources

The code responsible for cleaning up resources on cfg map presence was failing early due to operations on nil list instance of KfDef resources, leading to panic and restart of the pod making an impression that cleanup takes forever

* fix(reconcile): requeue only when actual error happens

Original code was always causing requeue as even if upgrade.OperatorUninstall(r.Client, r.RestConfig) resulted in nil error (success), it was wrapped in error with message error while operator uninstall: <nil>

* fix: reverts img placeholder in kustomize

* fix: removes commented out code

* fix(features): makes rest config loader more flexible (opendatahub-io#760)

* add table of contents to readme (opendatahub-io#769)

* Makefile: add clean target (opendatahub-io#733)

Add `make clean` which removes build artefacts. At the moment it's
./bin, ./odh-manifests/* and cover.out from test target.

Do not remove odh-manifests directory since it is commited to VCS.

In the recipe chown of $(LOCALBIN) since setup-envtest makes its dir
RO for some reason [1].

Related: opendatahub-io#696

[1] https://github.com/kubernetes-sigs/controller-runtime/blob/main/tools/setup-envtest/store/store.go#L191

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* chore: cleanup owns on RS,Pod, daemonset, CRD (opendatahub-io#777)

* chore: cleanup owns on RS,Pod, daemonset, CRD
* cleanup: remove developmentconfig not in use
* chore: move rbac into one file and remove duplicated one

---------
Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(kserve): add monitoring logic (opendatahub-io#782)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* chore(mesh): Use third party service account tokens (opendatahub-io#767)

This should allow Service Mesh to run on any OpenShift flavor.

Fixes opendatahub-io/kserve#138

Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>

* chore: change log info for monitoring patch namespace (opendatahub-io#787)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix devflags empty object (opendatahub-io#659)

- change DefFlags to pointer type , see reason from example: https://www.sohamkamani.com/golang/omitempty/
- change both in DSC and DSCI

* feature: add support for unmanaged and remove for servicemesh and serverless (opendatahub-io#781)

* feature: add support for unmanaged and remove for servicemesh and
serverless

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update components/kserve/kserve.go

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* fix(nilpointer): when more than one DSCI CR in cluster (opendatahub-io#756)

* fix(nilpointer): when more than one DSCI CR in cluster

- use the one with ealiest timestamp as the default one
- suggest user to delete other CR but only use default one
- only set the extra/wrong DSCI in Error status

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* chore: change label name (opendatahub-io#790)

- use a more generaic label than bind to namespace name

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Remove lavlas from OWNERS (opendatahub-io#791)

* fix(builder): initializes rest config before invoking any partial builder (opendatahub-io#792)

This way we can obtain interact with the cluster from partial builders instead of defering it to Apply phase.

* chore: shifts FeatureTracker creation to Feature's Apply phase (opendatahub-io#795)

* fix(mesh): disables default network policy management (opendatahub-io#798)

* fix: disables default network policy management

* fix: returns correct error

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

---------

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

* feat(linters): Enable all linters by default. (opendatahub-io#692)

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>
Co-authored-by: Rui Vieira <ruidevieira@googlemail.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>
Co-authored-by: Ajay Jaganathan <36824134+AjayJagan@users.noreply.github.com>
Co-authored-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Co-authored-by: Edgar Hernández <ehernand@redhat.com>
Co-authored-by: Landon LaSmith <2432396+LaVLaS@users.noreply.github.com>
zdtsw added a commit to red-hat-data-services/rhods-operator that referenced this pull request Jan 19, 2024
* sync: from main to rhoai-2.6 (#163)

* Add recording and alerting rules for TrustyAI

Update SOP url, RHODS to RHOAI

Fix trustyai-alerting.rules indentation

* fix(kserve): check on multiple depends operators if all pre-installed (opendatahub-io#744)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update: rewrite func to check operator (opendatahub-io#745)

creds to: @bartoszmajsak

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(cleanup): cleans up dependant resources (opendatahub-io#748)

* feat: implements failing test for deletion using configmap

* fix(cleanup): cleans up dependant resources

The code responsible for cleaning up resources on cfg map presence was failing early due to operations on nil list instance of KfDef resources, leading to panic and restart of the pod making an impression that cleanup takes forever

* fix(reconcile): requeue only when actual error happens

Original code was always causing requeue as even if upgrade.OperatorUninstall(r.Client, r.RestConfig) resulted in nil error (success), it was wrapped in error with message error while operator uninstall: <nil>

* fix: reverts img placeholder in kustomize

* fix: removes commented out code

* fix(features): makes rest config loader more flexible (opendatahub-io#760)

* add table of contents to readme (opendatahub-io#769)

* Makefile: add clean target (opendatahub-io#733)

Add `make clean` which removes build artefacts. At the moment it's
./bin, ./odh-manifests/* and cover.out from test target.

Do not remove odh-manifests directory since it is commited to VCS.

In the recipe chown of $(LOCALBIN) since setup-envtest makes its dir
RO for some reason [1].

Related: opendatahub-io#696

[1] https://github.com/kubernetes-sigs/controller-runtime/blob/main/tools/setup-envtest/store/store.go#L191

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* chore: cleanup owns on RS,Pod, daemonset, CRD (opendatahub-io#777)

* chore: cleanup owns on RS,Pod, daemonset, CRD
* cleanup: remove developmentconfig not in use
* chore: move rbac into one file and remove duplicated one

---------
Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(kserve): add monitoring logic (opendatahub-io#782)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* chore(mesh): Use third party service account tokens (opendatahub-io#767)

This should allow Service Mesh to run on any OpenShift flavor.

Fixes opendatahub-io/kserve#138

Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>

* chore: change log info for monitoring patch namespace (opendatahub-io#787)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix devflags empty object (opendatahub-io#659)

- change DefFlags to pointer type , see reason from example: https://www.sohamkamani.com/golang/omitempty/
- change both in DSC and DSCI

* feature: add support for unmanaged and remove for servicemesh and serverless (opendatahub-io#781)

* feature: add support for unmanaged and remove for servicemesh and
serverless

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update components/kserve/kserve.go

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* fix(nilpointer): when more than one DSCI CR in cluster (opendatahub-io#756)

* fix(nilpointer): when more than one DSCI CR in cluster

- use the one with ealiest timestamp as the default one
- suggest user to delete other CR but only use default one
- only set the extra/wrong DSCI in Error status

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* chore: change label name (opendatahub-io#790)

- use a more generaic label than bind to namespace name

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Remove lavlas from OWNERS (opendatahub-io#791)

* fix(builder): initializes rest config before invoking any partial builder (opendatahub-io#792)

This way we can obtain interact with the cluster from partial builders instead of defering it to Apply phase.

* chore: shifts FeatureTracker creation to Feature's Apply phase (opendatahub-io#795)

* fix(mesh): disables default network policy management (opendatahub-io#798)

* fix: disables default network policy management

* fix: returns correct error

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

---------

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

* feat(linters): Enable all linters by default. (opendatahub-io#692)

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>
Co-authored-by: Rui Vieira <ruidevieira@googlemail.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>
Co-authored-by: Ajay Jaganathan <36824134+AjayJagan@users.noreply.github.com>
Co-authored-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Co-authored-by: Edgar Hernández <ehernand@redhat.com>
Co-authored-by: Landon LaSmith <2432396+LaVLaS@users.noreply.github.com>

* update: rebranding for rhoai from rhods (#160)

* update: rebranding for rhoai from rhods

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update: new icon data and link to dashboard icon

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix: couple of changes (#164)

* fix: couple of changes

- change from 2.5 missing on 2.6
- version/branch from components
- generated bundle with rbac
- linter

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* [cherry-pick]: odh opendatahub-io#809

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(trustyai): set component by default as Managed as GA in 2.6

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>
Co-authored-by: Rui Vieira <ruidevieira@googlemail.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>
Co-authored-by: Ajay Jaganathan <36824134+AjayJagan@users.noreply.github.com>
Co-authored-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Co-authored-by: Edgar Hernández <ehernand@redhat.com>
Co-authored-by: Landon LaSmith <2432396+LaVLaS@users.noreply.github.com>
VaishnaviHire added a commit that referenced this pull request Feb 2, 2024
* add table of contents to readme (#769)

* Makefile: add clean target (#733)

Add `make clean` which removes build artefacts. At the moment it's
./bin, ./odh-manifests/* and cover.out from test target.

Do not remove odh-manifests directory since it is commited to VCS.

In the recipe chown of $(LOCALBIN) since setup-envtest makes its dir
RO for some reason [1].

Related: #696

[1] https://github.com/kubernetes-sigs/controller-runtime/blob/main/tools/setup-envtest/store/store.go#L191

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* chore: keeps repositories in the tmp dir (#774)

* chore: cleanup owns on RS,Pod, daemonset, CRD (#777)

* chore: cleanup owns on RS,Pod, daemonset, CRD
* cleanup: remove developmentconfig not in use
* chore: move rbac into one file and remove duplicated one

---------
Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update incubation with downstream changes (#783)

* fix(oauth-dashboard): update APIversion when patch oauth-client (#136)

add more comment and error message

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit d688f25)

* Update kube-aggregator version

(cherry picked from commit a0c7864)

* fix(kserve): check on multiple depends operators if all pre-installed (#744) (#119)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 57c4b82)

* [backport]: changes from rhods_2.4 to rhods_2.5 (#129)

* [cherry-pick]: split workbenches image into 2 params.env file

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update opendatahub label

(cherry picked from commit 3e975f9)
(cherry picked from commit 9f8b649)

* Update Codeflare manifests path

(cherry picked from commit 014396c)
(cherry picked from commit 5f1c0d4)

* Move creation of default DSC

(cherry picked from commit ab33109)
(cherry picked from commit 00ddd6c)

* update(manifests): enable kserve, modelmesh and workbenches

- dashboard and modelmesh-monitoring still from odh-manifests

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Fix cherry-pick for dsci

* fix(mm): set the new logic for modelmesh

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Fix the KF deployment:

* fix(monitoring): do the switch for dev mode to not send alert

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 001cad1)

* refactor: reduce alert level for codeflare operator

* Update(manifests): for monitoring

- remove https:// for dashbaord target
- add nwp from odh-deployer
- fix: wrong service name for operator, this is defined in CSV
- port: do not use https but 8080

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Fix manifests for monitoring

(cherry picked from commit 85883f102bc15f2343c0f6afe253a29a4ff3f64f)

* Revert changes to prometheus port

Changes to prometheus port makes the route inaccessible

* fix rebase

* fix(dsci): missing label on namespaces (#98)

- add SM which is in modelmesh-monitroing into operator monitoring
- add roles which are in modelmesh-monitoring into ours too
- apply 3 labels to both monitoring and application namespace (which is v1 doing)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(monitoring): typo (#101)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(monitoring)

- remove hardcoded app. namespace in segment manifests
- remove hardcoded monitoring. namepsace in base manifests
- add placeholder to inject monitoring namespace in Servicemonitor

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* uplift: package version

- github.com/operator-framework/operator-lifecycle-manager/releases/tag/v0.26.0
- github.com/openshift/api to latest v0.0.0

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Remove odh csv

* fix(crd): do not set ownerreference on CRD (#725)

-  we covered the case when set component from Managed to Remvoe
-  this is to cover the case when set have component as Managed and
delete DSC CR
- so if we do not set at first it wont get deleted

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit e9461e0)

* Fix DSCI Patch

* update(monitoring): metrics (#107)

* update(monitoring):

- add log in pod for QE to see it is dev mode cluster
- add two metrics:
	i do not think they are used in this config
	but they are presented in v1 config , so i add back
- move recording for workbench to correct rule file
- remove operator-alerting.rules it is not used in v1 to keep it simple

- fix: openshift-monitoring is using web as port name and our port

- add more comments for the config  and comments out not needed config
- add egress for odh monitoring and add cluster monitoring NS for ingress

- keep rhdos_aggerate_avaiablity from proemtehusrules along with 2 users
   reason for this is: PSI does not get non openshift-* or kube-* NS metrics to cluster-monitoring prometheus. as
cluster-monitoring prometheus-k8s only use prometheusrule not serivcemonitor ?

-  from test result:
	if our monitoring ns not set cluster-monitoring, there is no targets on federation2 and no rhods_aggreated_in metrics

- fix(monitoring): removed duplicated alerts of dashboard in workbenches

- add UWM ns for operator ingress

- according to doc: when enable UWM should not have custom Prometheus, this might be the conflicts why we cannot see metrics from odh monitoring in cluster-monitoring prometheus?

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Remove DSCI explicit naming

* Fix regression in Prometheus Deployment

* Remove os.exit for custom functions

* Delete legacy blackbox exporter

* fix(monitoring): add missing role and rolebinding for prometheus (#112)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(monitoring): missing add new files into kustomization (#113)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* cleanup(monitoring): after previous 2 commits this is not needed/useful (#114)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(monitoring): do not set odh monitoring namespace when apply for  manifests in "monitoring/base" (#115)

* fix(monitoring):  not set our monitoring when apply to monitoring/base folder
- hardcode our monitoring namespace for all needed manifests

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* revert: label changes made in upgrade PR

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(monitoring): cannot load dashbaord record rules (#123)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(monitoring): when DSC is removed entry in rule_files should be
cleanedup

- match does not work with * in the string need to use (.*)
- add (-) in the front for diffientiate the rule_file or the real rules

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* cherry-pick: edson's rhods-12939 from odh + debug + timeout tuning

comnent out ExpointialBackoffWithContext for now to test
not add v2 into markedDeletion list

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(upgrade): modelmesh monitoring deployment need deletion as well

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix: add statefulset

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* cherrypick: upstream 748 fix no reconcile when no error return

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* RHODS-12956: removing CR update from the operator reconciliation loop to avoid infinite loop (#128)

* chore

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Vaishnavi Hire <vhire@redhat.com>
Co-authored-by: Dimitri Saridakis <dimitri.saridakis@gmail.com>
Co-authored-by: Edson Tirelli <ed.tirelli@gmail.com>
(cherry picked from commit 81ebc87)
(cherry picked from commit 7525f99)

* fix(rebase): in previous commits (#131)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 15b2db8)
(cherry picked from commit 0062ba3)

* [rhods-2.5] Add Predicate for Prometheus Configmap (#134)

* Add Predicate for Prometheus Configmap

(cherry picked from commit 35f4136)

* fix(linter)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 6ecf2b5)
(cherry picked from commit deeccb7)

* fix(monitoring): only set prometheus as part-of label from component (#135)

this will reduced necessary updates on configmap

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 13c28ec)
(cherry picked from commit b809260)

* update: set kserve  as Managed by default DSC (#130)

- keep modelmesh in clean install removed(flip from previous managed)
- keep modelmesh from old version as-was
set OSSM and serving both as default Managaed
- update docs with default status and missing new components
- fix nilpointer in DSCI

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit f7c2713)
(cherry picked from commit 4f3cd66)

* fix(monitoring): do not add component rules till service is up (#137)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit d85efc5)
(cherry picked from commit 8cca478)

* fix(secret): do not delete secret if cannot find (#140)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 60f0419)
(cherry picked from commit 5e3731b)

* chore: typo (#141)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 0f9fe32)
(cherry picked from commit b8926f7)

* Add defaults for Kserve for new install

(cherry picked from commit 8bd2782)
(cherry picked from commit 81433ba)

* Revert "Update defaults for modelmesh" (#146)

(cherry picked from commit e5a27c4)
(cherry picked from commit 7389619)

* fix(mm-monitoring): revert the code logic but set to disable as delete (#153)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

fix(dsc): stop watching validationwebhook for non-create/delete events (#150)

* fix(dsc): stop watching validationwebhook for non-create/delete events
* update: remove CRD in the DSC watch and cleanup debug
* fix: add more ignore on the label changes
---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

Revert "Remove modelmesh monitoring"

This reverts commit 91dd78f.

fix(modelmesh): remove wrong check on the deployment of modelmesh (#148)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

Retain existing DSCI values

Explicilty add Servicemesh in default dsci

Update defaults for modelmesh

(cherry picked from commit 6eb6d4a)
(cherry picked from commit a4788f3)

* fix: update default name for DSC in initialization-resource

- add missing default config for serving of kserve in sample
- set modelmesh in sample and init as Managed

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 633d9f6)

* fix: do not force check if servicemesh is set to managed in DSCI (#154)

* fix: do not force check if servicemesh is set to managed in DSCI

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update: add supported value for serverless and servicemesh

- currently removed and unmanaged are the same logic

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update: do not remove resources if it has label

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
(cherry picked from commit 3a672d4)

* Fix lint

* fix: rebase incubation

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* cherry-pick: red-hat-data-services#157

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix: for ODH to resolve
https://issues.redhat.com/browse/RHOAIENG-157

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update: CSV

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix: linter

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Wen Zhou <wenzhou@redhat.com>

* update(kserve): add monitoring logic (#782)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* chore(mesh): Use third party service account tokens (#767)

This should allow Service Mesh to run on any OpenShift flavor.

Fixes opendatahub-io/kserve#138

Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>

* chore: change log info for monitoring patch namespace (#787)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix devflags empty object (#659)

- change DefFlags to pointer type , see reason from example: https://www.sohamkamani.com/golang/omitempty/
- change both in DSC and DSCI

* feature: add support for unmanaged and remove for servicemesh and serverless (#781)

* feature: add support for unmanaged and remove for servicemesh and
serverless

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Update components/kserve/kserve.go

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* fix(rbac): missing get verbs on MWC and Secret (#789)

- this is causing MWC CR from kserve did not get cleaned up when kserve is Removed

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* fix(nilpointer): when more than one DSCI CR in cluster (#756)

* fix(nilpointer): when more than one DSCI CR in cluster

- use the one with ealiest timestamp as the default one
- suggest user to delete other CR but only use default one
- only set the extra/wrong DSCI in Error status

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* chore: change label name (#790)

- use a more generaic label than bind to namespace name

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* Remove lavlas from OWNERS (#791)

* feat(linters): Enable all linters by default. (#692)

* fix(builder): initializes rest config before invoking any partial builder (#792)

This way we can obtain interact with the cluster from partial builders instead of defering it to Apply phase.

* update(dsci): do not create default DSCI CR if it is running in  ODH (#770)

* update(dsci): do not create default DSCI CR if it is ODH

- the change is done without code logic but only set the env varible
   DISABLE_DSC_CONFIG in the CSV
- to keep the old logic (let operator auto create DSCI CR): remove this variable from CSV and restart pod. OR use API to not set this variable in subscription

* cleanup: initialization-resource in CSV

- since we do not create DSCI CR automatically, should not have required
on DSC CR

* test(e2e): add test for DSCI CR

---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* chore: shifts FeatureTracker creation to Feature's Apply phase (#795)

* fix(mesh): disables default network policy management (#798)

* fix: disables default network policy management

* fix: returns correct error

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

---------

Co-authored-by: Wen Zhou <wenzhou@redhat.com>

* Fix [Snyk][CVE-2022-3064] [High] github.com/go-yaml/yaml - DOS vulnerability (#799)

* fix: Ensure Wait function waits for pods to appare in given namespace (#803)

When the Wait function is called to wait for e.g. the expected outcome of another operator,
the operator might take longer then the initial interval time of 2s to create a pod.
In this scenario the Wait function would get 0 Pods returned from the API Server to check
the state of and assume all is done.

Ensure we at least get a pod count higher then 0 before we return successful. This gives
the other operator our 5min deadline to create and start the pod(s).

* fix(service-mesh): ensures SMCP is available before patching network policy (#805)

* chore: swaps errors.Wrap to fmt.Errorf (#807)

* fix(service-mesh): reverts disabling network policy management (#809)

* fix(service-mesh): reverts disabling network policy management

* fix(lint): removes unused test code

* feat(templates): process Feature templates in memory (#797)

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>
Co-authored-by: Wen Zhou <wenzhou@redhat.com>

* fix: ensures cleanup of associated `FeatureTracker`s (#812)

* test: adds failing test to cover missconfigured tracker and cleanup logic

* fix: ensures cleanup of associated FeatureTracker

* chore(test): extracts secret creation to its own func

* chore: uses addCleanup func

* feat: enhances FeatureTracker with spec (#808)

* feat: enhances FeatureTracker with spec (#17)

* initial add tracker spec

* update tests, update crd

* add omitempty to origin struct

* undo accidental tag change

* re add empty line

* move pointer operator

* add testing

* lint

* re-lint changes

* add ownertype, move newOrigin() to shared util

* Update apis/features/v1/features_types.go

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* remove origin from featureinitializer

* modify kserve sm step to match dashboard's

* make dsci servicemesh setup like dashboard's

* fix merge issues, lint

---------

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* restore testing mistakenly removed in merge

* satisfy linter post merge conflicts

* fix linter post merge

* fix post merge issue

* split For() into With + DefinedBy

* rename origin to source, definedby to from

---------

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* feat: add status/conditions to FeatureTrackers (#801)

Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>

* fix: fix e2e test error handling for https://issues.redhat.com/browse/RHOAIENG-2219 (#817)

* fix(serverless): Patch to enable Secret filtering in KNative Serving (#814)

This prevents KNative's net-istio pods from being OOMKilled in environments with a large number of Secrets.

This would patch a Managed installation. Custom installations would be left untouched.

Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>

* (backport): wrong CR name in the message. (#813)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(trusty): Change TrustyAI `apiGroup` (#823)

See trustyai-explainability/trustyai-service-operator#169

* Update go.mod

* revert go mod (#828)

* [backport]trustyai: monitoring (#824)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* RHOAIENG-965: Fix ODH Upgrade after label updates (#822)

* fix(trustyai): missing overwrite for the devFlag on component level (#816)

- this will be able to test live build if set devFlags on the Trustyai
with downstream RHOAI build

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* update(trusty): set to GA (#810)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* add openshift ci build root image configuration (#825)

* Makefile: generate config/manager/kustomization.yaml (#728)

There is a modification, `kustomize edit` of this file on deploy and
bundle targets. Since the file is stored in the version control it
pollutes `git status` and `git commit -a`.

Store only "template" in the VCS and generate the file at the build
time.

Move it to a separate target to not repeat yourself.

It will check the target for more other targets than before, but it
should not make any harm.

Make it phony to generate the file every time for the case of
changing IMG variable.

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* Makefile: generate default image name based on current user (#730)

It's a bit tedeous to supply IMG for barely every `make` call so
make it contstructed by Makefile itself based on the current user.

The default image name will be quay.io/$(USER)/opendatahub-operator:latest
if USER environment variable is not empty.

It's still possible to amend the generation with variables:

IMAGE_OWNER - as before, uses value as quay.io space.
IMG_TAG - use the tag instead of `latest`. The variable name is
  chosen because of IMG variable.
IMG - as before, use the complete image name

In the assignments '?=' replaced/used by '=' to not mess up with the
environment by accident since the names are pretty generic (it's
always possible to use `make -e` for those who wants).

It should not make problems with CI since it uses the names
directly [1] using our csv [2]. To push the image it uses workflow
[3] (code [4]).

Related: #696

[1] https://github.com/openshift/release/blob/master/ci-operator/config/opendatahub-io/opendatahub-operator/opendatahub-io-opendatahub-operator-incubation.yaml#L24
[2] https://github.com/opendatahub-io/opendatahub-operator/blob/incubation/bundle/manifests/opendatahub-operator.clusterserviceversion.yaml#L1678
[3] https://github.com/openshift/release/blob/master/ci-operator/config/opendatahub-io/opendatahub-operator/opendatahub-io-opendatahub-operator-incubation.yaml#L47
[4] https://github.com/openshift/release/blob/master/ci-operator/step-registry/opendatahub-io/ci/image-mirror/opendatahub-io-ci-image-mirror-commands.sh

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* Makefile: run linter and unit tests from default target (#735)

- rename default target `all` to `default`. Sounds more appropriate
  since there are a lot of other jobs left.
- depend `default` from `lint` and `unit-test`

It looks like more appropriate default for developers.

Related: #696

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>

* feat: Add ModelRegistry component (#775) (#776)

* feat: Add ModelRegistry component (#775)

* fix: Fix modelregistry odh overlays path

* fix: fix dsc_create_test tests err nil check

* fix: refactor ModelRegistry.ReconcileComponent for new parameters

* chore: added modelregistry to README.md

* fix: add missing rbac rules for deploymentconfigs and daemonsets

* chore: code lint cleanup

* fix: added check for nil DevFlags in model-registry component

* fix: add nil check for dscispec.DevFlags in model-registry ReconcileComponent

* fix: remove RBAC rules for daemonsets and deploymentconfigs

* fix(chore): fix lint errors in dsc_deletion_test.go

* feat(kueue): add logic to enable new component (#827)

* feat(kueue): add logic to enable new component
---------

Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Dimitri Saridakis <dimitri.saridakis@gmail.com>

* Changed variable name for cfo operator image (#794)

* Changed variable name for cfo operator image

* Fixed golint

* Changed defaultKustomizePath to manager

* changed CodeFlarePath to point to manager

* Changed defaultKustomizePath to default, added Params path

* chore: fix missing deepcopyinto for kueue by re-generate code (#835)

Signed-off-by: Wen Zhou <wenzhou@redhat.com>

* feat: simplifies Feature API (#831)

- `FeaturesInitializer` (now named `FeaturesHandler`) becomes an entry point to compose features 
    - it has two modes: cluster and component. Based on this mode it will initialize `.spec.source` transparently 
    - there is no `Prepare` func anymore - it is now part of `Apply` and `Delete` - most importantly `FeaturesHandler` keeps track of created features so there is no need to keep adding to the slice explicitly
- Tests have been adjusted to focus on behavior rather than implementation details

---------

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: Wen Zhou <wenzhou@redhat.com>
Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>
Co-authored-by: Ajay Jaganathan <36824134+AjayJagan@users.noreply.github.com>
Co-authored-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Co-authored-by: Bartosz Majsak <bartosz.majsak@gmail.com>
Co-authored-by: Wen Zhou <wenzhou@redhat.com>
Co-authored-by: Edgar Hernández <ehernand@redhat.com>
Co-authored-by: Landon LaSmith <2432396+LaVLaS@users.noreply.github.com>
Co-authored-by: Aslak Knutsen <aslak.tux@gmail.com>
Co-authored-by: Cameron Garrison <cgarriso@redhat.com>
Co-authored-by: Dhiraj Bokde <dhirajsb@users.noreply.github.com>
Co-authored-by: Rui Vieira <ruidevieira@googlemail.com>
Co-authored-by: Ajay Pratap <ajay.pratap233@gmail.com>
Co-authored-by: Dimitri Saridakis <dimitri.saridakis@gmail.com>
Co-authored-by: Mark Campbell <markcampbell114@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

2 participants