CFE-654: Feature/olm scaffolding #83
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
openshift-ci
bot
added
the
approved
|
/test e2e-operator |
|
/test unit |
thejasn
changed the title
|
/test e2e-operator |
thejasn
force-pushed
the
feature/olm-skaffolding
branch
from
9f86b7c
to
c437022
Compare
|
/test e2e-operator |
bundle/manifests/cert-manager-operator.clusterserviceversion.yaml
Outdated
Show resolved
Hide resolved
|
/test e2e-operator |
|
/test images |
|
/retest-required |
|
/test e2e-operator |
1 similar comment
|
/test e2e-operator |
|
/test verify |
thejasn
force-pushed
the
feature/olm-skaffolding
branch
3 times, most recently
from
ce1b844
to
bab136b
Compare
thejasn
changed the title
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
openshift-merge-robot
added
the
needs-rebase
pkg/controller/deployment/cert_manager_controller_deployment.go
Outdated
Show resolved
Hide resolved
|
/retest |
|
/test e2e-operator |
|
@thejasn: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/hold |
openshift-ci
bot
added
the
do-not-merge/hold
|
Checked through PR's description for the changes and some files. Adding qe-approved for requirement from openshift/release#34826 |
openshift-ci
bot
added
the
qe-approved
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/cc @bergerhoffer @davemulford |
|
@thejasn docs doesn't normally have to approve eng PRs. If there is any user-facing display text that you'd like me to review before it merges in, I'd be happy to do that. Or feel free to tag me as a heads up as things come in if they are specific new functionality that I might need to know for documentation purposes. Thanks! |
|
/label docs-approved |
openshift-ci
bot
added
the
docs-approved
|
I saw the epic in Jira and provided comments there. |
openshift-ci
bot
added
the
px-approved
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: geliu2016, thejasn, TrilokGeer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Sorry for the last review.
As we discussed the main points are:
- API doesn't seem to be mature enough:
- it allows too many configuration permutations some of which can be dangerous/not recommended/not tested
- it doesn't have the vision of how CertManager is supposed to be used (not opinionated), the operator is justoc apply, the operational logic is not quite present - Since the namespaces changed: a migration guide needs to be provided in this repository and in the OpenShift docs
The rest is just small remarks after a brief look through.
| # GO_REQUIRED_MIN_VERSION = 1.17 | ||
| # GO_TEST_FLAGS=-v | ||
| # RUNTIME?=docker | ||
| # | ||
| # APP_NAME?=cert-manager-operator | ||
| # IMAGE_REGISTRY?=registry.svc.ci.openshift.org | ||
| # IMAGE_ORG?=openshift-cert-manager | ||
| # IMAGE_TAG?=latest | ||
| # IMAGE_OPERATOR?=$(IMAGE_REGISTRY)/$(IMAGE_ORG)/cert-manager-operator:$(IMAGE_TAG) | ||
| # IMAGE_OPERATOR_BUNDLE?=$(IMAGE_REGISTRY)/$(IMAGE_ORG)/cert-manager-operator-bundle:$(IMAGE_TAG) | ||
| # | ||
| # TEST_OPERATOR_NAMESPACE?=openshift-cert-manager-operator | ||
| # | ||
| # MANIFEST_SOURCE = https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml | ||
| # | ||
| # OPERATOR_SDK_VERSION?=v1.12.0 | ||
| # OPERATOR_SDK?=$(PERMANENT_TMP_GOPATH)/bin/operator-sdk-$(OPERATOR_SDK_VERSION) | ||
| # OPERATOR_SDK_DIR=$(dir $(OPERATOR_SDK)) | ||
|
|
||
| # Include the library makefiles | ||
| # | ||
| # | ||
| # # $1 - target name | ||
| # # $2 - apis | ||
| # # $3 - manifests | ||
| # # $4 - output | ||
| # $(call add-crd-gen,operator-alpha,./apis/operator/v1alpha1,./bundle/manifests,./bundle/manifests) | ||
| # $(call add-crd-gen,config-alpha,./apis/config/v1alpha1,./bundle/manifests,./bundle/manifests) | ||
| # | ||
| # | ||
| # # generate image targets | ||
| # $(call build-image,cert-manager-operator,$(IMAGE_OPERATOR),./images/ci/Dockerfile,.) | ||
| # $(call build-image,cert-manager-operator-bundle,$(IMAGE_OPERATOR_BUNDLE),./bundle/bundle.Dockerfile,./bundle) | ||
| # |
There was a problem hiding this comment.
The commented code should be removed.
|
|
||
| KUSTOMIZE := go run sigs.k8s.io/kustomize/kustomize/v4 | ||
|
|
||
| K8S_ENVTEST_VERSION := 1.21.4 |
There was a problem hiding this comment.
Don't see where it's used, ENVTEST_K8S_VERSION seems to be the one for the envtest.
| kind: ClusterServiceVersion | ||
| metadata: | ||
| annotations: | ||
| alm-examples: '[]' |
There was a problem hiding this comment.
Weird, the sample didn't end up in CSV. BTW the sample is better to be useful since it'll be used for the scaffolding of the example in UI (you can created CR instances from there).
| metadata: | ||
| annotations: | ||
| alm-examples: '[]' | ||
| capabilities: Basic Install |
There was a problem hiding this comment.
Capabilities used to be Seamless Upgrade, not sure how aligned it was with the reality but that's a drift from what you had.
| apiVersion: operators.coreos.com/v1alpha1 | ||
| kind: ClusterServiceVersion | ||
| metadata: | ||
| annotations: |
There was a problem hiding this comment.
operators.openshift.io/valid-subscription got lost along the way. BTW the subscription is checked in CVP on CPaaS.
| version: v1 | ||
| description: cert-manager-operator | ||
| displayName: cert-manager-operator | ||
| icon: |
There was a problem hiding this comment.
Icon got lost along the way. It's visible in OperatorHub UI.
| operators.operatorframework.io/builder: operator-sdk-v1.25.1 | ||
| operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 | ||
| repository: https://github.com/openshift/cert-manager-operator | ||
| support: Red Hat, Inc. |
There was a problem hiding this comment.
There is quite a drift in the annotations compared to the previous version, one of the annotation which is visible to the end user is containerImage ("before install" menu).
| - create | ||
| - delete | ||
| - get | ||
| - list | ||
| - patch | ||
| - update | ||
| - watch |
There was a problem hiding this comment.
That is more verbs than used to be. Why?
Description
Migration of cert manager operator to use
operator-sdkfor OLM bundle generation and packaging. It changes how bundles are bootstrapped and tweaked.OLM scaffolding generated using,
Notable Changes
openshift-cert-manager-operator->cert-manager-operator.openshift-cert-manager->cert-manager.config/alphav1API dropped for the operator.0.0.1(default).Dockerfileintroduced for CI.Change Log
apis->apiconfig/alphav1API was removed.bundle: Regenerated usingoperator-sdk.AllNamespacestoSingleNamespaceandOwnedNamespace.cmd: Deleted andmain.gomoved to project root.config: Bundle template generated usingoperator-sdk.hackhack/update-cert-manager-manifests.sh: Update manifest destination asconfig/crd/bases/.hack/update-clientgen.shandhack/update-deepcopy.sh: Updateapifile path.jsonnet: Update script with the new namespaces.pkg/*pkg/cmd/operator/cmd.go: Update operator namespacepkg/controller/certmanager_controller.go: Introduced placeholder controller along with required kubebuilder annotations.pkg/operator: Re-generate operator client and helper functions.