New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CFE-654: Feature/olm scaffolding #83
CFE-654: Feature/olm scaffolding #83
Conversation
Skipping CI for Draft Pull Request. |
/test e2e-operator |
/test unit |
/test e2e-operator |
9f86b7c
to
c437022
Compare
/test e2e-operator |
bundle/manifests/cert-manager-operator.clusterserviceversion.yaml
Outdated
Show resolved
Hide resolved
/test e2e-operator |
/test images |
/retest-required |
/test e2e-operator |
1 similar comment
/test e2e-operator |
/test verify |
ce1b844
to
bab136b
Compare
pkg/controller/deployment/cert_manager_controller_deployment.go
Outdated
Show resolved
Hide resolved
/retest |
/test e2e-operator |
@thejasn: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/hold |
Checked through PR's description for the changes and some files. Adding qe-approved for requirement from openshift/release#34826 |
/hold cancel |
/cc @bergerhoffer @davemulford |
@thejasn docs doesn't normally have to approve eng PRs. If there is any user-facing display text that you'd like me to review before it merges in, I'd be happy to do that. Or feel free to tag me as a heads up as things come in if they are specific new functionality that I might need to know for documentation purposes. Thanks! |
/label docs-approved |
I saw the epic in Jira and provided comments there. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/label qe-approved
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: geliu2016, thejasn, TrilokGeer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the last review.
As we discussed the main points are:
- API doesn't seem to be mature enough:
- it allows too many configuration permutations some of which can be dangerous/not recommended/not tested
- it doesn't have the vision of how CertManager is supposed to be used (not opinionated), the operator is justoc apply
, the operational logic is not quite present - Since the namespaces changed: a migration guide needs to be provided in this repository and in the OpenShift docs
The rest is just small remarks after a brief look through.
# GO_REQUIRED_MIN_VERSION = 1.17 | ||
# GO_TEST_FLAGS=-v | ||
# RUNTIME?=docker | ||
# | ||
# APP_NAME?=cert-manager-operator | ||
# IMAGE_REGISTRY?=registry.svc.ci.openshift.org | ||
# IMAGE_ORG?=openshift-cert-manager | ||
# IMAGE_TAG?=latest | ||
# IMAGE_OPERATOR?=$(IMAGE_REGISTRY)/$(IMAGE_ORG)/cert-manager-operator:$(IMAGE_TAG) | ||
# IMAGE_OPERATOR_BUNDLE?=$(IMAGE_REGISTRY)/$(IMAGE_ORG)/cert-manager-operator-bundle:$(IMAGE_TAG) | ||
# | ||
# TEST_OPERATOR_NAMESPACE?=openshift-cert-manager-operator | ||
# | ||
# MANIFEST_SOURCE = https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml | ||
# | ||
# OPERATOR_SDK_VERSION?=v1.12.0 | ||
# OPERATOR_SDK?=$(PERMANENT_TMP_GOPATH)/bin/operator-sdk-$(OPERATOR_SDK_VERSION) | ||
# OPERATOR_SDK_DIR=$(dir $(OPERATOR_SDK)) | ||
|
||
# Include the library makefiles | ||
# | ||
# | ||
# # $1 - target name | ||
# # $2 - apis | ||
# # $3 - manifests | ||
# # $4 - output | ||
# $(call add-crd-gen,operator-alpha,./apis/operator/v1alpha1,./bundle/manifests,./bundle/manifests) | ||
# $(call add-crd-gen,config-alpha,./apis/config/v1alpha1,./bundle/manifests,./bundle/manifests) | ||
# | ||
# | ||
# # generate image targets | ||
# $(call build-image,cert-manager-operator,$(IMAGE_OPERATOR),./images/ci/Dockerfile,.) | ||
# $(call build-image,cert-manager-operator-bundle,$(IMAGE_OPERATOR_BUNDLE),./bundle/bundle.Dockerfile,./bundle) | ||
# |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The commented code should be removed.
|
||
KUSTOMIZE := go run sigs.k8s.io/kustomize/kustomize/v4 | ||
|
||
K8S_ENVTEST_VERSION := 1.21.4 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't see where it's used, ENVTEST_K8S_VERSION
seems to be the one for the envtest.
kind: ClusterServiceVersion | ||
metadata: | ||
annotations: | ||
alm-examples: '[]' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Weird, the sample didn't end up in CSV. BTW the sample is better to be useful since it'll be used for the scaffolding of the example in UI (you can created CR instances from there).
metadata: | ||
annotations: | ||
alm-examples: '[]' | ||
capabilities: Basic Install |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Capabilities used to be Seamless Upgrade
, not sure how aligned it was with the reality but that's a drift from what you had.
apiVersion: operators.coreos.com/v1alpha1 | ||
kind: ClusterServiceVersion | ||
metadata: | ||
annotations: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
operators.openshift.io/valid-subscription
got lost along the way. BTW the subscription is checked in CVP on CPaaS.
version: v1 | ||
description: cert-manager-operator | ||
displayName: cert-manager-operator | ||
icon: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Icon got lost along the way. It's visible in OperatorHub UI.
operators.operatorframework.io/builder: operator-sdk-v1.25.1 | ||
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 | ||
repository: https://github.com/openshift/cert-manager-operator | ||
support: Red Hat, Inc. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is quite a drift in the annotations compared to the previous version, one of the annotation which is visible to the end user is containerImage
("before install" menu).
- create | ||
- delete | ||
- get | ||
- list | ||
- patch | ||
- update | ||
- watch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That is more verbs than used to be. Why?
Description
Migration of cert manager operator to use
operator-sdk
for OLM bundle generation and packaging. It changes how bundles are bootstrapped and tweaked.OLM scaffolding generated using,
Notable Changes
openshift-cert-manager-operator
->cert-manager-operator
.openshift-cert-manager
->cert-manager
.config/alphav1
API dropped for the operator.0.0.1
(default).Dockerfile
introduced for CI.Change Log
apis
->api
config/alphav1
API was removed.bundle
: Regenerated usingoperator-sdk
.AllNamespaces
toSingleNamespace
andOwnedNamespace
.cmd
: Deleted andmain.go
moved to project root.config
: Bundle template generated usingoperator-sdk
.hack
hack/update-cert-manager-manifests.sh
: Update manifest destination asconfig/crd/bases/
.hack/update-clientgen.sh
andhack/update-deepcopy.sh
: Updateapi
file path.jsonnet
: Update script with the new namespaces.pkg/*
pkg/cmd/operator/cmd.go
: Update operator namespacepkg/controller/certmanager_controller.go
: Introduced placeholder controller along with required kubebuilder annotations.pkg/operator
: Re-generate operator client and helper functions.