start using the CCO config object #227
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
|
/hold |
openshift-ci-robot
added
the
do-not-merge/hold
|
/test e2e-aws-upgrade |
|
@staebler PTAL, this set of changes is the minimal set (IMO) to get CCO to read/respect the new operator config The other PR will handle making the operator config required for runtime operation and handling the bootstrap mode behavior |
openshift-ci-robot
added
the
needs-rebase
openshift-ci-robot
removed
the
needs-rebase
| @@ -36,6 +37,11 @@ var ( | |||
| statusHandlers = []StatusHandler{} | |||
| ) | |||
|
|
|||
| // ClearHandlers so that test cases don't endlessly add handlers | |||
There was a problem hiding this comment.
This may lead to some flaky tests since tests should be able to be run in parallel.
|
@staebler addressed everything except the registering/clearing of the status handlers. Need to think about that one. |
| @@ -129,6 +144,17 @@ func (r *ReconcileCloudCredSecret) Reconcile(request reconcile.Request) (reconci | |||
| } | |||
|
|
|||
| func (r *ReconcileCloudCredSecret) validateCloudCredsSecret(secret *corev1.Secret) error { | |||
| // We only support passthrough so make sure the operator mode is either unset or "passthrough" | |||
There was a problem hiding this comment.
Thought it worth mentioning that the installer will not allow the mode to be set to "passthrough". Of course, the user can set the mode directly in the config CR afterwards.
| if err != nil { | ||
| return err | ||
| } | ||
| if mode != "" && mode != operatorv1.CloudCredentialsModePassthrough { |
There was a problem hiding this comment.
Not something that we should tackle for this PR, but this is also something that should cause the operator to be degraded.
| if err != nil { | ||
| logger.WithError(err).Error("error checking if operator is disabled") | ||
| return reconcile.Result{}, err | ||
| } else if conflict { | ||
| logger.Error("configuration conflict betwen legacy configmap and operator config") | ||
| return reconcile.Result{}, fmt.Errorf("configuration conflict") | ||
| } else if operatorIsDisabled { | ||
| } else if mode == operatorv1.CloudCredentialsModeManual { |
There was a problem hiding this comment.
Don't need to change it, but I find the else distracting. There is no need for it to be an else since each of the previous blocks return from the function.
mode, conflict, err := ...
if err != nil {
...
}
if conflict {
...
}
if mode == operatatorv1.CloudCredentialsModeManual {
...
}
| if err != nil { | ||
| mc.log.WithError(err).Error("failed to determine whether CCO is disabled") | ||
| return | ||
| } | ||
| ccoDisabled := mode == operatorv1.CloudCredentialsModeManual |
There was a problem hiding this comment.
Also not something to change now, but we should make an effort in the future to remove the "disabled" concept from the CCO and replace it with "manual mode".
|
/retest |
Pull in updated openshift/api with CCO config CRD. manual overide vendor of openshift/api move to client-go 0.19.0-rc.2 vendor controller-runtime as github.com/joelanford/controller-runtime@k8s-1.19 pull master branch for openshift/library-go and openshift/client-go
- [x] to determine whether CCO is in manual/disabled mode - [x] to bypass permissions checking when annotating the cloud secret (AWS/Azure/GCP) - [x] update role to grant access to read the config - [x] copy generated CRD from openshift/api into manifests so that it gets applied - [x] add clusteroperator status reporting for bad modes (and conflicting legacy settings and new modes). Fix conditions merging to not drop old conditions when new StatusHandler has no conditions to set. Fix fallout from that fix where StatusHandlers registered during tests were stacking up and interfering with each other.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: joelddiaz, staebler The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
joelddiaz
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
/unhold |
openshift-ci-robot
removed
the
do-not-merge/hold
Also consolidate scheme registration.
Fix conditions merging to not drop old conditions when new StatusHandler has no conditions to set.
Fix fallout from that fix where StatusHandlers registered during tests were stacking up and interfering with each other.