-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
start using the CCO config object #227
Conversation
/hold |
/test e2e-aws-upgrade |
@staebler PTAL, this set of changes is the minimal set (IMO) to get CCO to read/respect the new operator config The other PR will handle making the operator config required for runtime operation and handling the bootstrap mode behavior |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The bones of this look sound.
@@ -36,6 +37,11 @@ var ( | |||
statusHandlers = []StatusHandler{} | |||
) | |||
|
|||
// ClearHandlers so that test cases don't endlessly add handlers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may lead to some flaky tests since tests should be able to be run in parallel.
@staebler addressed everything except the registering/clearing of the status handlers. Need to think about that one. |
@@ -129,6 +144,17 @@ func (r *ReconcileCloudCredSecret) Reconcile(request reconcile.Request) (reconci | |||
} | |||
|
|||
func (r *ReconcileCloudCredSecret) validateCloudCredsSecret(secret *corev1.Secret) error { | |||
// We only support passthrough so make sure the operator mode is either unset or "passthrough" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thought it worth mentioning that the installer will not allow the mode to be set to "passthrough". Of course, the user can set the mode directly in the config CR afterwards.
if err != nil { | ||
return err | ||
} | ||
if mode != "" && mode != operatorv1.CloudCredentialsModePassthrough { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not something that we should tackle for this PR, but this is also something that should cause the operator to be degraded.
if err != nil { | ||
logger.WithError(err).Error("error checking if operator is disabled") | ||
return reconcile.Result{}, err | ||
} else if conflict { | ||
logger.Error("configuration conflict betwen legacy configmap and operator config") | ||
return reconcile.Result{}, fmt.Errorf("configuration conflict") | ||
} else if operatorIsDisabled { | ||
} else if mode == operatorv1.CloudCredentialsModeManual { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't need to change it, but I find the else
distracting. There is no need for it to be an else
since each of the previous blocks return from the function.
mode, conflict, err := ...
if err != nil {
...
}
if conflict {
...
}
if mode == operatatorv1.CloudCredentialsModeManual {
...
}
if err != nil { | ||
mc.log.WithError(err).Error("failed to determine whether CCO is disabled") | ||
return | ||
} | ||
ccoDisabled := mode == operatorv1.CloudCredentialsModeManual |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also not something to change now, but we should make an effort in the future to remove the "disabled" concept from the CCO and replace it with "manual mode".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good. Let's squash it down and wait for the api changes to merge.
/retest |
Pull in updated openshift/api with CCO config CRD. manual overide vendor of openshift/api move to client-go 0.19.0-rc.2 vendor controller-runtime as github.com/joelanford/controller-runtime@k8s-1.19 pull master branch for openshift/library-go and openshift/client-go
- [x] to determine whether CCO is in manual/disabled mode - [x] to bypass permissions checking when annotating the cloud secret (AWS/Azure/GCP) - [x] update role to grant access to read the config - [x] copy generated CRD from openshift/api into manifests so that it gets applied - [x] add clusteroperator status reporting for bad modes (and conflicting legacy settings and new modes). Fix conditions merging to not drop old conditions when new StatusHandler has no conditions to set. Fix fallout from that fix where StatusHandlers registered during tests were stacking up and interfering with each other.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: joelddiaz, staebler The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/unhold |
Also consolidate scheme registration.
Fix conditions merging to not drop old conditions when new StatusHandler has no conditions to set.
Fix fallout from that fix where StatusHandlers registered during tests were stacking up and interfering with each other.