New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor service-ca and payload config controller (part 2) #293
Refactor service-ca and payload config controller (part 2) #293
Conversation
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
first, faster pass
5fa4ef7
to
1d61807
Compare
1d61807
to
8d481c8
Compare
PullBuilderImageFailed: Failed pulling builder image. /retest |
// knownConditionNames lists all condition types used by this controller. | ||
// These conditions are operated and defaulted by this controller. | ||
// Any new condition used by this controller sync() loop should be listed here. | ||
var knownConditionNames = sets.NewString( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you're going to all the trouble of splitting bits out and still have three conditions? That seems weird.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
now there is more than three :-)
if err != nil { | ||
return nil, []operatorv1.OperatorCondition{ | ||
{ | ||
Type: "CLIConfigDegraded", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't related to the CLI. You want this degraded message to point to where the customer should look for a fix or what the impact of the failure is. In this case, OAuthServerIngressDegraded?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@deads2k the result of this controller sync loop is "v4-0-config-system-cliconfig
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i mean i'm open for suggestions of the name for this controller :-)
8d481c8
to
ee313b8
Compare
ee313b8
to
9c3838a
Compare
9c3838a
to
f58379d
Compare
@mfojtik: mfojtik unauthorized: /override is restricted to Repo administrators, approvers in top level OWNERS file. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
886464f
to
783e137
Compare
/retest |
2 similar comments
/retest |
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bunch of comments, I am not sure I like different controllers setting similarly-named conditions when they're unable to deal with the same resources
foundConditions := []operatorv1.OperatorCondition{} | ||
|
||
// make sure we create the service before we start asking about service certs | ||
if _, err := c.serviceLister.Services("openshift-authentication").Get("oauth-openshift"); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you mean to go degraded when the service gets removed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i would go Degraded in any error case here, service removed is one of them? do you think we need to handle 404 differently?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
right, I originally thought this controller attempted to sync the service itself as well, but that's done elsewhere.
cliConfigBytes, err := runtime.Encode(encoder, cliConfig) | ||
if err != nil { | ||
return []operatorv1.OperatorCondition{ | ||
{ | ||
Type: "OAuthConfigDegraded", | ||
Status: operatorv1.ConditionTrue, | ||
Reason: "EncodeFailed", | ||
Message: fmt.Sprintf("Failed to encode CLI config: %v", err), | ||
}, | ||
} | ||
} | ||
|
||
observedConfig, err := grabPrefixedConfig(operatorConfig.Spec.ObservedConfig.Raw, configobservation.OAuthServerConfigPrefix) | ||
if err != nil { | ||
return []operatorv1.OperatorCondition{ | ||
{ | ||
Type: "OAuthConfigDegraded", | ||
Status: operatorv1.ConditionTrue, | ||
Reason: "GetOAuthServerConfigFailed", | ||
Message: fmt.Sprintf("Unable to get oauth-server configuration: %v", err), | ||
}, | ||
} | ||
} | ||
|
||
completeConfigBytes, err := resourcemerge.MergePrunedProcessConfig(&osinv1.OsinServerConfig{}, nil, cliConfigBytes, observedConfig, operatorConfig.Spec.UnsupportedConfigOverrides.Raw) | ||
if err != nil { | ||
return []operatorv1.OperatorCondition{ | ||
{ | ||
Type: "OAuthConfigDegraded", | ||
Status: operatorv1.ConditionTrue, | ||
Reason: "MergeConfigFailed", | ||
Message: fmt.Sprintf("Failed to merge config with unsupportedConfigOverrides: %v", err), | ||
}, | ||
} | ||
} | ||
|
||
expectedCLIConfig := getCliConfigMap(completeConfigBytes) | ||
|
||
_, _, err = resourceapply.ApplyConfigMap(c.configMaps, recorder, expectedCLIConfig) | ||
if err != nil { | ||
return []operatorv1.OperatorCondition{ | ||
{ | ||
Type: "OAuthConfigDegraded", | ||
Status: operatorv1.ConditionTrue, | ||
Reason: "ApplyFailed", | ||
Message: fmt.Sprintf("Failed to apply CLI configuration %q: %v", expectedCLIConfig.Name, err), | ||
}, | ||
} | ||
} | ||
|
||
return nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the actual logic gets covered up by construction of the conditions :/ I can try to deal with this in a follow-up
783e137
to
992c2cd
Compare
/retest |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mfojtik, stlaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest |
Follow-up for #292
This continue to split the main operator loop. In this iteration the "block 2" is pushed into its own controller.