Refactor service-ca and payload config controller (part 2) #293
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
|
/retest |
mfojtik
changed the title
mfojtik
force-pushed
the
refactor-serviceca
branch
2 times, most recently
from
5fa4ef7
to
1d61807
Compare
mfojtik
changed the title
mfojtik
force-pushed
the
refactor-serviceca
branch
from
1d61807
to
8d481c8
Compare
|
PullBuilderImageFailed: Failed pulling builder image. /retest |
| // knownConditionNames lists all condition types used by this controller. | ||
| // These conditions are operated and defaulted by this controller. | ||
| // Any new condition used by this controller sync() loop should be listed here. | ||
| var knownConditionNames = sets.NewString( |
There was a problem hiding this comment.
you're going to all the trouble of splitting bits out and still have three conditions? That seems weird.
There was a problem hiding this comment.
now there is more than three :-)
| if err != nil { | ||
| return nil, []operatorv1.OperatorCondition{ | ||
| { | ||
| Type: "CLIConfigDegraded", |
There was a problem hiding this comment.
This isn't related to the CLI. You want this degraded message to point to where the customer should look for a fix or what the impact of the failure is. In this case, OAuthServerIngressDegraded?
There was a problem hiding this comment.
@deads2k the result of this controller sync loop is "v4-0-config-system-cliconfig
There was a problem hiding this comment.
i mean i'm open for suggestions of the name for this controller :-)
openshift-ci-robot
added
the
needs-rebase
mfojtik
force-pushed
the
refactor-serviceca
branch
from
8d481c8
to
ee313b8
Compare
openshift-ci-robot
removed
the
needs-rebase
mfojtik
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
mfojtik
force-pushed
the
refactor-serviceca
branch
from
ee313b8
to
9c3838a
Compare
mfojtik
force-pushed
the
refactor-serviceca
branch
from
9c3838a
to
f58379d
Compare
|
@mfojtik: mfojtik unauthorized: /override is restricted to Repo administrators, approvers in top level OWNERS file. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
mfojtik
force-pushed
the
refactor-serviceca
branch
2 times, most recently
from
886464f
to
783e137
Compare
|
/retest |
2 similar comments
|
/retest |
|
/retest |
| foundConditions := []operatorv1.OperatorCondition{} | ||
|
|
||
| // make sure we create the service before we start asking about service certs | ||
| if _, err := c.serviceLister.Services("openshift-authentication").Get("oauth-openshift"); err != nil { |
There was a problem hiding this comment.
Did you mean to go degraded when the service gets removed?
There was a problem hiding this comment.
i would go Degraded in any error case here, service removed is one of them? do you think we need to handle 404 differently?
There was a problem hiding this comment.
right, I originally thought this controller attempted to sync the service itself as well, but that's done elsewhere.
| cliConfigBytes, err := runtime.Encode(encoder, cliConfig) | ||
| if err != nil { | ||
| return []operatorv1.OperatorCondition{ | ||
| { | ||
| Type: "OAuthConfigDegraded", | ||
| Status: operatorv1.ConditionTrue, | ||
| Reason: "EncodeFailed", | ||
| Message: fmt.Sprintf("Failed to encode CLI config: %v", err), | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| observedConfig, err := grabPrefixedConfig(operatorConfig.Spec.ObservedConfig.Raw, configobservation.OAuthServerConfigPrefix) | ||
| if err != nil { | ||
| return []operatorv1.OperatorCondition{ | ||
| { | ||
| Type: "OAuthConfigDegraded", | ||
| Status: operatorv1.ConditionTrue, | ||
| Reason: "GetOAuthServerConfigFailed", | ||
| Message: fmt.Sprintf("Unable to get oauth-server configuration: %v", err), | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| completeConfigBytes, err := resourcemerge.MergePrunedProcessConfig(&osinv1.OsinServerConfig{}, nil, cliConfigBytes, observedConfig, operatorConfig.Spec.UnsupportedConfigOverrides.Raw) | ||
| if err != nil { | ||
| return []operatorv1.OperatorCondition{ | ||
| { | ||
| Type: "OAuthConfigDegraded", | ||
| Status: operatorv1.ConditionTrue, | ||
| Reason: "MergeConfigFailed", | ||
| Message: fmt.Sprintf("Failed to merge config with unsupportedConfigOverrides: %v", err), | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| expectedCLIConfig := getCliConfigMap(completeConfigBytes) | ||
|
|
||
| _, _, err = resourceapply.ApplyConfigMap(c.configMaps, recorder, expectedCLIConfig) | ||
| if err != nil { | ||
| return []operatorv1.OperatorCondition{ | ||
| { | ||
| Type: "OAuthConfigDegraded", | ||
| Status: operatorv1.ConditionTrue, | ||
| Reason: "ApplyFailed", | ||
| Message: fmt.Sprintf("Failed to apply CLI configuration %q: %v", expectedCLIConfig.Name, err), | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| return nil |
There was a problem hiding this comment.
the actual logic gets covered up by construction of the conditions :/ I can try to deal with this in a follow-up
mfojtik
force-pushed
the
refactor-serviceca
branch
from
783e137
to
992c2cd
Compare
|
/retest |
mfojtik
changed the title
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mfojtik, stlaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
lgtm
|
/retest |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest |
Follow-up for #292
This continue to split the main operator loop. In this iteration the "block 2" is pushed into its own controller.