AUTH-543: Add workload deletion condition method and clean-up #1977
Conversation
liouk
changed the title
openshift-ci-robot
added
the
jira/valid-reference
|
@liouk: This pull request references AUTH-543 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
| // remove any conditions and generations owned by it, because the respective API fields have 'map' | ||
| // as the list type where field managers can be list element-specific | ||
| if err := c.operatorClient.ApplyOperatorStatus(ctx, c.controllerInstanceName, applyoperatorv1.OperatorStatus()); err != nil { | ||
| return c.updateOperatorStatus(ctx, operatorStatus, nil, false, false, []error{err}) |
There was a problem hiding this comment.
I would just simply return an err here, this is also what we do in updateOperatorStatus
|
|
||
| // WithEmptyVersionRemoval returns a copy of the StatusSyncer that will | ||
| // remove versions that are an empty string in VersionGetter from the status. | ||
| func (c *StatusSyncer) WithEmptyVersionRemoval() *StatusSyncer { |
There was a problem hiding this comment.
could we use WithVersionRemoval instead ?
There was a problem hiding this comment.
There's already a WithVersionRemoval() method that does something slightly different: it removes versions that are missing in VersionGetter from the status. Also, there's no way to delete a version from the version getter, as it only allows to Get/Set one, hence the empty string need.
There was a problem hiding this comment.
mhm, maybe we should allow for version removal then ?
I think that would involve exposing a new method on https://github.com/openshift/cluster-openshift-apiserver-operator/blob/476eac3b927b2a935f01f8ac4ec74f9a0cf54bc4/vendor/github.com/openshift/library-go/pkg/operator/status/version.go#L33
If we had such method then we could pair it with WithVersionRemoval, right ?
liouk
force-pushed
the
AUTH-543
branch
2 times, most recently
from
cedc4e7 to
cb97c15
Compare
| v.lock.Lock() | ||
| defer v.lock.Unlock() | ||
|
|
||
| delete(v.versions, operandName) |
There was a problem hiding this comment.
should we check if the version wasn't removed ?
There was a problem hiding this comment.
and if it was maybe we don't have to notify (?)
There was a problem hiding this comment.
delete() is a no-op if the map is nil/empty or the key doesn't exist, so this is a safe call.
There was a problem hiding this comment.
but we will call notifyChannelsLocked event if nothing was removed.
let's only call notifyChannelsLocked when we removed an entry from the map.
pkg/operator/status/version.go
Outdated
| return channel | ||
| } | ||
|
|
||
| func (v *versionGetter) notifyChannels() { |
There was a problem hiding this comment.
please change the name of the method to notifyChannelsLocked so that it is clear it must be called under lock.
| return err | ||
| } | ||
|
|
||
| if deleted, operandName, err := c.delegate.WorkloadDeleted(ctx); err != nil { |
There was a problem hiding this comment.
I think we need to move it down. In theory it could be possible to define preconditions for the new method as well.
So I think the order should be: Precondiditons, WorkladDeleted, Sync
| return err | ||
| } | ||
|
|
||
| c.versionRecorder.UnsetVersion(operandName) |
There was a problem hiding this comment.
The corresponding Set method can be prefixed with c.operandNamePrefix. I think we need to do the same, no?
| type VersionGetter interface { | ||
| // SetVersion is a way to set the version for an operand. It must be thread-safe | ||
| SetVersion(operandName, version string) | ||
| // UnsetVersion removes a version for an operand. It must be thread-safe |
There was a problem hiding this comment.
please expand the comment by explaining what happens when the given operandName was already deleted.
| v.lock.Lock() | ||
| defer v.lock.Unlock() | ||
|
|
||
| delete(v.versions, operandName) |
There was a problem hiding this comment.
but we will call notifyChannelsLocked event if nothing was removed.
let's only call notifyChannelsLocked when we removed an entry from the map.
| return nil | ||
| } | ||
|
|
||
| func (c *Controller) addPrefix(name string) string { |
There was a problem hiding this comment.
nit: please rename to constructOperandNameFor(name string) string or constructOperandName(name string) string
| v.lock.Lock() | ||
| defer v.lock.Unlock() | ||
|
|
||
| delete(v.versions, operandName) |
…rface This determines whether the delegate controller has deleted the workload, and indicates to the workload controller that it must clear the respective operator status fields.
|
/lgtm /hold please test this PR with the oas and maybe the auth operator. |
openshift-ci
bot
added
the
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liouk, p0lyn0mial The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
New proof PRs after dependency bumps:
|
|
openshift/cluster-openshift-apiserver-operator#621 has passed all tests as well.
Unholding as this has been satisfied. /hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
@liouk: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
There might be cases (as demonstrated in OCPBUGS-44937) where we might want to gracefully delete the operand workload of the workload controller, and keep the operator status available (instead of unavailable or degraded).
This PR adds an optional way of specifying a deletion condition which will trigger the deletion of the operand gracefully, keeping the operator's status as Available=True.
This is needed in the scope of openshift/cluster-authentication-operator#740.
This PR replaces #1902.