Add v1beta1 API with Conversion Webhook and Cert-Manager #140
Conversation
pull-request-size
bot
added
the
size/XXL
jkhelil
changed the title
openshift-ci
bot
added
the
do-not-merge/work-in-progress
config/manifests/bases/shipwright-operator.clusterserviceversion.yaml
Outdated
Show resolved
Hide resolved
jkhelil
force-pushed
the
support_v1beta1
branch
from
afca365
to
d8d6e8d
Compare
jkhelil
changed the title
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
jkhelil
force-pushed
the
support_v1beta1
branch
8 times, most recently
from
2d76647
to
badfce7
Compare
|
/assign @adambkaplan |
There was a problem hiding this comment.
/approve
This is a good first step at getting the operator to support the beta API and associated conversion webhook. There are a few things that I would like to see before merging:
- Squashed commits, with a detailed commit message explaining what was added here.
- Add a similarly robust release note in the PR description. This is a significant change and probably needs an "ACTION REQUIRED" note due to the added cert-manager dependency.
- Update the README to clarify any prerequisites needed if the operator is installed/managed via OLM. For example, does the admin need to separately install the Tekton and Cert-manager operators?
One other thing I noticed that is a bit outside the scope is that our e2e test only checks that the operator installs the component. It doesn't, say, do a smoke test of running a Shipwright build and making sure it works fully end to end. This should be taken up as a separate item.
| - kind: Certificate | ||
| name: certificates.cert-manager.io | ||
| version: v1 |
There was a problem hiding this comment.
- Does this mean that a cluster admin also needs to install cert-manager?
- Does OLM do this automatically, or will an admin need to do this separately? See https://olm.operatorframework.io/docs/concepts/olm-architecture/dependency-resolution/#declaring-dependencies
There was a problem hiding this comment.
Via the bundle we provide, OLM installs automatically the dependencies, tekton and cert-manager
There was a problem hiding this comment.
We should release the operator to provide the olm bundle in the operatorhubio
| } | ||
| } | ||
|
|
||
| manifest, err := common.SetupManifestival(client, "certificates.yaml", logger) |
There was a problem hiding this comment.
Not blocking - noticing that this setup code is being run through every reconcile loop. Follow up PRs can refactor things a bit so we only do this setup once. Perhaps use a separate controller?
There was a problem hiding this comment.
Do we need to update the README to also recommend Tekton and Cert-Manager be installed?
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: adambkaplan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
jkhelil
force-pushed
the
support_v1beta1
branch
from
badfce7
to
722e1d9
Compare
adambkaplan
added
the
kind/feature
| ## OLM Dependencies | ||
| When installed via OLM using the provided SHipwright Operator Bundle, the Shipwright operator has two dependencies to: | ||
| - The Tekton operator needed by the Shipright Build Controller | ||
| - The Cert-Manager operator needed in case you delegate to the Shipwright operator the ssl certificates management of the Shipwright Conversion webhook | ||
| The two operators are then installed automatically by OLM. |
There was a problem hiding this comment.
nit to clean up some of the grammar:
| ## OLM Dependencies | |
| When installed via OLM using the provided SHipwright Operator Bundle, the Shipwright operator has two dependencies to: | |
| - The Tekton operator needed by the Shipright Build Controller | |
| - The Cert-Manager operator needed in case you delegate to the Shipwright operator the ssl certificates management of the Shipwright Conversion webhook | |
| The two operators are then installed automatically by OLM. | |
| ## OLM Dependencies | |
| When installed via OLM using the provided Shipwright Operator Bundle, the Shipwright operator will ask OLM to deploy the following operators: | |
| - The [Tekton operator](https://tekton.dev/docs/operator/) to deploy and manage Tekton Pipelines. | |
| - The [Cert-Manager operator](https://cert-manager.io/docs/installation/operator-lifecycle-manager/) to provision certificates for admission/conversion webhooks. | |
| For this to work, the Shipwright operator must be included in a catalog that includes these other operators. |
adambkaplan
changed the title
- Update release.yaml with nightly release - Add cert-manager as shipwright operator dependency - ReconcileCertManager to generate ssl key pair for the webhook - Generate rbac, manifests and bundle - update doc
jkhelil
force-pushed
the
support_v1beta1
branch
from
722e1d9
to
30d77ba
Compare
|
@shipwright-io/operator-reviewers for lgtm |
Changes
Fixes #142
Submitter Checklist
See the contributor guide
for details on coding conventions, github and prow interactions, and the code review process.
Release Note