diff --git a/kiali-operator/crds/crds.yaml b/kiali-operator/crds/crds.yaml index 2efa302..8e98412 100644 --- a/kiali-operator/crds/crds.yaml +++ b/kiali-operator/crds/crds.yaml @@ -22,27 +22,3 @@ spec: type: object x-kubernetes-preserve-unknown-fields: true ... ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: ossmconsoles.kiali.io -spec: - group: kiali.io - names: - kind: OSSMConsole - listKind: OSSMConsoleList - plural: ossmconsoles - singular: ossmconsole - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true -... diff --git a/kiali-operator/templates/clusterrole.yaml b/kiali-operator/templates/clusterrole.yaml index 1b7291c..961b56b 100644 --- a/kiali-operator/templates/clusterrole.yaml +++ b/kiali-operator/templates/clusterrole.yaml @@ -192,6 +192,7 @@ rules: - patch - update - watch +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} # The permissions below are for OSSMC operator capabilities - apiGroups: ["console.openshift.io"] resources: @@ -213,6 +214,7 @@ rules: - patch - update - watch +{{- end }} # The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles - apiGroups: [""] resources: diff --git a/kiali-operator/templates/deployment.yaml b/kiali-operator/templates/deployment.yaml index 5a551f5..c21c918 100644 --- a/kiali-operator/templates/deployment.yaml +++ b/kiali-operator/templates/deployment.yaml @@ -49,6 +49,11 @@ spec: args: - "--zap-log-level=info" - "--leader-election-id={{ include "kiali-operator.fullname" . }}" +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + - "--watches-file=./watches-os.yaml" +{{- else }} + - "--watches-file=./watches-k8s.yaml" +{{- end }} securityContext: {{- if .Values.securityContext }} {{- toYaml .Values.securityContext | nindent 10 }} @@ -78,8 +83,10 @@ spec: value: {{ .Values.allowAdHocKialiNamespace | quote }} - name: ALLOW_AD_HOC_KIALI_IMAGE value: {{ .Values.allowAdHocKialiImage | quote }} +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} - name: ALLOW_AD_HOC_OSSMCONSOLE_IMAGE value: {{ .Values.allowAdHocOSSMConsoleImage | quote }} +{{- end }} - name: ALLOW_SECURITY_CONTEXT_OVERRIDE value: {{ .Values.allowSecurityContextOverride | quote }} - name: ALLOW_ALL_ACCESSIBLE_NAMESPACES @@ -92,8 +99,10 @@ spec: value: {{ .Values.debug.enabled | quote }} - name: ANSIBLE_VERBOSITY_KIALI_KIALI_IO value: {{ .Values.debug.verbosity | quote }} +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} - name: ANSIBLE_VERBOSITY_OSSMCONSOLE_KIALI_IO value: {{ .Values.debug.verbosity | quote }} +{{- end }} - name: ANSIBLE_CONFIG {{- if .Values.debug.enableProfiler }} value: "/opt/ansible/ansible-profiler.cfg" diff --git a/kiali-operator/templates/ossmconsole-crd.yaml b/kiali-operator/templates/ossmconsole-crd.yaml new file mode 100644 index 0000000..85a4a07 --- /dev/null +++ b/kiali-operator/templates/ossmconsole-crd.yaml @@ -0,0 +1,34 @@ +# The operator will watch resources of this kind and install OSSMC when one is found. +# This CRD needs to be templated because we do not want it installed on non-OpenShift clusters. +# However, the crds/ directory is not templated by Helm. See the Helm documentation on this here: +# https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#method-1-let-helm-do-it-for-you +# Therefore, this CRD declaration is in templates/. The operator helm chart does not create resources +# of this kind, so this should be OK. Just realize if you uninstall the operator, this CRD will also +# be uninstalled (and thus any existing OSSMC CR will also be purged). + +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: ossmconsoles.kiali.io +spec: + group: kiali.io + names: + kind: OSSMConsole + listKind: OSSMConsoleList + plural: ossmconsoles + singular: ossmconsole + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true +... +{{- end }}