Allow configuring a default namespace for operators #204
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JustinKuli
added a commit
to JustinKuli/governance-policy-addon-controller-1
that referenced
this pull request
Feb 15, 2024
This sets the command-line flag added by the companion PR open-cluster-management-io/config-policy-controller#204 This only sets that flag when the managed cluster is using OpenShift v4. It should be noted that this flag is *not* currently configurable by the user (it is not for example exposed through an annotation). Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
mprahl
reviewed
Feb 15, 2024
|
|
||
| err := json.Unmarshal(policy.Spec.Subscription.Raw, &sub) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("unable to unmarshal from spec.subscription: %w", err) |
There was a problem hiding this comment.
Since this becomes user facing in the status (I think), how about?
Suggested change
| return nil, fmt.Errorf("unable to unmarshal from spec.subscription: %w", err) | |
| return nil, fmt.Errorf("the policy spec.subscription is invalid: %w", err) |
mprahl
reviewed
Feb 15, 2024
| // buildOperatorGroup bootstraps the OperatorGroup spec defined in the operator policy | ||
| // with the apiversion and kind in preparation for resource creation | ||
| func buildOperatorGroup( | ||
| policy *policyv1beta1.OperatorPolicy, defaultNS string, |
There was a problem hiding this comment.
Suggested change
| policy *policyv1beta1.OperatorPolicy, defaultNS string, | |
| policy *policyv1beta1.OperatorPolicy, namespace string, |
There was a problem hiding this comment.
It would still use the namespace specified by the user if one is provided, so I feel like defaultNS is a more accurate name. But, thinking about it, we should probably stop and alert the user if the specified namespace for the operator group does not match what the subscription will use.
There was a problem hiding this comment.
In which case, the parameter should just be called namespace 😆
JustinKuli
force-pushed
the
9896-oppol-defaulting-namespace
branch
from
4187afd
to
d76d6b5
Compare
|
I adjusted the way the relatedObjects is marked as optional, so the controller shouldn't get stuck if the cluster still has the old version of the CRD where the field is required: https://github.com/open-cluster-management-io/config-policy-controller/compare/4187afd2e0bd400b5160e0104c093675187ca9d1..d76d6b5eee52b5f3d7ed8789c0958468e7a8ad75#diff-c1ba6e7a77ddcb50f7ecdd75bd3556d38d1d58414b685c17a84953b947e5cb1cR103-R104 |
JustinKuli
added a commit
to JustinKuli/governance-policy-addon-controller-1
that referenced
this pull request
Feb 16, 2024
This sets the command-line flag added by the companion PR open-cluster-management-io/config-policy-controller#204 This only sets that flag when the managed cluster is using OpenShift v4. It should be noted that this flag is *not* currently configurable by the user (it is not for example exposed through an annotation). Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
mprahl
reviewed
Feb 19, 2024
mprahl
previously approved these changes
Feb 19, 2024
This commit only moves some definitions around so that things are in a more consistent order, which may help other refactoring work. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
This will allow OperatorPolicies to use a default namespace when the user does not specify one in the policy. For example, on OpenShift, it's conventional to install operators to the openshift-operators namespace when they are cluster-wide. This default namespace is set via a command line flag, so it can be customized per deployment. This commit also adds a validation condition to OperatorPolicy, for reporting when the subscription or operatorgroup specs are invalid. Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
Other status fields are not required, and this field was specifically causing an issue for the new validation condition, since it does not have any relatedObjects associated with it. This both fixes the CRD and the behavior of the controller (so that field is always set) so that if the CRD on the cluster is still the old one, the controller will not get stuck. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
JustinKuli
force-pushed
the
9896-oppol-defaulting-namespace
branch
from
d76d6b5
to
98f2a68
Compare
mprahl
approved these changes
Feb 20, 2024
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: JustinKuli, mprahl The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/unhold |
openshift-merge-bot
bot
merged commit 296b1b7
into
open-cluster-management-io:main
4 checks passed
This was referenced Feb 20, 2024
openshift-merge-bot bot
pushed a commit
to open-cluster-management-io/governance-policy-addon-controller
that referenced
this pull request
Feb 20, 2024
This sets the command-line flag added by the companion PR open-cluster-management-io/config-policy-controller#204 This only sets that flag when the managed cluster is using OpenShift v4. It should be noted that this flag is *not* currently configurable by the user (it is not for example exposed through an annotation). Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
magic-mirror-bot bot
pushed a commit
to stolostron/governance-policy-addon-controller
that referenced
this pull request
Feb 20, 2024
This sets the command-line flag added by the companion PR open-cluster-management-io/config-policy-controller#204 This only sets that flag when the managed cluster is using OpenShift v4. It should be noted that this flag is *not* currently configurable by the user (it is not for example exposed through an annotation). Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit 010070d5d134801cb3a257bf865f216318156b58)
magic-mirror-bot bot
pushed a commit
to stolostron/governance-policy-addon-controller
that referenced
this pull request
Feb 20, 2024
This sets the command-line flag added by the companion PR open-cluster-management-io/config-policy-controller#204 This only sets that flag when the managed cluster is using OpenShift v4. It should be noted that this flag is *not* currently configurable by the user (it is not for example exposed through an annotation). Refs: - https://issues.redhat.com/browse/ACM-9896 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit 010070d5d134801cb3a257bf865f216318156b58)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a command line flag for setting a default namespace for subscriptions/operatorgroups when not specified in an OperatorPolicy spec. This will allow (for example) OpenShift clusters to default to the "openshift-operators" namespace, which is conventionally used for cluster-wide operator installations.
Note to reviewers: the first commit is just re-arranging code blocks to a more consistent order; going through the other 2 commit by commit is probably easier to read.