UPSTREAM: <carry>: Add Openshift's catalogd manifests

- Move to openshift/catalogd the specific manifest under: https://github.com/openshift/operator-framework-catalogd/tree/main/openshift
- Add call to generate catalogd manifest to 'make manifest'. Make verify test is now done for catalogd and operator-controller Openshift's manifests

Author: camilamacedo86

openshift/Makefile

@@ -16,6 +16,7 @@ verify: ## Run downstream-specific verify
 .PHONY: manifests
 manifests: $(KUSTOMIZE) $(YQ)
 	$(DIR)/operator-controller/generate-manifests.sh
+	$(DIR)/catalogd/generate-manifests.sh
 
 .PHONY: verify-manifests
 verify-manifests: manifests
@@ -35,3 +36,8 @@ test-e2e: ## Run the e2e tests.
 	$(DIR)/operator-controller/build-test-registry.sh $(E2E_REGISTRY_NAMESPACE) $(E2E_REGISTRY_NAME) $(E2E_REGISTRY_IMAGE)
 	cd $(DIR)/../; \
 	go test $(DOWNSTREAM_E2E_FLAGS) ./test/e2e/...;
+	# Run e2e tests for catalogd
+	# TODO: Add build of the testdata/test-catalog.Dockerfile to openshift/release
+	# See that catalogd e2e tests uses testdata/test-catalog.Dockerfile
+	# More info: https://github.com/openshift/release/blob/master/ci-operator/config/openshift/operator-framework-catalogd/openshift-operator-framework-catalogd-main.yaml#L26-L29
+	#$(MAKE) test-e2e -C $(DIR)/../catalogd/

openshift/catalogd.Dockerfile

@@ -0,0 +1,12 @@
+FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.23-openshift-4.19 AS builder
+WORKDIR /build
+COPY . .
+RUN make go-build-local
+
+FROM registry.ci.openshift.org/ocp/4.19:base-rhel9
+USER 1001
+COPY --from=builder /build/bin/catalogd /catalogd
+COPY openshift/catalogd/manifests /openshift/manifests
+
+LABEL io.k8s.display-name="OpenShift Operator Lifecycle Manager Catalog Controller" \
+      io.k8s.description="This is a component of OpenShift Container Platform that provides operator catalog support."

openshift/catalogd/dependencies.go

@@ -0,0 +1,6 @@
+//go:build tools
+// +build tools
+
+package catalogd
+
+import _ "github.com/openshift/build-machinery-go"

openshift/catalogd/generate-manifests.sh

@@ -0,0 +1,132 @@
+#!/usr/bin/env bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+##################################################
+# Modify these as needed
+##################################################
+
+# This is the namespace where all namespace-scoped resources live
+NAMESPACE=openshift-catalogd
+
+# This is a mapping of deployment container names to image placeholder values. For example, given a deployment with
+# 2 containers named kube-rbac-proxy and manager, their images will be set to ${KUBE_RBAC_PROXY_IMAGE} and
+# ${CATALOGD_IMAGE}, respectively. The cluster-olm-operator will replace these placeholders will real image values.
+declare -A IMAGE_MAPPINGS
+# shellcheck disable=SC2016
+IMAGE_MAPPINGS[kube-rbac-proxy]='${KUBE_RBAC_PROXY_IMAGE}'
+# shellcheck disable=SC2016
+IMAGE_MAPPINGS[manager]='${CATALOGD_IMAGE}'
+
+# This is a mapping of catalogd flag names to values. For example, given a deployment with a container
+# named "manager" and arguments:
+# args:
+#  - --flagname=one
+# and an entry to the FLAG_MAPPINGS of FLAG_MAPPINGS[flagname]='two', the argument will be updated to:
+# args:
+#  - --flagname=two
+#
+# If the flag doesn't already exist - it will be appended to the list.
+declare -A FLAG_MAPPINGS
+# shellcheck disable=SC2016
+FLAG_MAPPINGS[external-address]="catalogd-service.${NAMESPACE}.svc"
+FLAG_MAPPINGS[global-pull-secret]="openshift-config/pull-secret"
+
+##################################################
+# You shouldn't need to change anything below here
+##################################################
+
+# Know where the repo root is so we can reference things relative to it
+REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+
+# Source bingo so we can use kustomize and yq
+. "${REPO_ROOT}/openshift/.bingo/variables.env"
+
+# We're going to do file manipulation, so let's work in a temp dir
+TMP_ROOT="$(mktemp -p . -d 2>/dev/null || mktemp -d ./tmpdir.XXXXXXX)"
+# Make sure to delete the temp dir when we exit
+trap 'rm -rf $TMP_ROOT' EXIT
+
+# Copy all kustomize files into a temp dir
+cp -a "${REPO_ROOT}/catalogd/config/" "${TMP_ROOT}/config/"
+
+mkdir -p "${TMP_ROOT}/openshift/catalogd/"
+cp -a "${REPO_ROOT}/openshift/catalogd/kustomize" "${TMP_ROOT}/openshift/catalogd/kustomize"
+
+# Override OPENSHIFT-NAMESPACE to ${NAMESPACE}
+find "${TMP_ROOT}" -name "*.yaml" -exec sed -i'.bak' "s/OPENSHIFT-NAMESPACE/${NAMESPACE}/g" {} \;
+find "${TMP_ROOT}" -name "*.bak" -exec rm {} \;
+
+# Create a temp dir for manifests
+TMP_MANIFEST_DIR="${TMP_ROOT}/manifests"
+mkdir -p "$TMP_MANIFEST_DIR"
+
+# Run kustomize, which emits a single yaml file
+TMP_KUSTOMIZE_OUTPUT="${TMP_MANIFEST_DIR}/temp.yaml"
+$KUSTOMIZE build "${TMP_ROOT}/openshift/catalogd/kustomize/overlays/openshift" -o "$TMP_KUSTOMIZE_OUTPUT"
+
+for container_name in "${!IMAGE_MAPPINGS[@]}"; do
+  placeholder="${IMAGE_MAPPINGS[$container_name]}"
+  $YQ -i "(select(.kind == \"Deployment\")|.spec.template.spec.containers[]|select(.name==\"$container_name\")|.image) = \"$placeholder\"" "$TMP_KUSTOMIZE_OUTPUT"
+  $YQ -i 'select(.kind == "Deployment").spec.template.metadata.annotations += {"target.workload.openshift.io/management": "{\"effect\": \"PreferredDuringScheduling\"}"}' "$TMP_KUSTOMIZE_OUTPUT"
+  $YQ -i 'select(.kind == "Deployment").spec.template.metadata.annotations += {"openshift.io/required-scc": "privileged"}' "$TMP_KUSTOMIZE_OUTPUT"
+  $YQ -i 'select(.kind == "Deployment").spec.template.spec += {"priorityClassName": "system-cluster-critical"}' "$TMP_KUSTOMIZE_OUTPUT"
+  $YQ -i 'select(.kind == "Namespace").metadata.annotations += {"workload.openshift.io/allowed": "management"}' "$TMP_KUSTOMIZE_OUTPUT"
+done
+
+# Loop through any flag updates that need to be made to the manager container
+for flag_name in "${!FLAG_MAPPINGS[@]}"; do
+  flagval="${FLAG_MAPPINGS[$flag_name]}"
+
+  # First, update the flag if it exists
+  $YQ -i "(select(.kind == \"Deployment\") | .spec.template.spec.containers[] | select(.name == \"manager\") | .args[] | select(. | contains(\"--$flag_name=\")) | .) = \"--$flag_name=$flagval\"" "$TMP_KUSTOMIZE_OUTPUT"
+
+  # Then, append the flag if it doesn't exist
+  $YQ -i "(select(.kind == \"Deployment\") | .spec.template.spec.containers[] | select(.name == \"manager\") | .args) |= (select(.[] | contains(\"--$flag_name=\")) | .) // . + [\"--$flag_name=$flagval\"]" "$TMP_KUSTOMIZE_OUTPUT"
+done
+
+# Use yq to split the single yaml file into 1 per document.
+# Naming convention: $index-$kind-$namespace-$name. If $namespace is empty, just use the empty string.
+(
+  cd "$TMP_MANIFEST_DIR"
+
+  # shellcheck disable=SC2016
+  ${YQ} -s '$index +"-"+ (.kind|downcase) +"-"+ (.metadata.namespace // "") +"-"+ .metadata.name' temp.yaml
+)
+
+# Delete the single yaml file
+rm "$TMP_KUSTOMIZE_OUTPUT"
+
+# Delete and recreate the actual manifests directory
+MANIFEST_DIR="${REPO_ROOT}/openshift/catalogd/manifests"
+rm -rf "${MANIFEST_DIR}"
+mkdir -p "${MANIFEST_DIR}"
+
+# Copy everything we just generated and split into the actual manifests directory
+cp "$TMP_MANIFEST_DIR"/* "$MANIFEST_DIR"/
+
+# Update file names to be in the format nn-$kind-$namespace-$name
+(
+  cd "$MANIFEST_DIR"
+
+  for f in *; do
+    # Get the numeric prefix from the filename
+    index=$(echo "$f" | cut -d '-' -f 1)
+    # Keep track of the full file name without the leading number and dash
+    name_without_index=${f#$index-}
+    # Fix the double dash in cluster-scoped names
+    name_without_index=${name_without_index//--/-}
+    # Reformat the name so the leading number is always padded to 2 digits
+    new_name=$(printf "%02d" "$index")-$name_without_index
+    # Some file names (namely CRDs) don't end in .yml - make them
+    if ! [[ "$new_name" =~ yml$ ]]; then
+      new_name="${new_name}".yml
+    fi
+    if [[ "$f" != "$new_name" ]]; then
+      # Rename
+      mv "$f" "${new_name}"
+    fi
+  done
+)

openshift/catalogd/kustomize/overlays/openshift/catalogs/kustomization.yaml

@@ -0,0 +1,5 @@
+resources:
+  - openshift-certified-operators.yaml
+  - openshift-community-operators.yaml
+  - openshift-redhat-marketplace.yaml
+  - openshift-redhat-operators.yaml

openshift/catalogd/kustomize/overlays/openshift/catalogs/openshift-certified-operators.yaml

@@ -0,0 +1,11 @@
+apiVersion: olm.operatorframework.io/v1
+kind: ClusterCatalog
+metadata:
+  name: openshift-certified-operators
+spec:
+  priority: -200
+  source:
+    type: Image
+    image:
+      pollIntervalMinutes: 10
+      ref: registry.redhat.io/redhat/certified-operator-index:v4.18

openshift/catalogd/kustomize/overlays/openshift/catalogs/openshift-community-operators.yaml

@@ -0,0 +1,11 @@
+apiVersion: olm.operatorframework.io/v1
+kind: ClusterCatalog
+metadata:
+  name: openshift-community-operators
+spec:
+  priority: -400
+  source:
+    type: Image
+    image:
+      pollIntervalMinutes: 10
+      ref: registry.redhat.io/redhat/community-operator-index:v4.18

openshift/catalogd/kustomize/overlays/openshift/catalogs/openshift-redhat-marketplace.yaml

@@ -0,0 +1,11 @@
+apiVersion: olm.operatorframework.io/v1
+kind: ClusterCatalog
+metadata:
+  name: openshift-redhat-marketplace
+spec:
+  priority: -300
+  source:
+    type: Image
+    image:
+      pollIntervalMinutes: 10
+      ref: registry.redhat.io/redhat/redhat-marketplace-index:v4.18

openshift/catalogd/kustomize/overlays/openshift/catalogs/openshift-redhat-operators.yaml

@@ -0,0 +1,11 @@
+apiVersion: olm.operatorframework.io/v1
+kind: ClusterCatalog
+metadata:
+  name: openshift-redhat-operators
+spec:
+  priority: -100
+  source:
+    type: Image
+    image:
+      pollIntervalMinutes: 10
+      ref: registry.redhat.io/redhat/redhat-operator-index:v4.18

openshift/catalogd/kustomize/overlays/openshift/kustomization.yaml

@@ -0,0 +1,4 @@
+resources:
+- olmv1-ns
+- openshift-config
+- catalogs