Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow pinning for quay.io/operatorhubio/catalog #2534

Open
sharifelgamal opened this issue Dec 21, 2021 · 0 comments
Open

Allow pinning for quay.io/operatorhubio/catalog #2534

sharifelgamal opened this issue Dec 21, 2021 · 0 comments
Assignees
@awgreene
Labels
kind/feature Categorizes issue or PR as related to a new feature. triaged Issue has been considered by a member of the OLM community

Comments

@sharifelgamal
Copy link

sharifelgamal commented Dec 21, 2021
edited
Loading

Feature Request

Is your feature request related to a problem? Please describe.
I'm a maintainer of minikube, which currently has an OLM addon that leverages the yaml files in the deploy directory. Currently one of the images in olm.yaml is unpinned, just being referred to as quay.io/operatorhubio/catalog:latest. We've attempted to pin to specific versions (see https://github.com/kubernetes/minikube/blob/master/deploy/addons/olm/olm.yaml.tmpl#L357 and https://github.com/kubernetes/minikube/blob/master/pkg/minikube/assets/addons.go#L315), but have had hashes pulled out from underneath us a couple of times now.

We can't continue to use latest as a tag as that poses a security risk, but can't trust that specific images will continue to exist long term as well. Currently, our only option will be to disable or deprecate the OLM addon in the next minikube version.

Describe the solution you'd like
A way to safely pin to a version of the quay.io/operatorhubio/catalog image.

Additionally, if anyone on OLM's side wants to take ownership of the addon, we can attribute ownership properly in minikube addons list, otherwise it'll be listed as a generic third party addon.
@sharifelgamal sharifelgamal added the kind/feature Categorizes issue or PR as related to a new feature. label Dec 21, 2021
@medyagh medyagh mentioned this issue Dec 23, 2021
Merged
@dinhxuanvu dinhxuanvu added the triaged Issue has been considered by a member of the OLM community label Jan 6, 2022
@spowelljr spowelljr mentioned this issue Mar 30, 2022
Merged
kfrankli added a commit to kfrankli/konveyor.github.io that referenced this issue Aug 18, 2022
@kfrankli
Update Tackle2 Install Steps
522696d 
Resolved issues in tackle 2 install docs:
* Switch from Minikube to minikube
* Switched to installation of OLM operator as the OLD addon is broken: operator-framework/operator-lifecycle-manager#2534
* inconsistencies in command line callouts
* Clearly spell out how to get to minikube dashboard
* Removed unnecessary param for minikube kvm3 driver
* tackle-operator install subsection with regards to `cat` command
* Correct the minikube `-p` param to be consistent and make clear it is the minikube profile name, which != k8s namespace/project
@kfrankli kfrankli mentioned this issue Aug 18, 2022
Merged
@eslutsky eslutsky mentioned this issue Jan 8, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@awgreene awgreene

Labels
kind/feature Categorizes issue or PR as related to a new feature. triaged Issue has been considered by a member of the OLM community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@awgreene @dinhxuanvu @sharifelgamal