Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include CSV annotations to pass Preflight's RequiredAnnotations test #6790

Open
ramperher opened this issue Jul 26, 2024 · 4 comments
Open

Include CSV annotations to pass Preflight's RequiredAnnotations test #6790

ramperher opened this issue Jul 26, 2024 · 4 comments
Milestone
Backlog

Comments

@ramperher
Copy link

Feature Request

Describe the problem you need a feature to resolve.

Latest versions of openshift-preflight includes a new test, called RequiredAnnotations, where preflight checks if operator's CSV includes the following infrastructure features annotations:

# Example CSV with infrastructure feature annotations
apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
  annotations:
    features.operators.openshift.io/disconnected: "true"
    features.operators.openshift.io/fips-compliant: "false"
    features.operators.openshift.io/proxy-aware: "false"
    features.operators.openshift.io/tls-profiles: "false"
    features.operators.openshift.io/token-auth-aws: "false"
    features.operators.openshift.io/token-auth-azure: "false"
    features.operators.openshift.io/token-auth-gcp: "false"

If any of these annotations is not present, this preflight test fails, impacting in Red Hat's operator certification.

The problem is, operators built with operator-sdk doesn't include these annotations by default, so they must be added manually.

Describe the solution you'd like.

Include these 7 annotations in the CSV, at least with a default value (false), so that users can modify them if required. In this way, preflight's RequiredAnnotations test would successfully pass.
@ramperher
Copy link
Author

CC @tkrishtop

@acornett21
Copy link
Contributor

Since this is a downstream specific requirement, I don't think it makes sense to add into this upstream project. The intent is for operator authors to be mindful of these annotations, if they were included in scaffolding, no one would ever change them.

@acornett21 acornett21 added this to the Backlog milestone Jul 26, 2024
@tkrishtop
Copy link
Contributor

hi @acornett21 I believe setting default labels could be beneficial. The idea is to allow partners to easily modify the default values if needed, rather than having to search everywhere for the labels they should add.

@acornett21
Copy link
Contributor

hey @tkrishtop the issue is that this is an upstream project, it's not specific to OpenShift, or certification centric in any way. This project isn't opinionated for specific/different downstream implementations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
3 participants
@ramperher @tkrishtop @acornett21