Skip to content

Commit 76936be

Browse files
sbernauerTechassi
sbernauer
and
Techassi
authored
feat: Add v1alpha2 for SecretClass, rename experimentalGenerateSamAccountName (#634)
* chore(tilt): Remove CRD handling * fix(tilt): Trigger rebuild and set built image * feat(tilt): Support setting a custom Helm values file * chore: Remove CRD deployment by Helm All CRDs are now maintained (created and patched) by the operator. They are no longer deplyoed by Helm and as such are removed from the Helm Chart templates. A YAML file is still checked in (extra/crds.yaml) to ensure diffs are visible and tracked by Git. Co-authored-by: Sebastian Bernauer <sebastian.bernauer@stackable.tech> * refactor: Separate CRDs, add SecretClass change Co-authored-by: Sebastian Bernauer <sebastian.bernauer@stackable.tech * feat: Add conversion webhook and CRD maintainer The operator can now handle CRD conversions via a webhook and maintains it's own CRDs via the CRD maintainer. As such, it needs permissions to create and patch CRDs. Co-authored-by: Sebastian Bernauer <sebastian.bernauer@stackable.tech> * chore: Update dependencies * chore: Mark extra/crds.yaml as generated * chore: Revert accidental reformat of Cargo.toml * chore: Update Cargo.nix * chore: Remove superfluous file * refactor: Move webhook and CRD maintainer creation into function * fix: Correctly set Secret namespace for 'tls' SecretClass * fix: Re-enable custom ca.secret.namespace for 'tls' SecretClass * test: Fix CRD conversion failures The current testing script immediately continues to run tests after all required operators are installed. This can lead to CRD conversion failures because all resources (this includes custom ones) are applied by kuttl immediately after. All custom resources (SecretClasses in this case) use v1alpha1 (to additionally test the conversion) and as such cannot be converted to the stored v1alpha2 version when the conversion webhook is not running yet. To remedy this, a 10 second wait is introduced after the operator installation. A far better solution is to wait for a Kubernetes status condition, but that is more involved. I would like to stop bolting on functionality to the test script and instead move these features into our new (hopefully coming soon) tooling. * chore: Bump stackable-operator to 0.100.0 * chore: Apply suggestions Co-authored-by: Sebastian Bernauer <sebastian.bernauer@stackable.tech> * refactor: Move create_webhook_and_maintainer function * chore: Remove version and instance label from 'tls' SecretClass * docs: Mark generateSamAccountName as non-experimantal * fix: Only select Deployment in Service Co-authored-by: Sebastian Bernauer <sebastian.bernauer@stackable.tech> * feat(helm): Use new values in templates * feat(helm): Gate create, patch permissions for CRDs --------- Co-authored-by: Techassi <git@techassi.dev>
1 parent 0d8cd90 commit 76936be

35 files changed

+5342
-2403
lines changed

.gitattributes

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
nix/** linguist-generated
22
Cargo.nix linguist-generated
33
crate-hashes.json linguist-generated
4+
extra/crds.yaml linguist-generated

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ result
1313
image.tar
1414

1515
tilt_options.json
16+
local_values.yaml
1617

1718
.direnv/
1819
.direnvrc

0 commit comments

Comments
 (0)