add feature demo

Per Goncalves da Silva · Per G. da Silva · commit 24d0e36b325a · 2025-02-12T16:11:49.000+01:00
Signed-off-by: Per Goncalves da Silva &lt;pegoncal@redhat.com&gt;
Signed-off-by: Per G. da Silva &lt;pegoncal@redhat.com&gt;
diff --git a/hack/demo/single-own-namespace-demo.sh b/hack/demo/single-own-namespace-demo.sh
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+#
+# Welcome to the single- own namespace install mode demo
+#
+trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT
+
+# enable 'SingleOwnNamespaceInstallSupport' feature gate
+kubectl patch deployment -n olmv1-system operator-controller-controller-manager --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--feature-gates=SingleOwnNamespaceInstallSupport=true"}]'
+
+# wait for operator-controller to become available
+kubectl rollout status -n olmv1-system deployment/operator-controller-controller-manager
+
+# create install namespace and installer service account
+kubectl create ns argocd-system
+kubectl create serviceaccount -n argocd-system argocd-installer
+
+# give installer service account admin privileges (not for production environments)
+kubectl create clusterrolebinding argocd-installer-crb --clusterrole=cluster-admin --serviceaccount=argocd-system:argocd-installer
+
+# create watch namespace
+kubectl create namespace argocd
+
+# install cluster extension in single namespace install mode
+cat <<EOF | kubectl apply -f -
+apiVersion: olm.operatorframework.io/v1
+kind: ClusterExtension
+metadata:
+  name: argocd-operator
+  annotations:
+    olm.operatorframework.io/watch-namespace: argocd
+spec:
+  namespace: argocd-system
+  serviceAccount:
+    name: argocd-installer
+  source:
+    sourceType: Catalog
+    catalog:
+      packageName: argocd-operator
+      version: 0.6.0
+EOF
+
+# wait for cluster extension installation to succeed
+kubectl wait --for=condition=Installed clusterextension/argocd-operator --timeout="60s"
+
+# check argocd-operator controller deployment pod template olm.targetNamespaces annotation
+kubectl get deployments -n argocd-system argocd-operator-controller-manager -o jsonpath="{.spec.template.metadata.annotations.olm\.targetNamespaces}"
+
+sleep 3
+
+# check for argocd-operator rbac in watch namespace
+kubectl get roles,rolebindings -n argocd -o name
+
+sleep 3
+
+# check service account for role binding
+rolebinding=$(kubectl get rolebindings -n argocd -o name | grep 'argocd-operator' | head -n 1)
+kubectl get -n argocd $rolebinding -o jsonpath='{.subjects}' | jq .[0]
+
+# done in 3...2...1...
+sleep 3
