Skip to content

Commit f4362e5

Browse files
thetechnickthetechnick
committed
Connect Boxcutter Applier with ClusterExtension
1 parent 83c34fc commit f4362e5

File tree

5 files changed

+56
-49
lines changed

5 files changed

+56
-49
lines changed

api/v1/clusterextensionrevision_types.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ type ClusterExtensionRevisionSpec struct {
2929
// Specifies the lifecycle state of the ClusterExtensionRevision.
3030
// +kubebuilder:default="Active"
3131
// +kubebuilder:validation:Enum=Active;Paused;Archived
32-
// +kubebuilder:validation:XValidation:rule="oldSelf == "Active" || oldSelf == "Paused" || oldSelf == 'Archived' && oldSelf == self", message="can not un-archive"
32+
// +kubebuilder:validation:XValidation:rule="oldSelf == 'Active' || oldSelf == 'Paused' || oldSelf == 'Archived' && oldSelf == self", message="can not un-archive"
3333
LifecycleState ClusterExtensionRevisionLifecycleState `json:"lifecycleState,omitempty"`
3434
// +kubebuilder:validation:Required
3535
// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="revision is immutable"

cmd/operator-controller/main.go

Lines changed: 37 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,6 @@ import (
3131
"github.com/containers/image/v5/types"
3232
"github.com/spf13/cobra"
3333
rbacv1 "k8s.io/api/rbac/v1"
34-
apiextensionsv1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
3534
"k8s.io/apimachinery/pkg/labels"
3635
k8slabels "k8s.io/apimachinery/pkg/labels"
3736
"k8s.io/apimachinery/pkg/selection"
@@ -60,19 +59,13 @@ import (
6059
"github.com/operator-framework/operator-controller/internal/operator-controller/action"
6160
"github.com/operator-framework/operator-controller/internal/operator-controller/applier"
6261
"github.com/operator-framework/operator-controller/internal/operator-controller/authentication"
63-
"github.com/operator-framework/operator-controller/internal/operator-controller/authorization"
6462
"github.com/operator-framework/operator-controller/internal/operator-controller/catalogmetadata/cache"
6563
catalogclient "github.com/operator-framework/operator-controller/internal/operator-controller/catalogmetadata/client"
6664
"github.com/operator-framework/operator-controller/internal/operator-controller/contentmanager"
6765
"github.com/operator-framework/operator-controller/internal/operator-controller/controllers"
6866
"github.com/operator-framework/operator-controller/internal/operator-controller/features"
6967
"github.com/operator-framework/operator-controller/internal/operator-controller/finalizers"
7068
"github.com/operator-framework/operator-controller/internal/operator-controller/resolve"
71-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/convert"
72-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/preflights/crdupgradesafety"
73-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render"
74-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/certproviders"
75-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/registryv1"
7669
"github.com/operator-framework/operator-controller/internal/operator-controller/scheme"
7770
sharedcontrollers "github.com/operator-framework/operator-controller/internal/shared/controllers"
7871
fsutil "github.com/operator-framework/operator-controller/internal/shared/util/fs"
@@ -417,45 +410,50 @@ func run() error {
417410
},
418411
}
419412

420-
aeClient, err := apiextensionsv1client.NewForConfig(mgr.GetConfig())
421-
if err != nil {
422-
setupLog.Error(err, "unable to create apiextensions client")
423-
return err
424-
}
413+
// aeClient, err := apiextensionsv1client.NewForConfig(mgr.GetConfig())
414+
// if err != nil {
415+
// setupLog.Error(err, "unable to create apiextensions client")
416+
// return err
417+
// }
425418

426-
preflights := []applier.Preflight{
427-
crdupgradesafety.NewPreflight(aeClient.CustomResourceDefinitions()),
428-
}
419+
// preflights := []applier.Preflight{
420+
// crdupgradesafety.NewPreflight(aeClient.CustomResourceDefinitions()),
421+
// }
429422

430-
// determine if PreAuthorizer should be enabled based on feature gate
431-
var preAuth authorization.PreAuthorizer
432-
if features.OperatorControllerFeatureGate.Enabled(features.PreflightPermissions) {
433-
preAuth = authorization.NewRBACPreAuthorizer(mgr.GetClient())
423+
// // determine if PreAuthorizer should be enabled based on feature gate
424+
// var preAuth authorization.PreAuthorizer
425+
// if features.OperatorControllerFeatureGate.Enabled(features.PreflightPermissions) {
426+
// preAuth = authorization.NewRBACPreAuthorizer(mgr.GetClient())
427+
// }
428+
429+
boxcutterApplier := &applier.Boxcutter{
430+
Client: mgr.GetClient(),
431+
Scheme: mgr.GetScheme(),
434432
}
435433

436434
// determine if a certificate provider should be set in the bundle renderer and feature support for the provider
437435
// based on the feature flag
438-
var certProvider render.CertificateProvider
439-
var isWebhookSupportEnabled bool
440-
if features.OperatorControllerFeatureGate.Enabled(features.WebhookProviderCertManager) {
441-
certProvider = certproviders.CertManagerCertificateProvider{}
442-
isWebhookSupportEnabled = true
443-
} else if features.OperatorControllerFeatureGate.Enabled(features.WebhookProviderOpenshiftServiceCA) {
444-
certProvider = certproviders.OpenshiftServiceCaCertificateProvider{}
445-
isWebhookSupportEnabled = true
446-
}
436+
// var certProvider render.CertificateProvider
437+
// var isWebhookSupportEnabled bool
438+
// if features.OperatorControllerFeatureGate.Enabled(features.WebhookProviderCertManager) {
439+
// certProvider = certproviders.CertManagerCertificateProvider{}
440+
// isWebhookSupportEnabled = true
441+
// } else if features.OperatorControllerFeatureGate.Enabled(features.WebhookProviderOpenshiftServiceCA) {
442+
// certProvider = certproviders.OpenshiftServiceCaCertificateProvider{}
443+
// isWebhookSupportEnabled = true
444+
// }
447445

448446
// now initialize the helmApplier, assigning the potentially nil preAuth
449-
helmApplier := &applier.Helm{
450-
ActionClientGetter: acg,
451-
Preflights: preflights,
452-
BundleToHelmChartConverter: &convert.BundleToHelmChartConverter{
453-
BundleRenderer: registryv1.Renderer,
454-
CertificateProvider: certProvider,
455-
IsWebhookSupportEnabled: isWebhookSupportEnabled,
456-
},
457-
PreAuthorizer: preAuth,
458-
}
447+
// helmApplier := &applier.Helm{
448+
// ActionClientGetter: acg,
449+
// Preflights: preflights,
450+
// BundleToHelmChartConverter: &convert.BundleToHelmChartConverter{
451+
// BundleRenderer: registryv1.Renderer,
452+
// CertificateProvider: certProvider,
453+
// IsWebhookSupportEnabled: isWebhookSupportEnabled,
454+
// },
455+
// PreAuthorizer: preAuth,
456+
// }
459457

460458
cm := contentmanager.NewManager(clientRestConfigMapper, mgr.GetConfig(), mgr.GetRESTMapper())
461459
err = clusterExtensionFinalizers.Register(controllers.ClusterExtensionCleanupContentManagerCacheFinalizer, finalizers.FinalizerFunc(func(ctx context.Context, obj client.Object) (crfinalizer.Result, error) {
@@ -498,7 +496,7 @@ func run() error {
498496
Resolver: resolver,
499497
ImageCache: imageCache,
500498
ImagePuller: imagePuller,
501-
Applier: helmApplier,
499+
Applier: boxcutterApplier,
502500
InstalledBundleGetter: &controllers.DefaultInstalledBundleGetter{ActionClientGetter: acg},
503501
Finalizers: clusterExtensionFinalizers,
504502
Manager: cm,

config/base/operator-controller/rbac/role.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ rules:
2727
- apiGroups:
2828
- olm.operatorframework.io
2929
resources:
30+
- clusterextensionrevisions
3031
- clusterextensions
3132
verbs:
3233
- get
@@ -37,12 +38,14 @@ rules:
3738
- apiGroups:
3839
- olm.operatorframework.io
3940
resources:
41+
- clusterextensionrevisions/finalizers
4042
- clusterextensions/finalizers
4143
verbs:
4244
- update
4345
- apiGroups:
4446
- olm.operatorframework.io
4547
resources:
48+
- clusterextensionrevisions/status
4649
- clusterextensions/status
4750
verbs:
4851
- patch

internal/operator-controller/applier/boxcutter.go

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,8 @@ import (
1313
"github.com/davecgh/go-spew/spew"
1414
ocv1 "github.com/operator-framework/operator-controller/api/v1"
1515
"github.com/operator-framework/operator-controller/internal/operator-controller/controllers"
16-
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/convert"
16+
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/bundle/source"
17+
"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render"
1718
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
1819
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
1920
"k8s.io/apimachinery/pkg/runtime"
@@ -28,8 +29,9 @@ const (
2829
)
2930

3031
type Boxcutter struct {
31-
Client client.Client
32-
Scheme *runtime.Scheme
32+
Client client.Client
33+
Scheme *runtime.Scheme
34+
BundleRenderer render.BundleRenderer
3335
}
3436

3537
func (bc *Boxcutter) Apply(
@@ -46,7 +48,7 @@ func (bc *Boxcutter) apply(
4648
ext *ocv1.ClusterExtension,
4749
objectLabels, _ map[string]string,
4850
) ([]client.Object, error) {
49-
reg, err := convert.ParseFS(contentFS)
51+
reg, err := source.FromFS(contentFS).GetBundle()
5052
if err != nil {
5153
return nil, err
5254
}
@@ -56,14 +58,14 @@ func (bc *Boxcutter) apply(
5658
return nil, err
5759
}
5860

59-
plain, err := convert.PlainConverter.Convert(reg, ext.Spec.Namespace, []string{watchNamespace})
61+
plain, err := bc.BundleRenderer.Render(reg, ext.Spec.Namespace, render.WithTargetNamespaces(watchNamespace))
6062
if err != nil {
6163
return nil, err
6264
}
6365

6466
// objectLabels
65-
objs := make([]ocv1.ClusterExtensionRevisionObject, 0, len(plain.Objects))
66-
for _, obj := range plain.Objects {
67+
objs := make([]ocv1.ClusterExtensionRevisionObject, 0, len(plain))
68+
for _, obj := range plain {
6769
labels := obj.GetLabels()
6870
if labels == nil {
6971
labels = map[string]string{}
@@ -178,7 +180,7 @@ func (bc *Boxcutter) apply(
178180

179181
// TODO: Read status from revision.
180182

181-
return plain.Objects, nil
183+
return plain, nil
182184
}
183185

184186
// computeSHA256Hash returns a sha236 hash value calculated from object.

internal/operator-controller/controllers/clusterextensionrevision_controller.go

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,10 @@ type accessManager interface {
5959
Source(handler.EventHandler, ...predicate.Predicate) source.Source
6060
}
6161

62+
//+kubebuilder:rbac:groups=olm.operatorframework.io,resources=clusterextensionrevisions,verbs=get;list;watch;update;patch
63+
//+kubebuilder:rbac:groups=olm.operatorframework.io,resources=clusterextensionrevisions/status,verbs=update;patch
64+
//+kubebuilder:rbac:groups=olm.operatorframework.io,resources=clusterextensionrevisions/finalizers,verbs=update
65+
6266
func (c *ClusterExtensionRevisionReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, err error) {
6367
l := log.FromContext(ctx).WithName("cluster-extension-revision")
6468
ctx = log.IntoContext(ctx, l)
@@ -271,7 +275,7 @@ func (c *ClusterExtensionRevisionReconciler) reconcile(
271275
func (c *ClusterExtensionRevisionReconciler) SetupWithManager(mgr ctrl.Manager) error {
272276
return ctrl.NewControllerManagedBy(mgr).
273277
For(
274-
&corev1.ConfigMap{},
278+
&ocv1.ClusterExtensionRevision{},
275279
builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
276280
).
277281
WatchesRawSource(

0 commit comments

Comments
 (0)