|
| 1 | +# Hiding Internal or Data-only Objects |
| 2 | + |
| 3 | +Status: Pending |
| 4 | + |
| 5 | +Version: Alpha |
| 6 | + |
| 7 | +Implementation Owner: unassigned |
| 8 | + |
| 9 | +# Motivation |
| 10 | + |
| 11 | +Operators often use CRDs internally. These objects aren't meant for end-users to manipulate and are confusing to end users of the Operator. |
| 12 | + |
| 13 | +## Proposal |
| 14 | + |
| 15 | +Introduce a convention for marking these CRDs as "internal" or "data only", so they can omitted from user interfaces and CLI tools. |
| 16 | + |
| 17 | +A good example of this is the [Apache CouchDB Operator](https://operatorhub.io/operator/couchdb-operator) which has literally marked the CRD name with the "internal" moniker, eg `(Internal) CouchDB Formation`. |
| 18 | + |
| 19 | +### Implementation |
| 20 | + |
| 21 | +#### New CRD annotation |
| 22 | + |
| 23 | +The behavior is straightforward, when a CRD is managed as part of the Operator installation, it can be marked with an annotation which is available for downstream tools to read and hide the CRD where applicable. This should be backwards compatible as a no-op, so it can be considered progressive enhancement. |
| 24 | + |
| 25 | +``` |
| 26 | +kind: CustomResourceDefinition |
| 27 | +apiVersion: apiextensions.k8s.io/v1beta1 |
| 28 | +metadata: |
| 29 | + name: hivetables.metering.openshift.io |
| 30 | + annotations: |
| 31 | + operators.operatorframework.io/internal-object:true |
| 32 | + operators.operatorframework.io/data-object:true |
| 33 | +spec: |
| 34 | + ... |
| 35 | +status |
| 36 | + ... |
| 37 | +``` |
| 38 | + |
| 39 | +#### Implementation Stages |
| 40 | + |
| 41 | +- [ ] Verify annotations are populated down after installation |
| 42 | +- [ ] Document this annotation convention |
| 43 | +- [ ] Verify that any Operator pipelines allow use of the annotations |
| 44 | + |
| 45 | +### User Documentation |
| 46 | + |
| 47 | +#### Hiding Internal Concepts from End-Users |
| 48 | + |
| 49 | +It is a common practice for an Operator to utilize CRDs "under the hood" to internally accomplish a task. For example, a database Operator might have a Replication CRD that is created whenever an end-user creates a Database object with `replication: true`. |
| 50 | + |
| 51 | +If this Replication CRD is not meant for manipulation by end-users, it can be hidden by submitting it's definition with the `operators.operatorframework.io/internal-object` annotation set to true. |
| 52 | + |
| 53 | +If there exists a CRD that is only meant for tracking data, it can also be annotated with `operators.operatorframework.io/data-object` set to true. |
| 54 | + |
| 55 | +Before marking one of your CRDs as internal, make sure that any debugging information or configuration that might be required to manage the application is reflected on the CR's status or spec block. |
0 commit comments