feat: Add v1alpha2 for SecretClass, rename experimentalGenerateSamAccountName #634
Conversation
| mkdir -p extra | ||
| cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml |
There was a problem hiding this comment.
This eventually needs to be upstreamed into operator-templating.
There was a problem hiding this comment.
Added a comment in the PR description about this
| k8s_yaml(helm( | ||
| 'deploy/helm/' + operator_name, | ||
| name=operator_name, | ||
| namespace="stackable-operators", | ||
| set=[ | ||
| 'image.repository=' + registry + '/' + operator_name, | ||
| 'telemetry.consoleLog.level=trace,h2=off', | ||
| ], | ||
| )) |
There was a problem hiding this comment.
Also needs to be upstreamed into operator-templating.
There was a problem hiding this comment.
Added a comment in the PR description about this
Techassi
moved this from Development: In Progress
to Development: Waiting for Review
in Stackable Engineering
Techassi
changed the title
sbernauer
force-pushed
the
feat/crd-versioning
branch
from
761a56c to
29ccbdf
Compare
|
I can not approve my own PR but LGTM |
sbernauer
moved this from Development: Waiting for Review
to Development: In Review
in Stackable Engineering
There was a problem hiding this comment.
@razvan reported
❯ helm upgrade --install --namespace stackable-operators secret-operator deploy/helm/secret-operator/
Error: unable to build kubernetes objects from release manifest: resource mapping not found for name: "tls" namespace: "" from "": no matches for kind "SecretClass" in version "secrets.stackable.tech/v1alpha1"
ensure CRDs are installed firstI guess the easiest solution is to move the SecretClass creation into a Job, WDYT?
There was a problem hiding this comment.
can we have an initial crd deployment done by Helm/OLM as before?
There was a problem hiding this comment.
I would vote "no". There should be no need for it, as the operator immediately deploys it when starting up for the first time.
There was a problem hiding this comment.
This moved into a decision: https://github.com/stackabletech/decisions/issues/62.
There was a problem hiding this comment.
This (and the connected decision) was discussed amongst @sbernauer, @NickLarsenNZ, and @razvan and we agreed this is the best way forward.
@razvan confirmed in #634 (comment) that the approach works, by manually creating the default custom resource. In the future, this will be done automatically by the operator.
|
I'll put this here for lack of a better place now. I tried installing this op version with OLM on OpenShift. OLM of course has the same problem as Helm (see comment above). It tries to create a I manually added the exported CRDs to OLM, but then the operator refuses to start with this error: No idea if this is expected or a bug. My 2 cents: I don't know why you decided to take CRD management out of the hands of package managers because I don't remember discussing it and I find no explanation. But I think one implication of this is that we now have to implement Helm ourselves by having to ensure object creation order at least. |
|
Tests on OKD are 🟢 though no test was added or updated for this PR. I removed Then I ran the test suite: |
This implements are very simple CR applier. This commit is a first step towards maintaining CRs in our operator. It is not refined and is missing various features to be usable in the real world.
Part of stackabletech/issues#642
Note
Load-balancing over the secret-op DaemonSet Pods seems to work fine, but we should also test it on a cloud provider with multiple nodes as well.
This PR marks
samAccountNameas non-experimental as per #627. It is the first use of thestackable-versionedmacro as well as the conversion webhook machinery.Note
This PR makes changes to things that are templated by operator-templating! We are aware of this and will have a diff until we roll this out to all operators and update operator-templating. secret-operator is our guinea-pig