Skip to content

Migrate OSUS operator from v0.18.2 to v1.0 #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-robot merged 5 commits into from
Nov 12, 2020
Merged

Migrate OSUS operator from v0.18.2 to v1.0 #65

openshift-merge-robot merged 5 commits into from
Nov 12, 2020

Conversation

@jottofar
Copy link
Contributor

@jottofar jottofar commented Sep 30, 2020

No description provided.

@openshift-ci-robot openshift-ci-robot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 30, 2020
@openshift-ci-robot
Copy link

openshift-ci-robot commented Sep 30, 2020

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jottofar

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 30, 2020
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
wking
wking reviewed Oct 5, 2020
View reviewed changes
This was referenced Oct 5, 2020
Merged
Closed
@jottofar jottofar force-pushed the op-migration branch 3 times, most recently from 1a6281f to 3924ddf Compare October 13, 2020 15:34
@jottofar jottofar mentioned this pull request Oct 13, 2020
Closed
@jottofar jottofar force-pushed the op-migration branch 3 times, most recently from 23a9129 to d297d99 Compare October 14, 2020 00:05
@openshift-ci-robot
Copy link

openshift-ci-robot commented Oct 14, 2020

@jottofar: The following tests failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/cincinnati-operator-e2e-aws d297d99 link /test cincinnati-operator-e2e-aws
ci/prow/images d297d99 link /test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@jottofar jottofar force-pushed the op-migration branch 2 times, most recently from dd3839c to 79df3b3 Compare October 15, 2020 15:38
@jottofar
Migrate operator from v0.18.2 to v0.19.3 - module changes
fa3e8b7 
v0.19.3 is a major change whereby Kubebuilder is integrated with
Operator SDK. Additionally, project scaffolding is completely
changed. The migration guide
(https://v1-0-x.sdk.operatorframework.io/docs/building-operators/golang/project_migration_guide/)
therefore instructs one to start by generating a new project
and copying over existing project files, apply changes, etc. to the
newly created project. Note that the above v1.0 migration guide link
is referenced from the v0.18.2 to v0.19.3 migration doc. This project
started with the generated go.mod and necessary changes were made to
it. Running 'go mod vendor' was not required and therefore the
vendor directory no longer exists.
@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Nov 11, 2020
edited
Loading

@jottofar: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/cincinnati-operator-e2e-aws 8a027ce link /test cincinnati-operator-e2e-aws

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@jottofar jottofar changed the title Migrate OSUS operator from v0.16.0 to v1.0 Migrate OSUS operator from v0.18.2 to v1.0 Nov 11, 2020
@jottofar
Copy link
Contributor Author

jottofar commented Nov 11, 2020

/retest

wking
wking reviewed Nov 12, 2020
View reviewed changes
controllers/updateservice_controller.go
}

/*
func (r *UpdateServiceReconciler) SetupWithManager(mgr ctrl.Manager) error {
Copy link
Member

@wking wking Nov 12, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From the migration docs:

Copy the code under func add(mgr manager.Manager, r reconcile.Reconciler) to func SetupWithManager...

I've done that in three hunks, if you want to pattern match.

Copy link
Contributor Author

@jottofar jottofar Nov 12, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will investigate why I left it and resolve post PR merge.

wking
wking reviewed Nov 12, 2020
View reviewed changes
wking
wking reviewed Nov 12, 2020
View reviewed changes
@wking
Copy link
Member

wking commented Nov 12, 2020
edited
Loading

No bin/ anymore 👍. A few more nits still, but nothing I'm too worried about. I am still not excited about removing vendor/ and then restoring it, dumping all the SDK's Makefile entries, keeping our old olm-catalog stuff, etc. And #76 is finally green, and avoids all of that. But my only remaining concern is that moving towards the SDK's approach in the future will be commits like "remember when we migrated to SDK 0.19? Here's some more scaffolding from that pivot that we didn't pick up at the time", and that's not too much of a concern, so:

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 12, 2020
@LalatenduMohanty
Copy link
Member

LalatenduMohanty commented Nov 12, 2020

looks good to me. @jottofar I am going to approve this after the nit picks are addressed

@jottofar
Migrate operator from v0.18.2 to v0.19.3
d9f361a 
Reference migration guide
(https://v1-0-x.sdk.operatorframework.io/docs/building-operators/golang/project_migration_guide/)
for high-level overview of the steps to perform this migration.

Some specific steps to note:
- copied CRD and CR manifests to appropriate dir's
- deploy/operator.yaml is now in config/manager/manager.yaml
- pkg/apis and pkg/controllers are now in the root directory as api/
and controllers/
- cmd/manager/main.go is now in the root directory
- replaced contents of config/rbac/role_binding.yaml with
deploy/role_binding.yaml
- copied deploy/service_account.yaml to config/rbac
- copied deploy/crds/cincinnati.openshift.io_v1beta1_cincinnati_cr.yaml
to config/samples
- updated controllers/cincinnati_controller.go +kubebuilder entries,
ran 'make manifests' to generate config/rbac/role.yaml to match
deploy/role.yaml
- metrics exported using kustomize
- version package no longer supported so for now Operator SDK
version hard-coded (will change to a generated value in next commit)
@jottofar
Rename operator Update Service and change version to v1
ce9a447 
Rename group from cincinnati to updateservice.operator and version from
v1beta1 to v1. Reference https://issues.redhat.com/browse/OTA-258. In
general the following substitutions were made within files with some
specific tweaking:

- sed -i 's|Cincinnati|UpdateService|g'
- sed -i 's|cincinnatis|updateservices|g'
- sed -i 's|cincinnati\.openshift\.io|updateservice\.operator\.openshift\.io|g'
- sed -i 's|cincinnati|updateservice|g'

Version had to be handled a little more carefully.
Some filenames and directories had to be renamed as well.

The .md doc files were left as is since they will have to be substantially
modified in other ways at a later time.
@jottofar
Created vendor directory
f938f3f 
Ran:

go mod tidy
go mod vendor
@jottofar
Migrate operator from v0.19.3 to v1.0.0, clean up and rework
71d0959 
Reference migration guide
https://master.sdk.operatorframework.io/docs/upgrading-sdk-version/v1.0.0/
for high-level overview of the steps to migrate operator from Operator
SDK v0.19.3 to v1.0.0.

Configured metrics using kustomize-based generation.

Various clean up and rework.

Add build recipe in Makefile (changes from
openshift#33)
@LalatenduMohanty
Copy link
Member

LalatenduMohanty commented Nov 12, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Nov 12, 2020
@openshift-merge-robot openshift-merge-robot merged commit ac46919 into openshift:master Nov 12, 2020
@wking wking mentioned this pull request Nov 12, 2020
Closed
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 13, 2020
@wking
controllers: Consolidate kubebuilder declarations
d5bea93 
Kubebuilder config is from d9f361a (Migrate operator from v0.18.2
to v0.19.3, 2020-09-30, openshift#65) and ce9a447 (Rename operator Update
Service and change version to v1, 2020-10-04, openshift#65):

  $ git blame origin/master controllers/updateservice_controller.go | grep kubebuilder
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 125) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 126) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 127) // +kubebuilder:rbac:groups="monitoring.coreos.com",namespace="updateservice-operator",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 128) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 129) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 130) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=replicasets;deployments,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 131) // +kubebuilder:rbac:groups="policy",namespace="updateservice-operator",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 132) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,namespace="updateservice-operator",resources=*,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 133) // +kubebuilder:rbac:groups=config.openshift.io,resources=images,verbs=get;list;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 134) // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=create;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 135) // +kubebuilder:rbac:groups="",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 136) // +kubebuilder:rbac:groups="apps",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 137) // +kubebuilder:rbac:groups="apps",resources=replicasets;deployments,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 138) // +kubebuilder:rbac:groups="",resources=pods,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 139) // +kubebuilder:rbac:groups="monitoring.coreos.com",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 140) // +kubebuilder:rbac:groups="apps",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 141) // +kubebuilder:rbac:groups="policy",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 142) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=*,verbs=create;delete;get;list;patch;update;watch

But a bare SDK 1.0.1 scaffold contains no namespace properties in
those kubebuilder fields:

  $ operator-sdk-v1.0.1 init --domain openshift.io --repo github.com/openshift/cincinnati-operator
  $ operator-sdk-v1.0.1 create api --group updateservice.operator --version v1 --kind UpdateService --resource --controller
  $ grep -r kubebuilder:rbac controllers
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices,verbs=get;list;watch;create;update;patch;delete
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices/status,verbs=get;update;patch

The SDK scaffolding also tells us how to consume the kubebuilder
declarations:

  $ grep CRD_OPTIONS Makefile
  CRD_OPTIONS ?= "crd:trivialVersions=true"
    $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases

This commit consolidates around that pattern with:

  $ emacs controllers/updateservice_controller.go # kubebuilder:rbac, drop namepace, sort alphabetically, remove duplicate lines
  $ controller-gen crd:trivialVersions=true rbac:roleName=openshift-updateservice webhook paths="./..." output:crd:artifacts:config=config/crd/bases
  $ git rm config/crd/bases/updateservice.operator.openshift.io_updateservices_crd.yaml # remove the old name; I'm not sure how to generate with this name
  $ git add controllers config

using:

  $ controller-gen --version
  Version: v0.3.0
@wking wking mentioned this pull request Nov 13, 2020
Merged
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 13, 2020
@wking
controllers: Consolidate kubebuilder declarations
bb37e24 
Kubebuilder config is from d9f361a (Migrate operator from v0.18.2
to v0.19.3, 2020-09-30, openshift#65) and ce9a447 (Rename operator Update
Service and change version to v1, 2020-10-04, openshift#65):

  $ git blame origin/master controllers/updateservice_controller.go | grep kubebuilder
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 125) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 126) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 127) // +kubebuilder:rbac:groups="monitoring.coreos.com",namespace="updateservice-operator",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 128) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 129) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 130) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=replicasets;deployments,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 131) // +kubebuilder:rbac:groups="policy",namespace="updateservice-operator",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 132) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,namespace="updateservice-operator",resources=*,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 133) // +kubebuilder:rbac:groups=config.openshift.io,resources=images,verbs=get;list;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 134) // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=create;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 135) // +kubebuilder:rbac:groups="",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 136) // +kubebuilder:rbac:groups="apps",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 137) // +kubebuilder:rbac:groups="apps",resources=replicasets;deployments,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 138) // +kubebuilder:rbac:groups="",resources=pods,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 139) // +kubebuilder:rbac:groups="monitoring.coreos.com",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 140) // +kubebuilder:rbac:groups="apps",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 141) // +kubebuilder:rbac:groups="policy",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 142) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=*,verbs=create;delete;get;list;patch;update;watch

But a bare SDK 1.0.1 scaffold contains no namespace properties in
those kubebuilder fields:

  $ operator-sdk-v1.0.1 init --domain openshift.io --repo github.com/openshift/cincinnati-operator
  $ operator-sdk-v1.0.1 create api --group updateservice.operator --version v1 --kind UpdateService --resource --controller
  $ grep -r kubebuilder:rbac controllers
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices,verbs=get;list;watch;create;update;patch;delete
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices/status,verbs=get;update;patch

The SDK scaffolding also tells us how to consume the kubebuilder
declarations:

  $ grep CRD_OPTIONS Makefile
  CRD_OPTIONS ?= "crd:trivialVersions=true"
    $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases

This commit consolidates around that pattern with:

  $ emacs controllers/updateservice_controller.go # kubebuilder:rbac, drop namepace, sort alphabetically, remove duplicate lines
  $ controller-gen crd:trivialVersions=true rbac:roleName=openshift-updateservice webhook paths="./..." output:crd:artifacts:config=config/crd/bases
  $ git rm config/crd/bases/updateservice.operator.openshift.io_updateservices_crd.yaml # remove the old name; I'm not sure how to generate with this name
  $ sed -i 's/updateservice.operator.openshift.io_updateservices_crd.yaml/updateservice.operator.openshift.io_updateservices.yaml/' $(git grep -l updateservice.operator.openshift.io_updateservices_crd.yaml)
  $ git add config controllers hack

using:

  $ controller-gen --version
  Version: v0.3.0
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 13, 2020
@wking
controllers: Consolidate kubebuilder declarations
3990db3 
Kubebuilder config is from d9f361a (Migrate operator from v0.18.2
to v0.19.3, 2020-09-30, openshift#65) and ce9a447 (Rename operator Update
Service and change version to v1, 2020-10-04, openshift#65):

  $ git blame origin/master controllers/updateservice_controller.go | grep kubebuilder
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 125) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 126) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 127) // +kubebuilder:rbac:groups="monitoring.coreos.com",namespace="updateservice-operator",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 128) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 129) // +kubebuilder:rbac:groups="",namespace="updateservice-operator",resources=pods,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 130) // +kubebuilder:rbac:groups="apps",namespace="updateservice-operator",resources=replicasets;deployments,verbs=get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 131) // +kubebuilder:rbac:groups="policy",namespace="updateservice-operator",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 132) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,namespace="updateservice-operator",resources=*,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 133) // +kubebuilder:rbac:groups=config.openshift.io,resources=images,verbs=get;list;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 134) // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=create;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 135) // +kubebuilder:rbac:groups="",resources=pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 136) // +kubebuilder:rbac:groups="apps",resources=deployments;daemonsets;replicasets;statefulsets,verbs=create;delete;get;list;patch;update;watch
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 137) // +kubebuilder:rbac:groups="apps",resources=replicasets;deployments,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 138) // +kubebuilder:rbac:groups="",resources=pods,verbs=get
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 139) // +kubebuilder:rbac:groups="monitoring.coreos.com",resources=servicemonitors,verbs=create;get
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 140) // +kubebuilder:rbac:groups="apps",resourceNames=updateservice-operator,resources=deployments/finalizers,verbs=update
  d9f361a controllers/cincinnati_controller.go               (Jack Ottofaro     2020-09-30 16:08:24 -0400 141) // +kubebuilder:rbac:groups="policy",resources=poddisruptionbudgets,verbs=create;delete;get;list;patch;update;watch
  ce9a447 controllers/updateservice_controller.go            (Jack Ottofaro     2020-10-04 11:10:37 -0400 142) // +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=*,verbs=create;delete;get;list;patch;update;watch

But a bare SDK 1.0.1 scaffold contains no namespace properties in
those kubebuilder fields:

  $ operator-sdk-v1.0.1 init --domain openshift.io --repo github.com/openshift/cincinnati-operator
  $ operator-sdk-v1.0.1 create api --group updateservice.operator --version v1 --kind UpdateService --resource --controller
  $ grep -r kubebuilder:rbac controllers
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices,verbs=get;list;watch;create;update;patch;delete
  controllers/updateservice_controller.go:// +kubebuilder:rbac:groups=updateservice.operator.openshift.io,resources=updateservices/status,verbs=get;update;patch

The SDK scaffolding also tells us how to consume the kubebuilder
declarations:

  $ grep CRD_OPTIONS Makefile
  CRD_OPTIONS ?= "crd:trivialVersions=true"
    $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases

This commit consolidates around that pattern with:

  $ emacs controllers/updateservice_controller.go # kubebuilder:rbac, drop namepace, sort alphabetically, remove duplicate lines
  $ controller-gen crd:trivialVersions=true rbac:roleName=updateservice-operator webhook paths="./..." output:crd:artifacts:config=config/crd/bases
  $ git rm config/crd/bases/updateservice.operator.openshift.io_updateservices_crd.yaml # remove the old name; I'm not sure how to generate with this name
  $ sed -i 's/updateservice.operator.openshift.io_updateservices_crd.yaml/updateservice.operator.openshift.io_updateservices.yaml/' $(git grep -l updateservice.operator.openshift.io_updateservices_crd.yaml)
  $ git add config controllers hack

using:

  $ controller-gen --version
  Version: v0.3.0

The rbac:roleName=updateservice-operator argument passed to controller-gen needs to match:

  $ git --no-pager blame config/manager/manager.yaml | grep serviceAccountName
  ce9a447 config/manager/manager.yaml (Jack Ottofaro     2020-10-04 11:10:37 -0400 15)       serviceAccountName: updateservice-operator

to avoid:

  Failed to get Pod{...} is forbidden: User "system:serviceaccount:openshift-updateservice:updateservice-operator" cannot get resource "pods" in API group "" in the namespace "openshift-updateservice": RBAC: [clusterrole.rbac.authorization.k8s.io "updateservice-operator" not found, role.rbac.authorization.k8s.io "updateservice-operator" not found
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 13, 2020
@wking
*: Remove executable bit from non-executable files
fcae51f 
Generated with:

  $ find . -name '*.go' -execdir chmod 644 {} \+
  $ find . -name '*.yaml' -execdir chmod 644 {} \+

Tracking one of the files:

  $ git log -p --follow origin/master api/v1/groupversion_info.go | grep '^commit\|new.*mode'
  ...
  commit d9f361a
  new file mode 100755

So that was born executable in d9f361a (Migrate operator from
v0.18.2 to v0.19.3, 2020-09-30, openshift#65).

Three more buggy bits are from that commit:

  $ git show d9f361a | grep -B2 'new mode'
  diff --git a/pkg/apis/cincinnati/v1beta1/cincinnati_types.go b/api/v1beta1/cincinnati_types.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/apis/cincinnati/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/controller/cincinnati/cincinnati_controller.go b/controllers/cincinnati_controller.go
  old mode 100644
  new mode 100755

The last three are from 36a102f (Migrate operator from v0.16.0 to
v0.18.2, 2020-09-17, openshift#67):

  $ git show 36a102f | grep -B2 'new mode'
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml b/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml
  old mode 100644
  new mode 100755
@wking wking mentioned this pull request Nov 13, 2020
Merged
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 13, 2020
@wking
*: Remove executable bit from non-executable files
cbfe4e1 
Generated with:

  $ find . -name '*.go' -execdir chmod 644 {} \+
  $ find . -name '*.yaml' -execdir chmod 644 {} \+

Tracking one of the files:

  $ git log -p --follow origin/master api/v1/groupversion_info.go | grep '^commit\|new.*mode'
  ...
  commit d9f361a
  new file mode 100755

So that was born executable in d9f361a (Migrate operator from
v0.18.2 to v0.19.3, 2020-09-30, openshift#65).

Three more buggy bits are from that commit:

  $ git show d9f361a | grep -B2 'new mode'
  diff --git a/pkg/apis/cincinnati/v1beta1/cincinnati_types.go b/api/v1beta1/cincinnati_types.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/apis/cincinnati/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/controller/cincinnati/cincinnati_controller.go b/controllers/cincinnati_controller.go
  old mode 100644
  new mode 100755

The last three are from 36a102f (Migrate operator from v0.16.0 to
v0.18.2, 2020-09-17, openshift#67):

  $ git show 36a102f | grep -B2 'new mode'
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml b/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml
  old mode 100644
  new mode 100755
wking added a commit to wking/cincinnati-operator that referenced this pull request Nov 16, 2020
@wking
*: Remove executable bit from non-executable files
7d3faea 
Generated with:

  $ find . -name '*.go' -execdir chmod 644 {} \+
  $ find . -name '*.yaml' -execdir chmod 644 {} \+

Tracking one of the files:

  $ git log -p --follow origin/master api/v1/groupversion_info.go | grep '^commit\|new.*mode'
  ...
  commit d9f361a
  new file mode 100755

So that was born executable in d9f361a (Migrate operator from
v0.18.2 to v0.19.3, 2020-09-30, openshift#65).

Three more buggy bits are from that commit:

  $ git show d9f361a | grep -B2 'new mode'
  diff --git a/pkg/apis/cincinnati/v1beta1/cincinnati_types.go b/api/v1beta1/cincinnati_types.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/apis/cincinnati/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
  old mode 100644
  new mode 100755
  --
  diff --git a/pkg/controller/cincinnati/cincinnati_controller.go b/controllers/cincinnati_controller.go
  old mode 100644
  new mode 100755

The last three are from 36a102f (Migrate operator from v0.16.0 to
v0.18.2, 2020-09-17, openshift#67):

  $ git show 36a102f | grep -B2 'new mode'
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati-operator.v0.0.1.clusterserviceversion.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml b/deploy/olm-catalog/cincinnati-operator/0.0.1/cincinnati.openshift.io_cincinnatis_crd.yaml
  old mode 100644
  new mode 100755
  diff --git a/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml b/deploy/olm-catalog/cincinnati-operator/cincinnati-operator.package.yaml
  old mode 100644
  new mode 100755
PratikMahajan pushed a commit to PratikMahajan/cincinnati-operator that referenced this pull request Mar 17, 2021
@openshift-merge-robot
Merge pull request openshift#65 from thiagoalessio/stable-4.2
a3bd9cc 
channels/stable-4.2: 4.2.18 to stable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wking wking wking left review comments

@steveej steveej Awaiting requested review from steveej

Assignees

@LalatenduMohanty LalatenduMohanty

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@jottofar @openshift-ci-robot @LalatenduMohanty @openshift-bot @wking @openshift-merge-robot