Bug 1827050: Update to use revised ApplyDeployment

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/openshift/api v0.0.0-20200326160804-ecb9283fe820
 	github.com/openshift/build-machinery-go v0.0.0-20200211121458-5e3d6e570160
 	github.com/openshift/client-go v0.0.0-20200326155132-2a6cd50aedd0
-	github.com/openshift/library-go v0.0.0-20200331191807-3eb0070c91ed
+	github.com/openshift/library-go v0.0.0-20200422120251-a5cb46356745
 	github.com/spf13/cobra v0.0.5
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.4.0

go.sum

@@ -287,8 +287,8 @@ github.com/openshift/build-machinery-go v0.0.0-20200211121458-5e3d6e570160 h1:V4
 github.com/openshift/build-machinery-go v0.0.0-20200211121458-5e3d6e570160/go.mod h1:1CkcsT3aVebzRBzVTSbiKSkJMsC/CASqxesfqEMfJEc=
 github.com/openshift/client-go v0.0.0-20200326155132-2a6cd50aedd0 h1:kMiuiZXH1GdfbiMwsuAQOqGaMxlo9NCUk0wT4XAdfNM=
 github.com/openshift/client-go v0.0.0-20200326155132-2a6cd50aedd0/go.mod h1:uUQ4LClRO+fg5MF/P6QxjMCb1C9f7Oh4RKepftDnEJE=
-github.com/openshift/library-go v0.0.0-20200331191807-3eb0070c91ed h1:7dAzYWRjXQDPVBtkoaLLLeYXE/sRv0fXnACxDxGBX/E=
-github.com/openshift/library-go v0.0.0-20200331191807-3eb0070c91ed/go.mod h1:CfydoH0B+RYs22uQZQ36A1mz5m5zhucpMGh8t5s71v4=
+github.com/openshift/library-go v0.0.0-20200422120251-a5cb46356745 h1:/AnLD1CD5zkXTcacqh9FFUMO0rK0S86vVX6b1JyLHGg=
+github.com/openshift/library-go v0.0.0-20200422120251-a5cb46356745/go.mod h1:CfydoH0B+RYs22uQZQ36A1mz5m5zhucpMGh8t5s71v4=
 github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=

pkg/operator2/deployment.go

@@ -23,6 +23,7 @@ func defaultDeployment(
 	operatorConfig *operatorv1.Authentication,
 	syncData *configSyncData,
 	proxyConfig *configv1.Proxy,
+	bootstrapUserExists bool,
 	resourceVersions ...string,
 ) *appsv1.Deployment {
 
@@ -47,6 +48,11 @@ func defaultDeployment(
 	}
 	deployment.Spec.Template.Annotations[deploymentVersionHashKey] = rvsHashStr
 
+	// Ensure a rollout when the bootstrap user goes away
+	if bootstrapUserExists {
+		deployment.Spec.Template.Annotations["operator.openshift.io/bootstrap-user-exists"] = "true"
+	}
+
 	templateSpec := &deployment.Spec.Template.Spec
 	container := &templateSpec.Containers[0]
 

pkg/operator2/operator.go

@@ -321,43 +321,36 @@ func (c *authOperator) handleSync(ctx context.Context, operatorConfig *operatorv
 	proxyConfig := c.handleProxyConfig(ctx)
 	resourceVersions = append(resourceVersions, "proxy:"+proxyConfig.Name+":"+proxyConfig.ResourceVersion)
 
-	operatorDeployment, err := c.deployments.Deployments("openshift-authentication-operator").Get(ctx, "authentication-operator", metav1.GetOptions{})
-	if err != nil {
-		return err
-	}
-	// prefix the RV to make it clear where it came from since each resource can be from different etcd
-	resourceVersions = append(resourceVersions, "deployments:"+operatorDeployment.Name+":"+operatorDeployment.ResourceVersion)
-
 	configResourceVersions, err := c.handleConfigResourceVersions(ctx)
 	if err != nil {
 		return err
 	}
 	resourceVersions = append(resourceVersions, configResourceVersions...)
 
+	// Determine whether the bootstrap user has been deleted so that
+	// detail can be used in computing the deployment.
+	if c.bootstrapUserChangeRollOut {
+		if userExists, err := c.bootstrapUserDataGetter.IsEnabled(); err != nil {
+			klog.Warningf("Unable to determine the state of bootstrap user: %v", err)
+		} else {
+			c.bootstrapUserChangeRollOut = userExists
+		}
+	}
+
 	// deployment, have RV of all resources
 	expectedDeployment := defaultDeployment(
 		operatorConfig,
 		syncData,
 		proxyConfig,
+		c.bootstrapUserChangeRollOut,
 		resourceVersions...,
 	)
 
-	// redeploy on operatorConfig.spec changes or when bootstrap user is deleted
-	forceRollOut := operatorConfig.Generation != operatorConfig.Status.ObservedGeneration
-	if c.bootstrapUserChangeRollOut {
-		if userExists, err := c.bootstrapUserDataGetter.IsEnabled(); err != nil {
-			klog.Warningf("Unable to determine the state of bootstrap user: %v", err)
-		} else if !userExists {
-			forceRollOut = true
-			c.bootstrapUserChangeRollOut = false
-		}
-	}
 	deployment, _, err := resourceapply.ApplyDeployment(
 		c.deployments,
 		c.recorder,
 		expectedDeployment,
 		resourcemerge.ExpectedDeploymentGeneration(expectedDeployment, operatorConfig.Status.Generations),
-		forceRollOut,
 	)
 	if err != nil {
 		return fmt.Errorf("failed applying deployment for the integrated OAuth server: %v", err)