openshift · enj · Feb 28, 2019 · Feb 28, 2019 · Mar 1, 2019
diff --git a/manifests/0000_09_cluster-authentication-operator_05_deploy.yaml b/manifests/0000_09_cluster-authentication-operator_05_deploy.yaml
@@ -24,7 +24,7 @@ spec:
         command: ["authentication-operator", "operator"]
         args:
         - "--config=/var/run/configmaps/config/operator-config.yaml"
-        - "-v=2"
+        - "-v=100"
         resources:
           requests:
             memory: 50Mi

diff --git a/pkg/boilerplate/controller/informer.go b/pkg/boilerplate/controller/informer.go
@@ -28,12 +28,12 @@ func withSync() InformerOption {
 }
 
 func informerOptionToOption(opt InformerOption, getter InformerGetter) Option {
-	switch opt() {
+	switch o := opt(); o {
 	case syncDefault:
 		return WithInformerSynced(getter) // safe default
 	case noSync:
 		return func(*controller) {} // do nothing
 	default:
-		panic(opt)
+		panic(int(o))
 	}
 }
diff --git a/pkg/boilerplate/operator/operator.go b/pkg/boilerplate/operator/operator.go
@@ -21,7 +21,7 @@ func New(name string, sync KeySyncer, opts ...Option) Runner {
 
 type operator struct {
 	name string
-	sync controller.KeySyncer
+	sync *wrapper
 
 	opts []controller.Option
 }

diff --git a/pkg/boilerplate/operator/option.go b/pkg/boilerplate/operator/option.go
@@ -1,6 +1,8 @@
 package operator
 
 import (
+	"reflect"
+
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"github.com/openshift/cluster-authentication-operator/pkg/boilerplate/controller"
@@ -25,6 +27,21 @@ func WithInformer(getter controller.InformerGetter, filter controller.Filter, op
 	)
 }
 
+func WithInitialEvent() Option {
+	return toAppendOpt(
+		controller.WithInitialEvent(key, key), // use singleton key for initial event
+	)
+}
+
+type DefaultCopyFunc func(v1.Object) v1.Object
+
+func WithDefaulting(key v1.Object, defaultCopyFunc DefaultCopyFunc) Option {
+	return func(o *operator) {
+		o.sync.key = reflect.ValueOf(key).Elem()
+		o.sync.defaultCopyFunc = defaultCopyFunc
+	}
+}
+
 func toAppendOpt(opt controller.Option) Option {
 	return func(o *operator) {
 		o.opts = append(o.opts, opt)

diff --git a/pkg/boilerplate/operator/sync.go b/pkg/boilerplate/operator/sync.go
@@ -1,6 +1,9 @@
 package operator
 
 import (
+	"reflect"
+
+	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"github.com/openshift/cluster-authentication-operator/pkg/boilerplate/controller"
@@ -15,8 +18,19 @@ var _ controller.KeySyncer = &wrapper{}
 
 type wrapper struct {
 	KeySyncer
+
+	key             reflect.Value
+	defaultCopyFunc DefaultCopyFunc
 }
 
-func (s *wrapper) Key(namespace, name string) (v1.Object, error) {
-	return s.KeySyncer.Key()
+func (s *wrapper) Key(_, _ string) (v1.Object, error) {
+	obj, err := s.KeySyncer.Key()
+	if errors.IsNotFound(err) && s.key.IsValid() {
+		obj = reflect.New(s.key.Type()).Interface().(v1.Object)
+		err = nil
+	}
+	if err == nil && s.defaultCopyFunc != nil {
+		obj = s.defaultCopyFunc(obj)
+	}
+	return obj, err
 }
diff --git a/pkg/operator2/deployment.go b/pkg/operator2/deployment.go
@@ -107,7 +107,7 @@ func defaultDeployment(
 								"hypershift",
 								"openshift-osinserver",
 								fmt.Sprintf("--config=%s", cliConfigPath),
-								fmt.Sprintf("--v=%d", getLogLevel(operatorConfig.Spec.LogLevel)),
+								fmt.Sprintf("--v=%d", getLogLevel(operatorConfig.Spec.LogLevel)+100),
 							},
 							Ports: []corev1.ContainerPort{
 								{

diff --git a/pkg/operator2/operator.go b/pkg/operator2/operator.go
@@ -134,6 +134,9 @@ func NewAuthenticationOperator(
 	prefixFilter := getPrefixFilter()
 
 	return operator.New("AuthenticationOperator2", c,
+		operator.WithInitialEvent(),
+		operator.WithDefaulting(&operatorv1.Authentication{}, defaultCopyAuthenticationFunc),
+
 		operator.WithInformer(routeInformer, targetNameFilter),
 		operator.WithInformer(coreInformers.Services(), targetNameFilter),
 		operator.WithInformer(kubeInformersNamespaced.Apps().V1().Deployments(), targetNameFilter),
@@ -288,6 +291,14 @@ func (c *authOperator) handleSync(operatorConfig *operatorv1.Authentication) err
 	return nil
 }
 
+func defaultCopyAuthenticationFunc(in metav1.Object) metav1.Object {
+	out := in.(*operatorv1.Authentication).DeepCopy()
+	if len(out.Spec.ManagementState) == 0 {
+		out.Spec.ManagementState = operatorv1.Managed
+	}
+	return out
+}
+
 func defaultLabels() map[string]string {
 	return map[string]string{
 		"app": targetName,

diff --git a/pkg/operator2/starter.go b/pkg/operator2/starter.go
@@ -32,12 +32,10 @@ const (
 apiVersion: operator.openshift.io/v1
 kind: Authentication
 metadata:
-  name: ` + globalConfigName + `
-spec:
-  managementState: Managed
-`
+  name: ` + globalConfigName
 
-	// TODO figure out the permanent home for top level CRDs and default CRs
+	// TODO these should all be rendered empty and defaulted via code
+	// TODO if we rendered these in the installer it would allow auth overrides before cluster start
 	defaultAuthentication = `
 apiVersion: config.openshift.io/v1
 kind: Authentication