Add ClusterVersionOperator to render operators at install.

pkg/asset/ignition/bootstrap/bootstrap.go

@@ -4,11 +4,13 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"os"
 	"strings"
 	"text/template"
 
 	"github.com/coreos/ignition/config/util"
 	igntypes "github.com/coreos/ignition/config/v2_2/types"
+	log "github.com/sirupsen/logrus"
 
 	"github.com/openshift/installer/pkg/asset"
 	"github.com/openshift/installer/pkg/asset/ignition"
@@ -21,23 +23,24 @@ import (
 )
 
 const (
-	rootDir = "/opt/tectonic"
+	rootDir             = "/opt/tectonic"
+	defaultReleaseImage = "registry.svc.ci.openshift.org/openshift/origin-release:v4.0"
 )
 
 // bootstrapTemplateData is the data to use to replace values in bootstrap
 // template files.
 type bootstrapTemplateData struct {
-	ClusterDNSIP               string
-	CloudProvider              string
-	CloudProviderConfig        string
-	DebugConfig                string
-	KubeCoreRenderImage        string
-	MachineConfigOperatorImage string
-	EtcdCertSignerImage        string
-	EtcdctlImage               string
-	BootkubeImage              string
-	HyperkubeImage             string
-	EtcdCluster                string
+	BootkubeImage       string
+	CloudProvider       string
+	CloudProviderConfig string
+	ClusterDNSIP        string
+	DebugConfig         string
+	EtcdCertSignerImage string
+	EtcdCluster         string
+	EtcdctlImage        string
+	HyperkubeImage      string
+	KubeCoreRenderImage string
+	ReleaseImage        string
 }
 
 // bootstrap is an asset that generates the ignition config for bootstrap nodes.
@@ -189,18 +192,25 @@ func (a *bootstrap) getTemplateData(installConfig *types.InstallConfig) (*bootst
 	for i := range etcdEndpoints {
 		etcdEndpoints[i] = fmt.Sprintf("https://%s-etcd-%d.%s:2379", installConfig.Name, i, installConfig.BaseDomain)
 	}
+
+	releaseImage := defaultReleaseImage
+	if ri, ok := os.LookupEnv("OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE"); ok && ri != "" {
+		log.Warn("Found override for ReleaseImage. Please be warned, this is not advised")
+		releaseImage = ri
+	}
+
 	return &bootstrapTemplateData{
-		ClusterDNSIP:               clusterDNSIP,
-		CloudProvider:              getCloudProvider(installConfig),
-		CloudProviderConfig:        getCloudProviderConfig(installConfig),
-		DebugConfig:                "",
-		KubeCoreRenderImage:        "quay.io/coreos/kube-core-renderer-dev:3b6952f5a1ba89bb32dd0630faddeaf2779c9a85",
-		MachineConfigOperatorImage: "docker.io/openshift/origin-machine-config-operator:v4.0.0",
-		EtcdCertSignerImage:        "quay.io/coreos/kube-etcd-signer-server:678cc8e6841e2121ebfdb6e2db568fce290b67d6",
-		EtcdctlImage:               "quay.io/coreos/etcd:v3.2.14",
-		BootkubeImage:              "quay.io/coreos/bootkube:v0.10.0",
-		HyperkubeImage:             "openshift/origin-node:latest",
-		EtcdCluster:                strings.Join(etcdEndpoints, ","),
+		ClusterDNSIP:        clusterDNSIP,
+		CloudProvider:       getCloudProvider(installConfig),
+		CloudProviderConfig: getCloudProviderConfig(installConfig),
+		DebugConfig:         "",
+		KubeCoreRenderImage: "quay.io/coreos/kube-core-renderer-dev:3b6952f5a1ba89bb32dd0630faddeaf2779c9a85",
+		EtcdCertSignerImage: "quay.io/coreos/kube-etcd-signer-server:678cc8e6841e2121ebfdb6e2db568fce290b67d6",
+		EtcdctlImage:        "quay.io/coreos/etcd:v3.2.14",
+		BootkubeImage:       "quay.io/coreos/bootkube:v0.10.0",
+		ReleaseImage:        releaseImage,
+		HyperkubeImage:      "openshift/origin-node:latest",
+		EtcdCluster:         strings.Join(etcdEndpoints, ","),
 	}, nil
 }
 

pkg/asset/ignition/content/bootkube.go

@@ -29,6 +29,25 @@ set -e
 
 mkdir --parents /etc/kubernetes/manifests/
 
+MACHINE_CONFIG_OPERATOR_IMAGE=$(podman run --rm {{.ReleaseImage}} image machine-config-operator)
+echo "Found Machine Config Operator's image: $MACHINE_CONFIG_OPERATOR_IMAGE"
+
+if [ ! -d cvo-bootstrap ]
+then
+	echo "Rendering Cluster Version Operator Manifests..."
+
+	# shellcheck disable=SC2154
+	podman run \
+		--volume "$PWD:/assets:z" \
+		"{{.ReleaseImage}}" \
+		render \
+			--output-dir=/assets/cvo-bootstrap \
+			--release-image="{{.ReleaseImage}}"
+
+	cp --recursive cvo-bootstrap/manifests .
+	cp --recursive cvo-bootstrap/bootstrap/bootstrap-pod.yaml /etc/kubernetes/manifests/
+fi
+
 if [ ! -d kco-bootstrap ]
 then
 	echo "Rendering Kubernetes core manifests..."
@@ -54,7 +73,7 @@ then
 	podman run \
 		--user 0 \
 		--volume "$PWD:/assets:z" \
-		"{{.MachineConfigOperatorImage}}" \
+		"${MACHINE_CONFIG_OPERATOR_IMAGE}" \
 		bootstrap \
 			--etcd-ca=/assets/tls/etcd-client-ca.crt \
 			--root-ca=/assets/tls/root-ca.crt \

pkg/asset/ignition/content/tectonic.go

@@ -80,39 +80,12 @@ wait_for_pods() {
 # Wait for Kubernetes pods
 wait_for_pods kube-system
 
-echo "Creating initial roles..."
-kubectl delete --filename rbac/role-admin.yaml
-
-kubectl create --filename ingress/svc-account.yaml
-kubectl create --filename rbac/role-admin.yaml
-kubectl create --filename rbac/role-user.yaml
-kubectl create --filename rbac/binding-admin.yaml
-kubectl create --filename rbac/binding-discovery.yaml
-
-echo "Creating cluster config for Tectonic..."
-kubectl create --filename cluster-config.yaml
-kubectl create --filename ingress/cluster-config.yaml
-
-echo "Creating Tectonic secrets..."
-kubectl create --filename secrets/pull.json
-kubectl create --filename secrets/ingress-tls.yaml
-kubectl create --filename secrets/ca-cert.yaml
-kubectl create --filename ingress/pull.json
-
-echo "Creating operators..."
-kubectl create --filename security/priviledged-scc-tectonic.yaml
-kubectl create --filename updater/app-version-kind.yaml
-kubectl create --filename updater/migration-status-kind.yaml
-
-kubectl create --filename updater/operators/kube-core-operator.yaml
-kubectl create --filename updater/operators/kube-addon-operator.yaml
-kubectl create --filename updater/operators/tectonic-ingress-controller-operator.yaml
-
-kubectl --namespace=tectonic-system get customresourcedefinition appversions.tco.coreos.com
-kubectl create --filename updater/app_versions/app-version-tectonic-cluster.yaml
-kubectl create --filename updater/app_versions/app-version-kube-core.yaml
-kubectl create --filename updater/app_versions/app-version-kube-addon.yaml
-kubectl create --filename updater/app_versions/app-version-tectonic-ingress.yaml
+for file in $(find . -type f -maxdepth 1)
+do
+	echo "Creating object from file: $file ..."
+	kubectl create --filename "$file"
+	echo "Done creating object from file: $file ..."
+done
 
 # Wait for Tectonic pods
 wait_for_pods tectonic-system

pkg/asset/manifests/content/tectonic/BUILD.bazel

@@ -0,0 +1,26 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "binding-discovery.go",
+        "kube-addon-00-appversion.go",
+        "kube-addon-01-operator.go",
+        "kube-core-00-appversion.go",
+        "kube-core-00-operator.go",
+        "role-admin.go",
+        "role-user.go",
+        "tectonic-ingress-00-appversion.go",
+        "tectonic-ingress-01-cluster-config.go",
+        "tectonic-ingress-02-tls.go",
+        "tectonic-ingress-03-pull.go",
+        "tectonic-ingress-04-svc-account.go",
+        "tectonic-ingress-05-operator.go",
+        "tectonic-system-00-binding-admin.go",
+        "tectonic-system-01-ca-cert.go",
+        "tectonic-system-02-privileged-scc.go",
+        "tectonic-system-03-pull.go",
+    ],
+    importpath = "github.com/openshift/installer/pkg/asset/manifests/content/tectonic",
+    visibility = ["//visibility:public"],
+)

pkg/asset/manifests/content/tectonic/rbac/binding-discovery.go → pkg/asset/manifests/content/tectonic/binding-discovery.go

@@ -1,4 +1,4 @@
-package rbac
+package tectonic
 
 const (
 	// BindingDiscovery  is the variable/constant representing the contents of the respective file