Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: PoC: use the rukpak PoC OCI artifact source #266

Closed
wants to merge 2 commits into from
Closed

WIP: PoC: use the rukpak PoC OCI artifact source #266

wants to merge 2 commits into from

Conversation

joelanford
Copy link
Member

@joelanford joelanford commented Jun 15, 2023
edited
Loading

Setup

  1. Clone the 4 repos and checkout the correct commits:

    mkdir -p demo && pushd demo
gh repo clone joelanford/olm-oci
gh repo clone operator-framework/catalogd -- --branch oci-artifact-source
gh repo clone joelanford/operator-controller -- --branch oci-artifacts
gh repo clone anik120/rukpak -- --branch oci-artifacts-provisioner

  2. Setup binaries and cluster

    export PATH=$(pwd)/olm-oci/bin:$PATH
export KIND_CLUSTER_NAME=demo
kind create cluster --name $KIND_CLUSTER_NAME
(cd olm-oci && make)
(cd operator-controller && make docker-build kind-load deploy)
(cd catalogd && make generate install)
(cd rukpak && make build-container kind-load install)

Demo Script

  1. Example commands + Build and push bundles

    mkdir example-catalog
bundlebuild ./olm-oci/samples/bundles/argo-cd/argo-cd.v2.7.3 example-catalog/argo-cd.v2.7.3.oci.tar
bundlebuild ./olm-oci/samples/bundles/argo-cd/argo-cd.v2.7.4 example-catalog/argo-cd.v2.7.4.oci.tar
bundlebuild ./olm-oci/samples/bundles/prometheus/prometheusoperator.v0.65.1 example-catalog/prometheusoperator.v0.65.1.oci.tar
createcatalog ./example-catalog ./example-catalog.oci.tar
olmoci inspect example-catalog.oci.tar:catalog
rm -r example-catalog ./example-catalog.oci.tar

export CATALOG_REPO=docker.io/joelanford/catalog
./olm-oci/samples/build_push.sh

  2. Create an OCI Artifact-based catalog and examine catalog APIs

    kubectl create -f ./operator-controller/config/samples/catalogd_operatorcatalog.yaml
kubectl get catalog oci-artifacts -o yaml
kubectl get packages
kubectl get package oci-artifacts-prometheus -o yaml
kubectl get bundlemetadata
kubectl get bundlemetadata oci-artifacts-prometheus.v0.65.1-0 -o yaml
kubectl get bundlemetadata oci-artifacts-argo-cd.v2.7.4-0 -o yaml

  3. Create an Operator for prometheus and argo-cd and example operator-controller APIs

    kubectl create -f ./operator-controller/config/samples/operators_v1alpha1_prometheus.yaml
kubectl create -f ./operator-controller/config/samples/operators_v1alpha1_argocd.yaml
kubectl get operator prometheus -o yaml
kubectl get operator argo-cd -o yaml

  4. Example rukpak APIs

    kubectl get bundledeployment prometheus -o yaml
kubectl get bundledeployment argo-cd -o yaml

  5. Check if expected CRDs are installed

    kubectl get crds -l core.rukpak.io/owner-name=prometheus
kubectl get crds -l core.rukpak.io/owner-name=argo-cd

  6. Remove grafana-operator from the catalog, rebuild, and push

    rm olm-oci/samples/catalog/grafana-operator*
./olm-oci/bin/createcatalog ./olm-oci/samples/catalog ./olm-oci/samples/catalog2.oci.tar
(cd ./olm-oci/samples && ../bin/olmoci push archive catalog2.oci.tar:catalog ${CATALOG_REPO}:catalog)

  7. Force another reconcile of the catalog, and verify the digest changed

    kubectl get catalog oci-artifacts -o jsonpath='{.status.resolvedSource.ociArtifact.ref}'
kubectl annotate catalog oci-artifacts updateTime="$(date)"
kubectl get catalog oci-artifacts -o jsonpath='{.status.resolvedSource.ociArtifact.ref}'

  8. Verify that the grafana-operator package and bundlemetadata disappeared

    kubectl get package oci-artifacts-grafana-operator
kubectl get bundlemetadata -o json \
	| jq '[.items[] | select(.spec.package == "grafana-operator") | .metadata.name] | length'

Note 1

The OCI artifact spec is still very much in flux. In fact the "application/vnd.oci.artifact.manifest.v1+json" (which this demo uses) was removed from the spec just recently, and replaced with other modifications to the pre-existing OCI image manifest type.

See opencontainers/image-spec#999 (comment)

Note 2

There is a referrers API as part of the in-progress OCI spec. This enables new objects to refer to existing objects without changing the digest of the existing objects. This is perfect for use cases like deprecation and retroactive assertions. Unfortunately, I can't demo this because docker hub doesn't support the referrers API (yet?)

Reviewer Checklist

  • API Go Documentation
  • Tests: Unit Tests (and E2E Tests, if appropriate)
  • Comprehensive Commit Messages
  • Links to related GitHub Issue(s)

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 15, 2023
@joelanford joelanford force-pushed the oci-artifacts branch 2 times, most recently from dbf285f to 9d22216 Compare June 16, 2023 05:05
@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jun 21, 2023
@openshift-merge-robot
Copy link

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

perdasilva
perdasilva reviewed Jul 17, 2023
View reviewed changes
config/samples/catalogd_operatorcatalog.yaml
@@ -1,9 +1,9 @@
apiVersion: catalogd.operatorframework.io/v1alpha1
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would it be better to add a new sample rather than edit the existing one? Or are we subbing out image src in favor of oci?

perdasilva
perdasilva reviewed Jul 17, 2023
View reviewed changes
internal/controllers/operator_controller.go
@@ -152,6 +153,12 @@ func (r *OperatorReconciler) reconcile(ctx context.Context, op *operatorsv1alpha
return ctrl.Result{}, err
}

sourceType := rukpakv1alpha1.SourceTypeImage
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this logic move to rukpak?

perdasilva
perdasilva reviewed Jul 17, 2023
View reviewed changes
go.mod
@@ -9,7 +9,7 @@ require (
github.com/onsi/gomega v1.27.7
github.com/operator-framework/catalogd v0.3.0
github.com/operator-framework/deppy v0.0.0-20230602120738-cbf2c66b141b
github.com/operator-framework/operator-registry v1.26.3
github.com/operator-framework/operator-registry v1.28.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we want a separate PR for this?

perdasilva
perdasilva reviewed Jul 17, 2023
View reviewed changes
Copy link
Contributor

@perdasilva perdasilva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks awesome!

@joelanford
Copy link
Member Author

Closing since this served its purpose for demos and there are no plans to merge this.

@joelanford joelanford closed this Aug 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@perdasilva perdasilva perdasilva left review comments

Assignees
No one assigned
Labels
do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@joelanford @openshift-merge-robot @perdasilva