Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] no olm webhook #2421

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

[WIP] no olm webhook #2421

wants to merge 8 commits into from

Conversation

qpdpQ
Copy link
Contributor

@qpdpQ qpdpQ commented Mar 4, 2025

What this PR does / why we need it:
Add commonservice webhook and operandrequest webhook in cs-operator

@qpdpQ
no olm webhook init
b054835 
Signed-off-by: Allen Li <[email protected]>
@ibm-ci-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qpdpQ

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@qpdpQ
Copy link
Contributor Author

qpdpQ commented Mar 4, 2025
edited
Loading

webhook with service-ca cert works now

I0304 19:57:22.806739 1 operator_webhooks.go:215] Reconciling common service webhook service
I0304 19:57:22.907833 1 operator_webhooks.go:240] Creating common service webhook service
I0304 19:57:22.920952 1 operator_webhooks.go:178] Creating common service webhook CA ConfigMap
I0304 19:57:22.927648 1 operator_webhooks.go:305] Waiting for common service webhook CA generated
I0304 19:57:23.997549 1 no_olm_commonservice_controller.go:132] Updating common-service-maps ConfigMap in kube-public
Full log 
I0304 19:56:52.118510       1 request.go:601] Waited for 1.015714112s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/performance.openshift.io/v2?timeout=32s
1.741118215627807e+09	INFO	controller-runtime.metrics	Metrics server is starting to listen	{"addr": ":8080"}
I0304 19:56:55.629161       1 main.go:132] Identifying Common Service Operator Role in the namespace operators
I0304 19:57:02.126498       1 request.go:601] Waited for 1.844117752s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/admissionregistration.k8s.io/v1?timeout=32s
I0304 19:57:09.486948       1 main.go:166] Setup commonservice manager
I0304 19:57:12.137723       1 request.go:601] Waited for 2.644959752s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/dataprotectionserver.idp.ibm.com/v1?timeout=32s
I0304 19:57:14.091197       1 main.go:176] Start go routines
I0304 19:57:14.091508       1 waitToCreateCsCR.go:33] Start to Create CommonService CR in the namespace operators
I0304 19:57:14.095739       1 cleanup_resources.go:102] StatefulSet icp-mongodb does not exist in operators, skip deleting mongodb-preload-endpoint ConfigMap
I0304 19:57:18.695284       1 main.go:259] Starting manager
I0304 19:57:18.696056       1 cache.go:334] Start filtered cache
I0304 19:57:18.696107       1 filtered-cache.go:417] Start filtered cache
1.7411182386961446e+09	INFO	Starting server	{"path": "/metrics", "kind": "metrics", "addr": "[::]:8080"}
W0304 19:57:18.696351       1 shared_informer.go:401] The sharedIndexInformer has started, run more than once is not allowed
W0304 19:57:18.696410       1 shared_informer.go:401] The sharedIndexInformer has started, run more than once is not allowed
1.741118238696471e+09	INFO	Starting server	{"kind": "health probe", "addr": "[::]:8081"}
1.7411182406980107e+09	INFO	Starting EventSource	{"controller": "commonservice", "controllerGroup": "operator.ibm.com", "controllerKind": "CommonService", "source": "kind source: *v3.CommonService"}
1.7411182406980424e+09	INFO	Starting EventSource	{"controller": "podrefresh-controller", "source": "kind source: *v1.Certificate"}
1.7411182406981041e+09	INFO	Starting Controller	{"controller": "podrefresh-controller"}
1.741118240698073e+09	INFO	Starting EventSource	{"controller": "commonservice", "controllerGroup": "operator.ibm.com", "controllerKind": "CommonService", "source": "kind source: *v1.ConfigMap"}
1.7411182406981075e+09	INFO	Starting EventSource	{"controller": "addlabel-controller", "source": "kind source: *v1.Certificate"}
1.7411182406981854e+09	INFO	Starting EventSource	{"controller": "commonservice", "controllerGroup": "operator.ibm.com", "controllerKind": "CommonService", "source": "kind source: *v1alpha1.OperandRegistry"}
1.741118240698226e+09	INFO	Starting Controller	{"controller": "commonservice", "controllerGroup": "operator.ibm.com", "controllerKind": "CommonService"}
1.7411182406982255e+09	INFO	Starting Controller	{"controller": "addlabel-controller"}
1.7411182406993883e+09	INFO	Starting EventSource	{"controller": "certificaterefresh-controller", "source": "kind source: *v1.Secret"}
1.741118240699442e+09	INFO	Starting Controller	{"controller": "certificaterefresh-controller"}
I0304 19:57:22.154930       1 request.go:601] Waited for 3.342800311s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/operator.ibm.com/v1alpha1?timeout=32s
1.741118242700512e+09	INFO	Starting workers	{"controller": "certificaterefresh-controller", "worker count": 1}
1.7411182427007442e+09	INFO	Reconciling CertificateRefresh	{"controller": "certificaterefresh-controller", "object": {"name":"cs-ca-certificate-secret","namespace":"operators"}, "namespace": "operators", "name": "cs-ca-certificate-secret", "reconcileID": "0f8f6f21-c9bc-43b8-bc72-529866a65ec2", "req.Namespace": "operators", "req.Name": "cs-ca-certificate-secret"}
1.7411182427008548e+09	INFO	Certificate Secret is a CA, its leaf should be refreshed	{"controller": "certificaterefresh-controller", "object": {"name":"cs-ca-certificate-secret","namespace":"operators"}, "namespace": "operators", "name": "cs-ca-certificate-secret", "reconcileID": "0f8f6f21-c9bc-43b8-bc72-529866a65ec2", "Secret.Name": "cs-ca-certificate-secret", "Secret.Namespace": "operators"}
1.741118242801521e+09	INFO	All leaf certificates refreshed for	{"controller": "certificaterefresh-controller", "object": {"name":"cs-ca-certificate-secret","namespace":"operators"}, "namespace": "operators", "name": "cs-ca-certificate-secret", "reconcileID": "0f8f6f21-c9bc-43b8-bc72-529866a65ec2", "Secret.Name": "cs-ca-certificate-secret", "Secret.Namespace": "operators"}
1.7411182428015203e+09	INFO	Starting workers	{"controller": "podrefresh-controller", "worker count": 1}
1.741118242801565e+09	INFO	Starting workers	{"controller": "addlabel-controller", "worker count": 1}
1.741118242801741e+09	INFO	Reconciling CertificateRefresh	{"controller": "addlabel-controller", "object": {"name":"cs-ca-certificate","namespace":"operators"}, "namespace": "operators", "name": "cs-ca-certificate", "reconcileID": "1cc073b4-ba35-4b26-a4ec-4104670a9737", "req.Namespace": "operators", "req.Name": "cs-ca-certificate"}
1.74111824280247e+09	INFO	Starting workers	{"controller": "commonservice", "controllerGroup": "operator.ibm.com", "controllerKind": "CommonService", "worker count": 1}
I0304 19:57:22.802616       1 commonservice_controller.go:66] Reconciling CommonService: operators/common-service
E0304 19:57:22.806682       1 commonservice_controller.go:95] Accept license by changing .spec.license.accept to true in the CommonService CR. Operator will not proceed until then
I0304 19:57:22.806706       1 commonservice_controller.go:99] Reconciling CommonService: operators/common-service in No OLM environment
I0304 19:57:22.806718       1 no_olm_commonservice_controller.go:41] Reconciling CommonService: operators/common-service in non OLM environment
I0304 19:57:22.806726       1 recocile_pause.go:49] Checking annotations for pause request
I0304 19:57:22.806739       1 operator_webhooks.go:215] Reconciling common service webhook service
I0304 19:57:22.907833       1 operator_webhooks.go:240] Creating common service webhook service
I0304 19:57:22.920952       1 operator_webhooks.go:178] Creating common service webhook CA ConfigMap
I0304 19:57:22.927648       1 operator_webhooks.go:305] Waiting for common service webhook CA generated
I0304 19:57:23.997549       1 no_olm_commonservice_controller.go:132] Updating common-service-maps ConfigMap in kube-public
I0304 19:57:24.004618       1 init.go:1327] Checking if resource Issuer CRD exsits 
I0304 19:57:28.608324       1 init.go:1327] Checking if resource Certificate CRD exsits 
I0304 19:57:32.159340       1 request.go:601] Waited for 3.544837471s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/flowcontrol.apiserver.k8s.io/v1?timeout=32s
I0304 19:57:33.220023       1 init.go:1378] Deploying Cert Manager CRs
I0304 19:57:42.174176       1 request.go:601] Waited for 4.345330893s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/controlplane.operator.openshift.io/v1alpha1?timeout=32s
I0304 19:57:47.029233       1 init.go:1411] Checking Cert Manager Certs and Issuers deployment
I0304 19:57:47.046637       1 no_olm_commonservice_controller.go:188] It is a non-OLM mode, skip creating EDB Image ConfigMap...
I0304 19:57:47.046666       1 no_olm_commonservice_controller.go:190] Start to Create ODLM CR in the namespace operators
I0304 19:57:47.046680       1 no_olm_commonservice_controller.go:197] Checking if OperandRegistry and OperandConfig CRD already exist
I0304 19:57:52.700134       1 request.go:601] Waited for 1.046147584s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/ibmcpcs.ibm.com/v1?timeout=32s
I0304 19:57:56.251974       1 no_olm_commonservice_controller.go:202] Installing/Updating OperandRegistry
I0304 19:57:56.274056       1 init.go:476] Updating resource with name: common-service, namespace: operators, kind: OperandRegistry, apiversion: operator.ibm.com/v1alpha1
I0304 19:57:56.289540       1 no_olm_commonservice_controller.go:208] Installing/Updating OperandConfig
I0304 19:57:56.339227       1 init.go:476] Updating resource with name: common-service, namespace: operators, kind: OperandConfig, apiversion: operator.ibm.com/v1alpha1
I0304 19:57:56.413535       1 render_template.go:49] Applying storageClass configuration
I0304 19:57:56.414103       1 render_template.go:163] Applying size configuration
I0304 19:57:56.449526       1 render_template.go:49] Applying storageClass configuration
I0304 19:57:56.449844       1 render_template.go:163] Applying size configuration
I0304 19:57:56.453548       1 render_template.go:49] Applying storageClass configuration
I0304 19:57:56.453743       1 render_template.go:163] Applying size configuration
1.7411182765415504e+09	DEBUG	events	Normal	{"object": {"kind":"CommonService","namespace":"operators","name":"common-service","uid":"7d0a6eb7-526c-46f5-852c-8dc820f0f95e","apiVersion":"operator.ibm.com/v3","resourceVersion":"52409599"}, "reason": "Noeffect", "message": "No update, resource sizings in the OperandConfig operators/common-service are larger than the profile from CommonService CR operators/common-service"}
I0304 19:57:56.551622       1 operatorconfig.go:36] Applying OperatorConfig
1.7411182765798442e+09	DEBUG	events	Normal	{"object": {"kind":"CommonService","namespace":"operators","name":"common-service","uid":"7d0a6eb7-526c-46f5-852c-8dc820f0f95e","apiVersion":"operator.ibm.com/v3","resourceVersion":"52409599"}, "reason": "Noeffect", "message": "No update, replica sizings in the OperatorConfig operators/common-service are larger than the profile from CommonService CR operators/common-service"}
I0304 19:57:56.597322       1 no_olm_commonservice_controller.go:311] Finished reconciling CommonService: operators/common-service
I0304 19:57:56.614077       1 commonservice_controller.go:66] Reconciling CommonService: operators/common-service-1
I0304 19:57:56.619951       1 commonservice_controller.go:99] Reconciling CommonService: operators/common-service-1 in No OLM environment
I0304 19:57:56.619981       1 no_olm_commonservice_controller.go:41] Reconciling CommonService: operators/common-service-1 in non OLM environment
I0304 19:57:56.619991       1 recocile_pause.go:49] Checking annotations for pause request
I0304 19:57:56.647690       1 init.go:1327] Checking if resource Issuer CRD exsits 
I0304 19:58:01.251027       1 init.go:1327] Checking if resource Certificate CRD exsits 
I0304 19:58:02.702318       1 request.go:601] Waited for 1.444844208s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/apiserver.openshift.io/v1?timeout=32s
I0304 19:58:05.860579       1 init.go:1378] Deploying Cert Manager CRs
I0304 19:58:12.715359       1 request.go:601] Waited for 2.244990248s due to client-side throttling, not priority and fairness, request: GET:https://172.30.0.1:443/apis/kafka.strimzi.io/v1beta2?timeout=32s
I0304 19:58:19.672820       1 init.go:1411] Checking Cert Manager Certs and Issuers deployment
I0304 19:58:19.688568       1 render_template.go:49] Applying storageClass configuration
I0304 19:58:19.688981       1 render_template.go:163] Applying size configuration
I0304 19:58:19.726090       1 render_template.go:49] Applying storageClass configuration
I0304 19:58:19.726412       1 render_template.go:163] Applying size configuration
I0304 19:58:19.731527       1 render_template.go:49] Applying storageClass configuration
I0304 19:58:19.731874       1 render_template.go:163] Applying size configuration
I0304 19:58:19.842929       1 operatorconfig.go:36] Applying OperatorConfig
1.7411182998429625e+09	DEBUG	events	Normal	{"object": {"kind":"CommonService","namespace":"operators","name":"common-service-1","uid":"4488e7cd-888e-49cb-b052-a4cfe1abd9fb","apiVersion":"operator.ibm.com/v3","resourceVersion":"52409608"}, "reason": "Noeffect", "message": "No update, resource sizings in the OperandConfig operators/common-service are larger than the profile from CommonService CR operators/common-service-1"}
1.7411182998677955e+09	DEBUG	events	Normal	{"object": {"kind":"CommonService","namespace":"operators","name":"common-service-1","uid":"4488e7cd-888e-49cb-b052-a4cfe1abd9fb","apiVersion":"operator.ibm.com/v3","resourceVersion":"52409608"}, "reason": "Noeffect", "message": "No update to, replica sizings in the OperatorConfig operators/test-operator-config are larger than the profile from CommonService CR operators/common-service-1"}
I0304 19:58:19.887502       1 no_olm_commonservice_controller.go:415] Finished reconciling CommonService: operators/common-service-1
Screenshot 2025-03-04 at 5 36 00 PM

still need to use cert-manager to inject cert to webhook service and configuration instead of olm service-ca cert

qpdpQ added 3 commits March 4, 2025 14:31
@qpdpQ
remove catalogsource check in webhook
e1941e6 
Signed-off-by: Allen Li <[email protected]>
@qpdpQ
add todo
3f40430 
Signed-off-by: Allen Li <[email protected]>
@qpdpQ
update
7362eba 
Signed-off-by: Allen Li <[email protected]>
@ibm-ci-bot
Copy link
Collaborator

@qpdpQ: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
check-ibm-common-service-operator 7362eba link true /test check-ibm-common-service-operator

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bitscuit bitscuit Awaiting requested review from bitscuit

@bluzarraga bluzarraga Awaiting requested review from bluzarraga

Assignees
No one assigned
Labels
approved do-not-merge/work-in-progress size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@qpdpQ @ibm-ci-bot