Skip to content
This repository was archived by the owner on Nov 27, 2024. It is now read-only.

Commit 78ca583

Browse files
authored
operator: update config for a newer kustomize (#213)
* operator: update config for a newer kustomize By default, when operator-sdk scaffolds a new operator, it uses a fairly old dialect of kustomize's configuration language, which isn't supported in newer versions of kustomize. If we want to be consumed into infra-deployments directly, we need to update our configs to have compatibility with kustomize v5.0 and later. While we're at it, we're not likely going to be using OLM as a deployment mechanism, so keeping support for it is just bloat in our repository. It also results in more things landing in our release that we don't really need (such as samples and a scorecard). Let's remove this stuff to prune things. Signed-off-by: Andy Sadler <ansadler@redhat.com> * address feedback Signed-off-by: Andy Sadler <ansadler@redhat.com> * fix typo Signed-off-by: Andy Sadler <ansadler@redhat.com> --------- Signed-off-by: Andy Sadler <ansadler@redhat.com>
1 parent 64dff14 commit 78ca583

21 files changed

Lines changed: 110 additions & 624 deletions

e2e/Makefile

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,8 +37,7 @@ deploy-operator:
3737
cd config/manager && \
3838
( \
3939
toolchain_host=$$($(KUBECLI) get namespaces -o name | grep toolchain-host | cut -d'/' -f2 | head -n 1); \
40-
$(KUSTOMIZE) edit add configmap operator-config \
41-
--behavior=replace \
40+
$(KUSTOMIZE) edit add configmap operator-config --behavior=replace \
4241
--from-literal=kubesaw.namespace=$$(( [[ -n "$$toolchain_host" ]] && echo "$$toolchain_host" ) || echo "workspaces-system" ) \
4342
) \
4443
) && \

hack/tools/kustomize/go.mod

Lines changed: 19 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -2,45 +2,36 @@ module github.com/konflux-workspaces/workspaces/hack/tools/kustomize
22

33
go 1.22.0
44

5-
require sigs.k8s.io/kustomize/kustomize/v4 v4.5.7
5+
require sigs.k8s.io/kustomize/kustomize/v5 v5.4.2
66

77
require (
8-
github.com/PuerkitoBio/purell v1.1.1 // indirect
9-
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
10-
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
11-
github.com/davecgh/go-spew v1.1.1 // indirect
12-
github.com/evanphx/json-patch v4.11.0+incompatible // indirect
13-
github.com/go-errors/errors v1.0.1 // indirect
14-
github.com/go-openapi/jsonpointer v0.19.5 // indirect
15-
github.com/go-openapi/jsonreference v0.19.5 // indirect
16-
github.com/go-openapi/swag v0.19.14 // indirect
17-
github.com/golang/protobuf v1.5.2 // indirect
18-
github.com/google/gnostic v0.5.7-v3refs // indirect
8+
github.com/blang/semver/v4 v4.0.0 // indirect
9+
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
10+
github.com/go-errors/errors v1.4.2 // indirect
11+
github.com/go-openapi/jsonpointer v0.19.6 // indirect
12+
github.com/go-openapi/jsonreference v0.20.2 // indirect
13+
github.com/go-openapi/swag v0.22.4 // indirect
14+
github.com/golang/protobuf v1.5.3 // indirect
15+
github.com/google/gnostic-models v0.6.8 // indirect
1916
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
20-
github.com/imdario/mergo v0.3.6 // indirect
21-
github.com/inconshreveable/mousetrap v1.0.0 // indirect
17+
github.com/inconshreveable/mousetrap v1.1.0 // indirect
2218
github.com/josharian/intern v1.0.0 // indirect
23-
github.com/mailru/easyjson v0.7.6 // indirect
24-
github.com/mattn/go-runewidth v0.0.7 // indirect
25-
github.com/mitchellh/mapstructure v1.4.1 // indirect
19+
github.com/mailru/easyjson v0.7.7 // indirect
2620
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
27-
github.com/olekukonko/tablewriter v0.0.4 // indirect
2821
github.com/pkg/errors v0.9.1 // indirect
29-
github.com/spf13/cobra v1.4.0 // indirect
22+
github.com/spf13/cobra v1.8.0 // indirect
3023
github.com/spf13/pflag v1.0.5 // indirect
31-
github.com/xlab/treeprint v1.1.0 // indirect
24+
github.com/xlab/treeprint v1.2.0 // indirect
3225
go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
33-
golang.org/x/net v0.23.0 // indirect
3426
golang.org/x/sys v0.18.0 // indirect
3527
golang.org/x/text v0.14.0 // indirect
3628
google.golang.org/protobuf v1.33.0 // indirect
29+
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
3730
gopkg.in/inf.v0 v0.9.1 // indirect
38-
gopkg.in/yaml.v2 v2.4.0 // indirect
3931
gopkg.in/yaml.v3 v3.0.1 // indirect
40-
k8s.io/kube-openapi v0.0.0-20220401212409-b28bf2818661 // indirect
41-
k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect
42-
sigs.k8s.io/kustomize/api v0.12.1 // indirect
43-
sigs.k8s.io/kustomize/cmd/config v0.10.9 // indirect
44-
sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect
45-
sigs.k8s.io/yaml v1.2.0 // indirect
32+
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
33+
sigs.k8s.io/kustomize/api v0.17.2 // indirect
34+
sigs.k8s.io/kustomize/cmd/config v0.14.1 // indirect
35+
sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect
36+
sigs.k8s.io/yaml v1.4.0 // indirect
4637
)

hack/tools/kustomize/go.sum

Lines changed: 68 additions & 200 deletions
Large diffs are not rendered by default.

hack/tools/kustomize/tools.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@
55
package tools
66

77
import (
8-
_ "sigs.k8s.io/kustomize/kustomize/v4"
8+
_ "sigs.k8s.io/kustomize/kustomize/v5"
99
)

operator/Makefile

Lines changed: 4 additions & 127 deletions
Original file line numberDiff line numberDiff line change
@@ -1,55 +1,3 @@
1-
# VERSION defines the project version for the bundle.
2-
# Update this value when you upgrade the version of your project.
3-
# To re-generate a bundle for another specific version without changing the standard setup, you can:
4-
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
5-
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
6-
VERSION ?= 0.0.1
7-
8-
# CHANNELS define the bundle channels used in the bundle.
9-
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
10-
# To re-generate a bundle for other specific channels without changing the standard setup, you can:
11-
# - use the CHANNELS as arg of the bundle target (e.g make bundle CHANNELS=candidate,fast,stable)
12-
# - use environment variables to overwrite this value (e.g export CHANNELS="candidate,fast,stable")
13-
ifneq ($(origin CHANNELS), undefined)
14-
BUNDLE_CHANNELS := --channels=$(CHANNELS)
15-
endif
16-
17-
# DEFAULT_CHANNEL defines the default channel used in the bundle.
18-
# Add a new line here if you would like to change its default config. (E.g DEFAULT_CHANNEL = "stable")
19-
# To re-generate a bundle for any other default channel without changing the default setup, you can:
20-
# - use the DEFAULT_CHANNEL as arg of the bundle target (e.g make bundle DEFAULT_CHANNEL=stable)
21-
# - use environment variables to overwrite this value (e.g export DEFAULT_CHANNEL="stable")
22-
ifneq ($(origin DEFAULT_CHANNEL), undefined)
23-
BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL)
24-
endif
25-
BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL)
26-
27-
# IMAGE_TAG_BASE defines the docker.io namespace and part of the image name for remote images.
28-
# This variable is used to construct full image tags for bundle and catalog images.
29-
#
30-
# For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both
31-
# workspaces.io/workspaces-bundle:$VERSION and workspaces.io/workspaces-catalog:$VERSION.
32-
IMAGE_TAG_BASE ?= workspaces.io/workspaces
33-
34-
# BUNDLE_IMG defines the image:tag used for the bundle.
35-
# You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=<some-registry>/<project-name-bundle>:<tag>)
36-
BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION)
37-
38-
# BUNDLE_GEN_FLAGS are the flags passed to the operator-sdk generate bundle command
39-
BUNDLE_GEN_FLAGS ?= -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
40-
41-
# USE_IMAGE_DIGESTS defines if images are resolved via tags or digests
42-
# You can enable this value if you would like to use SHA Based Digests
43-
# To enable set flag to true
44-
USE_IMAGE_DIGESTS ?= false
45-
ifeq ($(USE_IMAGE_DIGESTS), true)
46-
BUNDLE_GEN_FLAGS += --use-image-digests
47-
endif
48-
49-
# Set the Operator SDK version to use. By default, what is installed on the system is used.
50-
# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
51-
OPERATOR_SDK_VERSION ?= v1.31.0
52-
531
# Image URL to use all building/pushing image targets
542
IMG ?= controller:latest
553
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
@@ -197,7 +145,7 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
197145
ENVTEST ?= $(LOCALBIN)/setup-envtest
198146

199147
## Tool Versions
200-
KUSTOMIZE_VERSION ?= v3.8.7
148+
KUSTOMIZE_VERSION ?= v5.4.2
201149
CONTROLLER_TOOLS_VERSION ?= v0.14.0
202150

203151
KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
@@ -221,79 +169,6 @@ envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
221169
$(ENVTEST): $(LOCALBIN)
222170
test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
223171

224-
.PHONY: operator-sdk
225-
OPERATOR_SDK ?= $(LOCALBIN)/operator-sdk
226-
operator-sdk: ## Download operator-sdk locally if necessary.
227-
ifeq (,$(wildcard $(OPERATOR_SDK)))
228-
ifeq (, $(shell which operator-sdk 2>/dev/null))
229-
@{ \
230-
set -e ;\
231-
mkdir -p $(dir $(OPERATOR_SDK)) ;\
232-
OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \
233-
curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$${OS}_$${ARCH} ;\
234-
chmod +x $(OPERATOR_SDK) ;\
235-
}
236-
else
237-
OPERATOR_SDK = $(shell which operator-sdk)
238-
endif
239-
endif
240-
241-
.PHONY: bundle
242-
bundle: manifests kustomize operator-sdk ## Generate bundle manifests and metadata, then validate generated files.
243-
$(OPERATOR_SDK) generate kustomize manifests -q
244-
cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
245-
$(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS)
246-
$(OPERATOR_SDK) bundle validate ./bundle
247-
248-
.PHONY: bundle-build
249-
bundle-build: ## Build the bundle image.
250-
$(CONTAINER_TOOL) build -f bundle.Dockerfile -t $(BUNDLE_IMG) .
251-
252-
.PHONY: bundle-push
253-
bundle-push: ## Push the bundle image.
254-
$(MAKE) docker-push IMG=$(BUNDLE_IMG)
255-
256-
.PHONY: opm
257-
OPM = ./bin/opm
258-
opm: ## Download opm locally if necessary.
259-
ifeq (,$(wildcard $(OPM)))
260-
ifeq (,$(shell which opm 2>/dev/null))
261-
@{ \
262-
set -e ;\
263-
mkdir -p $(dir $(OPM)) ;\
264-
OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \
265-
curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$${OS}-$${ARCH}-opm ;\
266-
chmod +x $(OPM) ;\
267-
}
268-
else
269-
OPM = $(shell which opm)
270-
endif
271-
endif
272-
273-
# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v0.2.0).
274-
# These images MUST exist in a registry and be pull-able.
275-
BUNDLE_IMGS ?= $(BUNDLE_IMG)
276-
277-
# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v0.2.0).
278-
CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:v$(VERSION)
279-
280-
# Set CATALOG_BASE_IMG to an existing catalog image tag to add $BUNDLE_IMGS to that image.
281-
ifneq ($(origin CATALOG_BASE_IMG), undefined)
282-
FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG)
283-
endif
284-
285-
# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'.
286-
# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see:
287-
# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator
288-
.PHONY: catalog-build
289-
catalog-build: opm ## Build a catalog image.
290-
$(OPM) index add --container-tool $(CONTAINER_TOOL) --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT)
291-
292-
# Push the catalog image.
293-
.PHONY: catalog-push
294-
catalog-push: ## Push a catalog image.
295-
$(MAKE) docker-push IMG=$(CATALOG_IMG)
296-
297172
MANIFEST_TARBALL := $(OUTDIR)/operator.tar.gz
298173

299174
# Clean generated files & artifacts
@@ -304,5 +179,7 @@ clean:
304179
# Package the config/ directory into a tarball for deployment via infra-deployments.
305180
.PHONY: package
306181
package: kustomize $(OUTDIR)
307-
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
182+
cd config/manager && \
183+
$(KUSTOMIZE) edit set image controller=${IMG} && \
184+
$(KUSTOMIZE) edit add configmap operator-config --behavior=replace --from-literal=kubesaw.namespace=toolchain-host-operator
308185
tar -caf $(MANIFEST_TARBALL) config/

operator/config/crd/kustomization.yaml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
1-
# This kustomization.yaml is not intended to be run by itself,
2-
# since it depends on service name and namespace that are out of this kustomize package.
3-
# It should be run by config/default
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
43
resources:
54
- bases/workspaces.konflux.io_internalworkspaces.yaml
65
#+kubebuilder:scaffold:crdkustomizeresource
Lines changed: 5 additions & 67 deletions
Original file line numberDiff line numberDiff line change
@@ -1,72 +1,10 @@
1-
# Adds namespace to all resources.
1+
apiVersion: kustomize.config.k8s.io/v1beta1
2+
kind: Kustomization
23
namespace: workspaces-system
3-
4-
# Value of this field is prepended to the
5-
# names of all resources, e.g. a deployment named
6-
# "wordpress" becomes "alices-wordpress".
7-
# Note that it should also match with the prefix (text before '-') of the namespace
8-
# field above.
94
namePrefix: workspaces-
10-
11-
# Labels to add to all resources and selectors.
12-
#commonLabels:
13-
# someName: someValue
14-
15-
bases:
5+
resources:
166
- ../crd
177
- ../rbac
188
- ../manager
19-
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
20-
# crd/kustomization.yaml
21-
#- ../webhook
22-
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
23-
#- ../certmanager
24-
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
25-
#- ../prometheus
26-
27-
patchesStrategicMerge:
28-
# Protect the /metrics endpoint by putting it behind auth.
29-
# If you want your controller-manager to expose the /metrics
30-
# endpoint w/o any authn/z, please comment the following line.
31-
- manager_auth_proxy_patch.yaml
32-
33-
34-
35-
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
36-
# crd/kustomization.yaml
37-
#- manager_webhook_patch.yaml
38-
39-
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
40-
# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
41-
# 'CERTMANAGER' needs to be enabled to use ca injection
42-
#- webhookcainjection_patch.yaml
43-
44-
# the following config is for teaching kustomize how to do var substitution
45-
vars:
46-
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
47-
#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
48-
# objref:
49-
# kind: Certificate
50-
# group: cert-manager.io
51-
# version: v1
52-
# name: serving-cert # this name should match the one in certificate.yaml
53-
# fieldref:
54-
# fieldpath: metadata.namespace
55-
#- name: CERTIFICATE_NAME
56-
# objref:
57-
# kind: Certificate
58-
# group: cert-manager.io
59-
# version: v1
60-
# name: serving-cert # this name should match the one in certificate.yaml
61-
#- name: SERVICE_NAMESPACE # namespace of the service
62-
# objref:
63-
# kind: Service
64-
# version: v1
65-
# name: webhook-service
66-
# fieldref:
67-
# fieldpath: metadata.namespace
68-
#- name: SERVICE_NAME
69-
# objref:
70-
# kind: Service
71-
# version: v1
72-
# name: webhook-service
9+
patches:
10+
- path: manager_auth_proxy_patch.yaml

operator/config/default/manager_auth_proxy_patch.yaml

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,3 @@
1-
# This patch inject a sidecar container which is a HTTP proxy for the
2-
# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
31
apiVersion: apps/v1
42
kind: Deployment
53
metadata:
@@ -17,9 +15,9 @@ spec:
1715
operator: In
1816
values:
1917
- amd64
20-
- arm64
21-
- ppc64le
22-
- s390x
18+
# - arm64
19+
# - ppc64le
20+
# - s390x
2321
- key: kubernetes.io/os
2422
operator: In
2523
values:

operator/config/default/manager_config_patch.yaml

Lines changed: 0 additions & 10 deletions
This file was deleted.
Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
1-
resources:
2-
- manager.yaml
31
apiVersion: kustomize.config.k8s.io/v1beta1
42
kind: Kustomization
53
images:
64
- name: controller
75
newName: controller
86
newTag: latest
7+
resources:
8+
- manager.yaml

0 commit comments

Comments
 (0)