├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── PULL_REQUEST_TEMPLATE.md ├── dco.yml └── dependabot.yml ├── .gitignore ├── .osdk-scorecard.yaml ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── Makefile ├── OWNERS ├── PROJECT ├── README.md ├── RELEASE.md ├── SECURITY_CONTACTS ├── api └── v1alpha1 │ ├── finalizer.go │ ├── groupversion_info.go │ ├── operandbindinfo_types.go │ ├── operandconfig_types.go │ ├── operandregistry_types.go │ ├── operandrequest_types.go │ ├── operatorconfig_types.go │ └── zz_generated.deepcopy.go ├── base_images.json ├── bundle.Dockerfile ├── bundle ├── manifests │ ├── operand-deployment-lifecycle-manager.clusterserviceversion.yaml │ ├── operator.ibm.com_operandbindinfos.yaml │ ├── operator.ibm.com_operandconfigs.yaml │ ├── operator.ibm.com_operandregistries.yaml │ ├── operator.ibm.com_operandrequests.yaml │ └── operator.ibm.com_operatorconfigs.yaml ├── metadata │ └── annotations.yaml └── tests │ └── scorecard │ └── config.yaml ├── common ├── Makefile.common.mk ├── config │ ├── .golangci.yml │ └── kind-config.yaml ├── manifest.yaml └── scripts │ ├── .githooks │ ├── make_lint-all.sh │ └── pre-commit │ ├── artifactory_config_docker.sh │ ├── create_bundle.sh │ ├── gobuild.sh │ ├── install-kubebuilder.sh │ ├── install-olm.sh │ ├── install-operator-sdk.sh │ ├── install-opm.sh │ ├── lint_copyright_banner.sh │ ├── lint_go.sh │ ├── multiarch_image.sh │ ├── next-csv.sh │ └── push-csv.sh ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── operator.ibm.com_operandbindinfos.yaml │ │ ├── operator.ibm.com_operandconfigs.yaml │ │ ├── operator.ibm.com_operandregistries.yaml │ │ ├── operator.ibm.com_operandrequests.yaml │ │ └── operator.ibm.com_operatorconfigs.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── label_in_operandbindinfos.yaml │ │ ├── label_in_operandconfigs.yaml │ │ ├── label_in_operandregistries.yaml │ │ ├── label_in_operandrequests.yaml │ │ └── label_in_operatorconfigs.yaml ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── e2e │ ├── crd │ │ ├── bases │ │ │ ├── operator.ibm.com_namespacescopes.yaml │ │ │ ├── operator.ibm.com_operandbindinfos.yaml │ │ │ ├── operator.ibm.com_operandconfigs.yaml │ │ │ ├── operator.ibm.com_operandregistries.yaml │ │ │ └── operator.ibm.com_operandrequests.yaml │ │ └── kustomization.yaml │ ├── kustomization.yaml │ ├── manager │ │ ├── kustomization.yaml │ │ └── manager.yaml │ └── rbac │ │ ├── kustomization.yaml │ │ ├── role.yaml │ │ ├── role_binding.yaml │ │ └── service_account.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── bases │ │ └── operand-deployment-lifecycle-manager.clusterserviceversion.yaml │ └── kustomization.yaml ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── auth_proxy_client_clusterrole.yaml │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── operandbindinfo_editor_role.yaml │ ├── operandbindinfo_viewer_role.yaml │ ├── operandconfig_editor_role.yaml │ ├── operandconfig_viewer_role.yaml │ ├── operandregistry_editor_role.yaml │ ├── operandregistry_viewer_role.yaml │ ├── operandrequest_editor_role.yaml │ ├── operandrequest_viewer_role.yaml │ ├── operatorconfig_editor_role.yaml │ ├── operatorconfig_viewer_role.yaml │ ├── role.yaml │ ├── role_binding.yaml │ └── service_account.yaml ├── samples │ ├── kustomization.yaml │ ├── operator_v1alpha1_operandbindinfo.yaml │ ├── operator_v1alpha1_operandconfig.yaml │ ├── operator_v1alpha1_operandregistry.yaml │ ├── operator_v1alpha1_operandrequest.yaml │ └── operator_v1alpha1_operatorconfig.yaml ├── scorecard │ ├── bases │ │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ │ ├── basic.config.yaml │ │ └── olm.config.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── service.yaml ├── controllers ├── constant │ └── constant.go ├── k8sutil │ └── cache.go ├── namespacescope │ ├── namespacescope_controler_test.go │ ├── namespacescope_controller.go │ └── namespacescope_suite_test.go ├── operandbindinfo │ ├── operandbindinfo_controller.go │ ├── operandbindinfo_controller_test.go │ └── operandbindinfo_suite_test.go ├── operandconfig │ ├── operandconfig_controller.go │ ├── operandconfig_controller_test.go │ └── operandconfig_suite_test.go ├── operandregistry │ ├── operandregistry_controller.go │ ├── operandregistry_controller_test.go │ └── operandregistry_suite_test.go ├── operandrequest │ ├── operandrequest_controller.go │ ├── operandrequest_controller_test.go │ ├── operandrequest_suite_test.go │ ├── reconcile_operand.go │ ├── reconcile_operand_test.go │ ├── reconcile_operator.go │ └── reconcile_operator_test.go ├── operandrequestnoolm │ ├── operandrequestnoolm_controller.go │ ├── reconcile_operand.go │ └── reconcile_operator.go ├── operator │ ├── manager.go │ └── manager_test.go ├── operatorchecker │ └── operatorchecker_controller.go ├── operatorconfig │ ├── operatorconfig_controller.go │ └── operatorconfig_suite_test.go ├── testutil │ ├── packagemanifests_crd.yaml │ ├── test_data.go │ └── test_util.go └── util │ ├── merge.go │ ├── merge_test.go │ ├── multi_errors.go │ ├── multi_errors_test.go │ ├── util.go │ ├── util_suite_test.go │ └── util_test.go ├── docs ├── design │ ├── comparison-to-olm.md │ ├── create-cr-by-operandrequest.md │ └── operand-deployment-lifecycle-manager.md ├── dev │ ├── development.md │ └── e2e.md ├── images │ ├── before-update.png │ ├── create-operand-request.png │ ├── create-project.png │ ├── etcd-channel-after.png │ ├── etcd-channel-before.png │ ├── etcd-cluster-before.png │ ├── etcd-cluster-example-after.png │ ├── etcd-cluster-example-before.png │ ├── install-odlm-success.png │ ├── install-odlm.png │ ├── odlm-all-instances.png │ ├── odlm-arch.png │ ├── operand-request-create-done.png │ ├── operand-request-detail.png │ ├── operator-list.png │ ├── operator-source-list.png │ ├── search-install-odlm-preview.png │ └── search-odlm.png ├── install │ ├── install-with-kind.md │ ├── install-with-ocp-3.11.md │ └── install.md └── user │ ├── how-to-update-operandconfig.md │ ├── how-to-update-operandregistry.md │ └── how-to-use-operandBindInfo.md ├── go.mod ├── go.sum ├── hack └── boilerplate.go.txt ├── helm-cluster-scoped ├── Chart.yaml ├── templates │ ├── operator.ibm.com_operandbindinfos.yaml │ ├── operator.ibm.com_operandconfigs.yaml │ ├── operator.ibm.com_operandregistries.yaml │ ├── operator.ibm.com_operandrequests.yaml │ └── operator.ibm.com_operatorconfigs.yaml └── values.yaml ├── helm ├── Chart.yaml ├── templates │ ├── operator-deployment.yaml │ └── rbac.yaml └── values.yaml ├── main.go ├── test └── e2e │ ├── constants.go │ ├── e2e_suite_test.go │ ├── helpers_test.go │ ├── odlm_test.go │ └── utils_test.go ├── triggerfile └── version └── version.go /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Tell us about a problem you are experiencing 4 | 5 | --- 6 | 7 | /kind bug 8 | 9 | **What steps did you take and what happened:** 10 | [A clear and concise description of what the bug is.] 11 | 12 | 13 | **What did you expect to happen:** 14 | 15 | 16 | **Anything else you would like to add:** 17 | [Miscellaneous information that will assist in solving the issue.] 18 | 19 | 20 | **Environment:** 21 | 22 | - ODLM version: 23 | - Minikube/KIND/OCP version: 24 | - Kubernetes version: (use `kubectl version`): 25 | - OS (e.g. from `/etc/os-release`): 26 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature enhancement request 3 | about: Suggest an idea for this project 4 | 5 | --- 6 | 7 | /kind feature 8 | 9 | **Describe the solution you'd like** 10 | [A clear and concise description of what you want to happen.] 11 | 12 | 13 | **Anything else you would like to add:** 14 | [Miscellaneous information that will assist in solving the issue.] 15 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | **What this PR does / why we need it**: 2 | 3 | **Which issue(s) this PR fixes** *(optional, in `fixes #(, fixes #, ...)` format, will close the issue(s) when PR gets merged)*: 4 | Fixes # 5 | 6 | **Special notes for your reviewer**: 7 | 8 | 1. Please confirm that if this PR changes any image versions, then that's the sole change this PR makes. 9 | 10 | **Release note**: 11 | 15 | ```release-note 16 | 17 | ``` 18 | -------------------------------------------------------------------------------- /.github/dco.yml: -------------------------------------------------------------------------------- 1 | require: 2 | members: false 3 | 4 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: docker 4 | directory: "/" 5 | schedule: 6 | interval: daily 7 | target-branch: "master" 8 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Binaries for programs and plugins 3 | *.exe 4 | *.exe~ 5 | *.dll 6 | *.so 7 | *.dylib 8 | bin 9 | testbin 10 | testcrds 11 | 12 | # Test binary, build with `go test -c` 13 | *.test 14 | 15 | # Output of the go coverage tool, specifically when used with LiteIDE 16 | *.out 17 | 18 | # Kubernetes Generated files - skip generated files, except for vendored files 19 | 20 | !vendor/**/zz_generated.* 21 | 22 | # editor and IDE paraphernalia 23 | .idea 24 | *.swp 25 | *.swo 26 | *~ 27 | .vscode 28 | -------------------------------------------------------------------------------- /.osdk-scorecard.yaml: -------------------------------------------------------------------------------- 1 | scorecard: 2 | # Setting a global scorecard option 3 | bundle: deploy/olm-catalog/operand-deployment-lifecycle-manager 4 | plugins: 5 | - basic: 6 | cr-manifest: 7 | - "deploy/crds/operator.ibm.com_v1alpha1_operandconfig_cr.yaml" 8 | - "deploy/crds/operator.ibm.com_v1alpha1_operandregistry_cr.yaml" 9 | - "deploy/crds/operator.ibm.com_v1alpha1_operandrequest_cr.yaml" 10 | csv-path: "deploy/olm-catalog/operand-deployment-lifecycle-manager/1.2.0/operand-deployment-lifecycle-manager.v1.2.0.clusterserviceversion.yaml" 11 | - olm: 12 | cr-manifest: 13 | - "deploy/crds/operator.ibm.com_v1alpha1_operandconfig_cr.yaml" 14 | - "deploy/crds/operator.ibm.com_v1alpha1_operandregistry_cr.yaml" 15 | - "deploy/crds/operator.ibm.com_v1alpha1_operandrequest_cr.yaml" 16 | csv-path: "deploy/olm-catalog/operand-deployment-lifecycle-manager/1.2.0/operand-deployment-lifecycle-manager.v1.2.0.clusterserviceversion.yaml" 17 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Contributing guidelines](#contributing-guidelines) 6 | - [Developer Certificate of Origin](#developer-certificate-of-origin) 7 | - [Contributing A Patch](#contributing-a-patch) 8 | - [Issue and Pull Request Management](#issue-and-pull-request-management) 9 | - [Contribution flow](#contribution-flow) 10 | - [Pre-check before submitting a PR](#pre-check-before-submitting-a-pr) 11 | - [Build Operator Image](#build-operator-image) 12 | - [Build Bundle Image](#build-bundle-image) 13 | 14 | 15 | 16 | # Contributing guidelines 17 | 18 | ## Developer Certificate of Origin 19 | 20 | This repository built with [probot](https://github.com/probot/probot) that enforces the [Developer Certificate of Origin](https://developercertificate.org/) (DCO) on Pull Requests. It requires all commit messages to contain the `Signed-off-by` line with an email address that matches the commit author. 21 | 22 | ## Contributing A Patch 23 | 24 | 1. Submit an issue describing your proposed change to the repo in question. 25 | 1. The [repo owners](OWNERS) will respond to your issue promptly. 26 | 1. Fork the desired repo, develop and test your code changes. 27 | 1. Commit your changes with DCO 28 | 1. Submit a pull request. 29 | 30 | ## Issue and Pull Request Management 31 | 32 | Anyone may comment on issues and submit reviews for pull requests. However, in 33 | order to be assigned an issue or pull request, you must be a member of the 34 | [IBM](https://github.com/ibm) GitHub organization. 35 | 36 | Repo maintainers can assign you an issue or pull request by leaving a 37 | `/assign ` comment on the issue or pull request. 38 | 39 | ## Contribution flow 40 | 41 | This is a rough outline of what a contributor's workflow looks like: 42 | 43 | - Create a topic branch from where to base the contribution. This is usually master. 44 | - Make commits of logical units. 45 | - Make sure commit messages are in the proper format (see below). 46 | - Push changes in a topic branch to a personal fork of the repository. 47 | - Submit a pull request to IBM/operator-deployment-lifecycle-manager. 48 | - The PR must receive a LGTM from two maintainers found in the MAINTAINERS file. 49 | 50 | Thanks for contributing! 51 | 52 | ## Pre-check before submitting a PR 53 | 54 | After your PR is ready to commit, please run following commands to check your code and run the unit test. 55 | 56 | ```shell 57 | make code-dev 58 | ``` 59 | 60 | Then you need to make sure it can pass the e2e test 61 | 62 | ```shell 63 | make e2e-test-kind 64 | ``` 65 | 66 | ## Build Operator Image 67 | 68 | Make sure your code build passed. 69 | 70 | ```shell 71 | make build-operator-image 72 | ``` 73 | 74 | ## Build Bundle Image 75 | 76 | You can use the following command to build the operator bundle image 77 | 78 | ```shell 79 | make build-bundle-image 80 | ``` 81 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # Build the manager binary 2 | FROM docker-na-public.artifactory.swg-devops.com/hyc-cloud-private-dockerhub-docker-remote/golang:1.23.2 as builder 3 | ARG GOARCH 4 | 5 | WORKDIR /workspace 6 | # Copy the Go Modules manifests 7 | COPY go.mod go.mod 8 | COPY go.sum go.sum 9 | # cache deps before building and copying source so that we don't need to re-download as much 10 | # and so that source changes don't invalidate our downloaded layer 11 | RUN go mod download 12 | 13 | # Copy the go source 14 | COPY main.go main.go 15 | COPY api/ api/ 16 | COPY controllers/ controllers/ 17 | 18 | # Build 19 | RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on go build -a -o manager main.go 20 | 21 | # Use distroless as minimal base image to package the manager binary 22 | # Refer to https://github.com/GoogleContainerTools/distroless for more details 23 | # FROM gcr.io/distroless/static:nonroot 24 | FROM docker-na-public.artifactory.swg-devops.com/hyc-cloud-private-edge-docker-local/build-images/ubi9-minimal:latest 25 | 26 | ARG VCS_REF 27 | ARG VCS_URL 28 | ARG RELEASE_VERSION 29 | 30 | LABEL org.label-schema.vendor="IBM" \ 31 | org.label-schema.name="odlm" \ 32 | org.label-schema.description="Manager the lifecycle of the operands" \ 33 | org.label-schema.vcs-ref=$VCS_REF \ 34 | org.label-schema.vcs-url=$VCS_URL \ 35 | org.label-schema.license="Licensed Materials - Property of IBM" \ 36 | org.label-schema.schema-version="1.0" \ 37 | name="odlm" \ 38 | maintainer="IBM" \ 39 | vendor="IBM" \ 40 | version=$RELEASE_VERSION \ 41 | release=$RELEASE_VERSION \ 42 | description="Manager the lifecycle of the operands" \ 43 | summary="Manager the lifecycle of the operands" 44 | 45 | WORKDIR / 46 | COPY --from=builder /workspace/manager . 47 | 48 | # copy licenses 49 | RUN mkdir /licenses 50 | COPY LICENSE /licenses 51 | 52 | # USER nonroot:nonroot 53 | USER 1001 54 | 55 | ENTRYPOINT ["/manager"] 56 | -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - bitscuit 3 | - Daniel-Fan 4 | - qpdpQ 5 | - bluzarraga 6 | - YCShen1010 7 | - Jeremy-Cheng-stack 8 | reviewers: 9 | - bitscuit 10 | - Daniel-Fan 11 | - qpdpQ 12 | - bluzarraga 13 | - YCShen1010 14 | - Jeremy-Cheng-stack 15 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | # Code generated by tool. DO NOT EDIT. 2 | # This file is used to track the info used to scaffold your project 3 | # and allow the plugins properly work. 4 | # More info: https://book.kubebuilder.io/reference/project-config.html 5 | domain: ibm.com 6 | layout: 7 | - go.kubebuilder.io/v3 8 | plugins: 9 | manifests.sdk.operatorframework.io/v2: {} 10 | scorecard.sdk.operatorframework.io/v2: {} 11 | projectName: operand-deployment-lifecycle-manager 12 | repo: github.com/IBM/operand-deployment-lifecycle-manager 13 | resources: 14 | - controller: true 15 | domain: ibm.com 16 | group: operator 17 | kind: OperandRequest 18 | path: github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1 19 | version: v1alpha1 20 | - controller: true 21 | domain: ibm.com 22 | group: operator 23 | kind: OperandRegistry 24 | path: github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1 25 | version: v1alpha1 26 | - controller: true 27 | domain: ibm.com 28 | group: operator 29 | kind: OperandConfig 30 | path: github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1 31 | version: v1alpha1 32 | - controller: true 33 | domain: ibm.com 34 | group: operator 35 | kind: OperandBindInfo 36 | path: github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1 37 | version: v1alpha1 38 | - api: 39 | crdVersion: v1 40 | namespaced: true 41 | controller: true 42 | domain: ibm.com 43 | group: operator 44 | kind: OperatorConfig 45 | path: github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1 46 | version: v1alpha1 47 | version: "3" 48 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Docker Repository on Quay](https://quay.io/repository/opencloudio/odlm/status "Docker Repository on Quay")](https://quay.io/repository/opencloudio/odlm) 2 | [![License](http://img.shields.io/:license-apache-blue.svg)](http://www.apache.org/licenses/LICENSE-2.0.html) 3 | [![Go Report Card](https://goreportcard.com/badge/github.com/IBM/operand-deployment-lifecycle-manager)](https://goreportcard.com/report/github.com/IBM/operand-deployment-lifecycle-manager) 4 | 5 | 6 | 7 | - [Operand Deployment Lifecycle Manager (ODLM)](#operand-deployment-lifecycle-manager-odlm) 8 | - [Overview](#overview) 9 | - [Supported platforms](#supported-platforms) 10 | - [Prerequisites](#prerequisites) 11 | - [Documentation](#documentation) 12 | - [Developer guide](#developer-guide) 13 | - [Cloning the repository](#cloning-the-repository) 14 | - [Building the operator](#building-the-operator) 15 | - [Installing](#installing) 16 | - [Uninstalling](#uninstalling) 17 | - [Troubleshooting](#troubleshooting) 18 | - [Running Tests](#running-tests) 19 | - [Development](#development) 20 | - [SecurityContextConstraints Requirements](#securitycontextconstraints-requirements) 21 | 22 | 23 | 24 | # Operand Deployment Lifecycle Manager (ODLM) 25 | 26 | ## Overview 27 | 28 | **Note:** Documents in this repo are in active development. For the official documentation, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SSHKN6/installer/1.x.x/index.html). 29 | 30 | Operand Deployment Lifecycle Manager is used to manage the lifecycle of a group of operands. Check the design document [here](./docs/design/operand-deployment-lifecycle-manager.md). 31 | 32 | Operand Deployment Lifecycle Manager has four CRDs: 33 | 34 | | Resource | Short Name | Description | 35 | |--------------------------|------------|--------------------------------------------------------------------------------------------| 36 | | OperandRequest | opreq | It defines which operator/operand want to be installed in the cluster | 37 | | OperandRegistry | opreg | It defines the OLM information, like channel and catalog source, for each operator| 38 | | OperandConfig | opcon | It defines the parameters that should be used to install the operator's operand | 39 | | OperandBindInfo | opbi | It identifies secrets and/or configmaps that should be shared with requests | 40 | 41 | ## Supported platforms 42 | 43 | You can install the Operand Deployment Lifecycle Manager on Linux® x86_64 with Red Hat® OpenShift® Container Platform version 4.3+. 44 | 45 | ## Prerequisites 46 | 47 | - [operator-sdk][operator_sdk] version v1.3.0. 48 | - [go][go_tool] version 1.15.7+ 49 | - [oc][oc_tool] version v3.11+ or [kubectl][kubectl_tool] v1.11.3+ 50 | - Access to an Openshift v4.3+ cluster 51 | 52 | ## Documentation 53 | 54 | 55 | - [installation](./docs/install/install.md) 56 | - [design](./docs/design/operand-deployment-lifecycle-manager.md) 57 | 58 | ## Developer guide 59 | 60 | ### Cloning the repository 61 | 62 | Checkout this Operand Deployment Lifecycle Manager repository 63 | 64 | ```console 65 | # git clone https://github.com/IBM/operand-deployment-lifecycle-manager.git 66 | # cd operand-deployment-lifecycle-manager 67 | ``` 68 | 69 | ### Building the operator 70 | 71 | Build the odlm image and push it to a public registry, such as quay.io: 72 | 73 | ```console 74 | # make build 75 | # make images 76 | ``` 77 | 78 | ### Installing 79 | 80 | Run `make install` to install the operator. Check that the operator is running in the cluster, also check that the common service was deployed. 81 | 82 | Following the expected result. 83 | 84 | ```console 85 | # kubectl get all -n ibm-common-services 86 | NAME READY STATUS RESTARTS AGE 87 | pod/operand-deployment-lifecycle-manager-786d699956-z7k4n 1/1 Running 0 21s 88 | 89 | NAME READY UP-TO-DATE AVAILABLE AGE 90 | deployment.apps/operand-deployment-lifecycle-manager 1/1 1 1 22s 91 | 92 | NAME DESIRED CURRENT READY AGE 93 | replicaset.apps/operand-deployment-lifecycle-manager-786d699956 1 1 1 22s 94 | ``` 95 | 96 | ### Uninstalling 97 | 98 | To uninstall all that was performed in the above step run `make uninstall`. 99 | 100 | ### Troubleshooting 101 | 102 | Use the following command to check the operator logs. 103 | 104 | ```console 105 | # kubectl logs deployment.apps/operand-deployment-lifecycle-manager -n ibm-common-services 106 | ``` 107 | 108 | ### Running Tests 109 | 110 | - [End to end tests](./docs/dev/e2e.md) 111 | For more information see the [writing e2e tests](https://github.com/operator-framework/operator-sdk/blob/master/doc/test-framework/writing-e2e-tests.md) guide. 112 | - [scorecard](./doc/dev/scorecard.md) 113 | 114 | ### Development 115 | 116 | When the API or CRD changed, run `make code-dev` re-generate the code. 117 | 118 | [go_tool]: https://golang.org/dl/ 119 | [kubectl_tool]: https://kubernetes.io/docs/tasks/tools/install-kubectl/ 120 | [oc_tool]: https://docs.okd.io/3.11/cli_reference/get_started_cli.html#cli-reference-get-started-cli 121 | [operator_sdk]: https://github.com/operator-framework/operator-sdk 122 | [operator_install]: https://github.com/operator-framework/operator-sdk/blob/master/doc/user/install-operator-sdk.md 123 | 124 | ## SecurityContextConstraints Requirements 125 | 126 | The Operand Deployment Lifecycle Manager supports running under the OpenShift Container Platform default restricted security context constraints. 127 | -------------------------------------------------------------------------------- /RELEASE.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Release Process](#release-process) 6 | 7 | 8 | 9 | # Release Process 10 | 11 | The XXX is released on an as-needed basis. The process is as follows: 12 | 13 | 1. An issue is proposing a new release with a changelog since the last release 14 | 1. All [OWNERS](OWNERS) must LGTM this release 15 | 1. An OWNER runs `git tag -s $VERSION` and inserts the changelog and pushes the tag with `git push $VERSION` 16 | 1. The release issue is closed 17 | 1. An announcement email is sent to `xxx` with the subject `[ANNOUNCE] xxx $VERSION is released` 18 | -------------------------------------------------------------------------------- /SECURITY_CONTACTS: -------------------------------------------------------------------------------- 1 | # Defined below are the security contacts for this repo. 2 | # 3 | # They are the contact point for the Product Security Committee to reach out 4 | # to for triaging and handling of incoming issues. 5 | # 6 | 7 | horis233 8 | bitscuit 9 | Daniel-Fan 10 | -------------------------------------------------------------------------------- /api/v1alpha1/finalizer.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | // EnsureFinalizer ensures that the object's finalizer is included 24 | // in the ObjectMeta Finalizers slice. If it already exists, no state change occurs. 25 | // If it doesn't, the finalizer is appended to the slice. 26 | func EnsureFinalizer(objectMeta *metav1.ObjectMeta, expectedFinalizer string) bool { 27 | // First check if the finalizer is already included in the object. 28 | for _, finalizer := range objectMeta.Finalizers { 29 | if finalizer == expectedFinalizer { 30 | return false 31 | } 32 | } 33 | 34 | objectMeta.Finalizers = append(objectMeta.Finalizers, expectedFinalizer) 35 | return true 36 | } 37 | 38 | // RemoveFinalizer removes the finalizer from the object's ObjectMeta. 39 | func RemoveFinalizer(objectMeta *metav1.ObjectMeta, deletingFinalizer string) bool { 40 | outFinalizers := make([]string, 0) 41 | var changed bool 42 | for _, finalizer := range objectMeta.Finalizers { 43 | if finalizer == deletingFinalizer { 44 | changed = true 45 | continue 46 | } 47 | outFinalizers = append(outFinalizers, finalizer) 48 | } 49 | 50 | objectMeta.Finalizers = outFinalizers 51 | return changed 52 | } 53 | -------------------------------------------------------------------------------- /api/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | // Package v1alpha1 contains API Schema definitions for the operator v1alpha1 API group 18 | // +kubebuilder:object:generate=true 19 | // +groupName=operator.ibm.com 20 | package v1alpha1 21 | 22 | import ( 23 | "k8s.io/apimachinery/pkg/runtime/schema" 24 | "sigs.k8s.io/controller-runtime/pkg/scheme" 25 | ) 26 | 27 | var ( 28 | // GroupVersion is group version used to register these objects 29 | GroupVersion = schema.GroupVersion{Group: "operator.ibm.com", Version: "v1alpha1"} 30 | 31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 33 | 34 | // AddToScheme adds the types in this group-version to the given scheme. 35 | AddToScheme = SchemeBuilder.AddToScheme 36 | ) 37 | -------------------------------------------------------------------------------- /api/v1alpha1/operatorconfig_types.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | corev1 "k8s.io/api/core/v1" 21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 | ) 23 | 24 | // OperatorConfigSpec defines the desired state of OperatorConfig 25 | // +kubebuilder:pruning:PreserveUnknownFields 26 | type OperatorConfigSpec struct { 27 | // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster 28 | // Important: Run "make" to regenerate code after modifying this file 29 | 30 | // Foo is an example field of OperatorConfig. Edit operatorconfig_types.go to remove/update 31 | Foo string `json:"foo,omitempty"` 32 | 33 | // Services is a list of services to be configured, specifically their operators 34 | // +kubebuilder:pruning:PreserveUnknownFields 35 | Services []ServiceOperatorConfig `json:"services,omitempty"` 36 | } 37 | 38 | // ServiceOperatorConfig defines the configuration of the service. 39 | type ServiceOperatorConfig struct { 40 | // Name is the operator name as requested in the OperandRequest. 41 | Name string `json:"name"` 42 | // If specified, the pod's scheduling constraints 43 | // +optional 44 | Affinity *corev1.Affinity `json:"affinity,omitempty" protobuf:"bytes,18,opt,name=affinity"` 45 | // Number of desired pods. This is a pointer to distinguish between explicit 46 | // zero and not specified. Defaults to 1. 47 | // +optional 48 | Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"` 49 | // TopologySpreadConstraints describes how a group of pods ought to spread across topology 50 | // domains. Scheduler will schedule pods in a way which abides by the constraints. 51 | // All topologySpreadConstraints are ANDed. 52 | // +optional 53 | // +patchMergeKey=topologyKey 54 | // +patchStrategy=merge 55 | // +listType=map 56 | // +listMapKey=topologyKey 57 | // +listMapKey=whenUnsatisfiable 58 | TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty" patchStrategy:"merge" patchMergeKey:"topologyKey" protobuf:"bytes,33,opt,name=topologySpreadConstraints"` 59 | } 60 | 61 | // OperatorConfigStatus defines the observed state of OperatorConfig 62 | // +kubebuilder:pruning:PreserveUnknownFields 63 | type OperatorConfigStatus struct { 64 | // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster 65 | // Important: Run "make" to regenerate code after modifying this file 66 | } 67 | 68 | //+kubebuilder:object:root=true 69 | //+kubebuilder:subresource:status 70 | // +kubebuilder:resource:path=operatorconfigs,scope=Namespaced 71 | // +kubebuilder:printcolumn:name="Age",type=date,JSONPath=.metadata.creationTimestamp 72 | // +kubebuilder:printcolumn:name="Phase",type=string,JSONPath=.status.phase,description="Current Phase" 73 | // +kubebuilder:printcolumn:name="Created At",type=string,JSONPath=.metadata.creationTimestamp 74 | // +operator-sdk:csv:customresourcedefinitions:displayName="OperatorConfig" 75 | 76 | // OperatorConfig is the Schema for the operatorconfigs API. Documentation For additional details regarding install parameters check https://ibm.biz/icpfs39install. License By installing this product you accept the license terms https://ibm.biz/icpfs39license 77 | type OperatorConfig struct { 78 | metav1.TypeMeta `json:",inline"` 79 | metav1.ObjectMeta `json:"metadata,omitempty"` 80 | 81 | Spec OperatorConfigSpec `json:"spec,omitempty"` 82 | Status OperatorConfigStatus `json:"status,omitempty"` 83 | } 84 | 85 | //+kubebuilder:object:root=true 86 | 87 | // OperatorConfigList contains a list of OperatorConfig 88 | type OperatorConfigList struct { 89 | metav1.TypeMeta `json:",inline"` 90 | metav1.ListMeta `json:"metadata,omitempty"` 91 | Items []OperatorConfig `json:"items"` 92 | } 93 | 94 | // GetConfigForOperator obtains a particular ServiceOperatorConfig by using operator name for searching. 95 | func (r *OperatorConfig) GetConfigForOperator(name string) *ServiceOperatorConfig { 96 | for _, o := range r.Spec.Services { 97 | if o.Name == name { 98 | return &o 99 | } 100 | } 101 | return nil 102 | } 103 | 104 | func init() { 105 | SchemeBuilder.Register(&OperatorConfig{}, &OperatorConfigList{}) 106 | } 107 | -------------------------------------------------------------------------------- /base_images.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "imageType": "external", 4 | "sourceRepo": "registry.access.redhat.com", 5 | "sourceNamespace": "ubi9", 6 | "sourceImage": "ubi-minimal", 7 | "destStage": "edge", 8 | "destNamespace": "build-images", 9 | "destImage": "ubi9-minimal", 10 | "tag": "9.6-1747218906", 11 | "updatePackages": [] 12 | }, 13 | { 14 | "imageType": "external", 15 | "sourceRepo": "registry.access.redhat.com", 16 | "sourceNamespace": "ubi9", 17 | "sourceImage": "ubi", 18 | "destStage": "edge", 19 | "destNamespace": "build-images", 20 | "destImage": "ubi9", 21 | "tag": "9.6-1747219013", 22 | "updatePackages": [] 23 | }, 24 | { 25 | "imageType": "external", 26 | "sourceRepo": "registry.access.redhat.com", 27 | "sourceNamespace": "ubi9", 28 | "sourceImage": "ubi-micro", 29 | "destStage": "edge", 30 | "destNamespace": "build-images", 31 | "destImage": "ubi9-micro", 32 | "tag": "9.6-1745521186", 33 | "updatePackages": [] 34 | }, 35 | { 36 | "imageType": "node", 37 | "sourceImage": "ubi9-minimal", 38 | "sourceTag": "9.6-1747218906", 39 | "destImage": "node-v20-ubi9-minimal", 40 | "nodeVersion": "20.19.2" 41 | }, 42 | { 43 | "imageType": "node", 44 | "sourceImage": "ubi9-minimal", 45 | "sourceTag": "9.6-1747218906", 46 | "destImage": "node-v22-ubi9-minimal", 47 | "nodeVersion": "22.15.1" 48 | } 49 | ] 50 | -------------------------------------------------------------------------------- /bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | # Core bundle labels. 4 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 5 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 6 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 7 | LABEL operators.operatorframework.io.bundle.package.v1=ibm-odlm 8 | LABEL operators.operatorframework.io.bundle.channels.v1=v4.5 9 | LABEL operators.operatorframework.io.bundle.channel.default.v1=v4.5 10 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.32.0 11 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 12 | LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 13 | 14 | # Labels for testing. 15 | LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 16 | LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ 17 | 18 | # Copy files to locations specified by labels. 19 | COPY bundle/manifests /manifests/ 20 | COPY bundle/metadata /metadata/ 21 | COPY bundle/tests/scorecard /tests/scorecard/ 22 | -------------------------------------------------------------------------------- /bundle/metadata/annotations.yaml: -------------------------------------------------------------------------------- 1 | annotations: 2 | # Core bundle annotations. 3 | operators.operatorframework.io.bundle.mediatype.v1: registry+v1 4 | operators.operatorframework.io.bundle.manifests.v1: manifests/ 5 | operators.operatorframework.io.bundle.metadata.v1: metadata/ 6 | operators.operatorframework.io.bundle.package.v1: ibm-odlm 7 | operators.operatorframework.io.bundle.channels.v1: v4.5 8 | operators.operatorframework.io.bundle.channel.default.v1: v4.5 9 | operators.operatorframework.io.metrics.builder: operator-sdk-v1.32.0 10 | operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 11 | operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 12 | # Annotations for testing. 13 | operators.operatorframework.io.test.mediatype.v1: scorecard+v1 14 | operators.operatorframework.io.test.config.v1: tests/scorecard/ 15 | # OpenShift annotations. 16 | com.redhat.openshift.versions: v4.12-v4.17 17 | -------------------------------------------------------------------------------- /bundle/tests/scorecard/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: 8 | - entrypoint: 9 | - scorecard-test 10 | - basic-check-spec 11 | image: quay.io/operator-framework/scorecard-test:master 12 | labels: 13 | suite: basic 14 | test: basic-check-spec-test 15 | storage: 16 | spec: 17 | mountPath: {} 18 | - entrypoint: 19 | - scorecard-test 20 | - olm-bundle-validation 21 | image: quay.io/operator-framework/scorecard-test:master 22 | labels: 23 | suite: olm 24 | test: olm-bundle-validation-test 25 | storage: 26 | spec: 27 | mountPath: {} 28 | - entrypoint: 29 | - scorecard-test 30 | - olm-crds-have-validation 31 | image: quay.io/operator-framework/scorecard-test:master 32 | labels: 33 | suite: olm 34 | test: olm-crds-have-validation-test 35 | storage: 36 | spec: 37 | mountPath: {} 38 | - entrypoint: 39 | - scorecard-test 40 | - olm-spec-descriptors 41 | image: quay.io/operator-framework/scorecard-test:master 42 | labels: 43 | suite: olm 44 | test: olm-spec-descriptors-test 45 | storage: 46 | spec: 47 | mountPath: {} 48 | storage: 49 | spec: 50 | mountPath: {} 51 | -------------------------------------------------------------------------------- /common/Makefile.common.mk: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | ############################################################ 19 | # GKE section 20 | ############################################################ 21 | PROJECT ?= oceanic-guard-191815 22 | ZONE ?= us-east5-c 23 | CLUSTER ?= bedrock-prow 24 | NAMESPACESCOPE_VERSION = 1.17.3 25 | OLM_API_VERSION = 0.3.8 26 | 27 | activate-serviceaccount: 28 | ifdef GOOGLE_APPLICATION_CREDENTIALS 29 | gcloud auth activate-service-account --key-file="$(GOOGLE_APPLICATION_CREDENTIALS)" || true 30 | endif 31 | 32 | get-cluster-credentials: activate-serviceaccount 33 | mkdir -p ~/.kube; cp -v /etc/kubeconfig/config ~/.kube; kubectl config use-context default; kubectl get nodes; echo going forward retiring google cloud 34 | 35 | ifdef GOOGLE_APPLICATION_CREDENTIALS 36 | gcloud container clusters get-credentials "$(CLUSTER)" --project="$(PROJECT)" --zone="$(ZONE)" || true 37 | endif 38 | 39 | config-docker: get-cluster-credentials 40 | @common/scripts/artifactory_config_docker.sh 41 | 42 | # find or download operator-sdk 43 | # download operator-sdk if necessary 44 | operator-sdk: 45 | ifeq (, $(OPERATOR_SDK)) 46 | @./common/scripts/install-operator-sdk.sh 47 | OPERATOR_SDK=/usr/local/bin/operator-sdk 48 | endif 49 | 50 | # find or download kubebuilder 51 | # download kubebuilder if necessary 52 | kube-builder: 53 | ifeq (, $(wildcard /usr/local/kubebuilder)) 54 | @./common/scripts/install-kubebuilder.sh 55 | endif 56 | 57 | # find or download opm 58 | # download opm if necessary 59 | opm: 60 | ifeq (,$(OPM)) 61 | @./common/scripts/install-opm.sh 62 | endif 63 | 64 | fetch-test-crds: 65 | @{ \ 66 | curl -L -O "https://github.com/operator-framework/api/archive/v${OLM_API_VERSION}.tar.gz" ;\ 67 | tar -zxf v${OLM_API_VERSION}.tar.gz api-${OLM_API_VERSION}/crds && mv api-${OLM_API_VERSION}/crds/* ${ENVCRDS_DIR} ;\ 68 | rm -rf api-${OLM_API_VERSION} v${OLM_API_VERSION}.tar.gz ;\ 69 | } 70 | @{ \ 71 | curl -L -O "https://github.com/mongodb/mongodb-atlas-kubernetes/archive/refs/tags/v1.7.3.tar.gz" ;\ 72 | tar -zxf v1.7.3.tar.gz mongodb-atlas-kubernetes-1.7.3/deploy/crds && mv mongodb-atlas-kubernetes-1.7.3/deploy/crds/* ${ENVCRDS_DIR} ;\ 73 | rm -rf mongodb-atlas-kubernetes-1.7.3 v1.7.3.tar.gz ;\ 74 | } 75 | @{ \ 76 | curl -L -O "https://github.com/jaegertracing/jaeger-operator/archive/refs/tags/v1.36.0.tar.gz" ;\ 77 | tar -zxf v1.36.0.tar.gz jaeger-operator-1.36.0/bundle/manifests && mv jaeger-operator-1.36.0/bundle/manifests/jaegertracing.io_jaegers.yaml ${ENVCRDS_DIR}/jaegertracing.io_jaegers.yaml ;\ 78 | rm -rf jaeger-operator-1.36.0 v1.36.0.tar.gz ;\ 79 | } 80 | @{ \ 81 | curl -L -O "https://github.com/IBM/ibm-namespace-scope-operator/archive/v${NAMESPACESCOPE_VERSION}.tar.gz" ;\ 82 | tar -zxf v${NAMESPACESCOPE_VERSION}.tar.gz ibm-namespace-scope-operator-${NAMESPACESCOPE_VERSION}/bundle/manifests && mv ibm-namespace-scope-operator-${NAMESPACESCOPE_VERSION}/bundle/manifests/operator.ibm.com_namespacescopes.yaml ${ENVCRDS_DIR}/operator.ibm.com_namespacescopes.yaml ;\ 83 | rm -rf ibm-namespace-scope-operator-${NAMESPACESCOPE_VERSION} v${NAMESPACESCOPE_VERSION}.tar.gz ;\ 84 | } 85 | @{ \ 86 | cp ./controllers/testutil/packagemanifests_crd.yaml ${ENVCRDS_DIR}/packagemanifests_crd.yaml ;\ 87 | } 88 | 89 | 90 | CONTROLLER_GEN ?= $(shell pwd)/common/bin/controller-gen 91 | controller-gen: ## Download controller-gen locally if necessary. 92 | $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0) 93 | 94 | KIND ?= $(shell pwd)/common/bin/kind 95 | kind: ## Download kind locally if necessary. 96 | $(call go-get-tool,$(KIND),sigs.k8s.io/kind@v0.17.0) 97 | 98 | ENVTEST = $(shell pwd)/common/bin/setup-envtest 99 | setup-envtest: ## Download envtest-setup locally if necessary. 100 | $(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@7b4325d5a38dff0c7eb9a939d079950eafcc4f7e) 101 | 102 | FINDFILES=find . \( -path ./.git -o -path ./.github -o -path ./testcrds \) -prune -o -type f 103 | XARGS = xargs -0 ${XARGS_FLAGS} 104 | CLEANXARGS = xargs ${XARGS_FLAGS} 105 | 106 | lint-copyright-banner: 107 | @${FINDFILES} \( -name '*.go' -o -name '*.cc' -o -name '*.h' -o -name '*.proto' -o -name '*.py' -o -name '*.sh' \) \( ! \( -name '*.gen.go' -o -name '*.pb.go' -o -name '*_pb2.py' \) \) -print0 |\ 108 | ${XARGS} common/scripts/lint_copyright_banner.sh 109 | 110 | lint-go: 111 | @${FINDFILES} -name '*.go' \( ! \( -name '*.gen.go' -o -name '*.pb.go' \) \) -print0 | ${XARGS} common/scripts/lint_go.sh 112 | 113 | lint-all: lint-copyright-banner lint-go 114 | 115 | # Run go vet for this project. More info: https://golang.org/cmd/vet/ 116 | code-vet: 117 | @echo go vet 118 | go vet $$(go list ./...) 119 | 120 | # Run go fmt for this project 121 | code-fmt: 122 | @echo go fmt 123 | go fmt $$(go list ./...) 124 | 125 | # Run go mod tidy to update dependencies 126 | code-tidy: 127 | @echo go mod tidy 128 | go mod tidy -v 129 | 130 | # go-get-tool will 'go get' any package $2 and install it to $1. 131 | PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) 132 | define go-get-tool 133 | @[ -f $(1) ] || { \ 134 | set -e ;\ 135 | TMP_DIR=$$(mktemp -d) ;\ 136 | cd $$TMP_DIR ;\ 137 | go mod init tmp ;\ 138 | echo "Downloading $(2)" ;\ 139 | unset GOSUMDB ;\ 140 | go env -w GOSUMDB=off ;\ 141 | GOBIN=$(PROJECT_DIR)/bin go install $(2) ;\ 142 | rm -rf $$TMP_DIR ;\ 143 | } 144 | endef 145 | 146 | .PHONY: code-vet code-fmt code-tidy code-gen lint-copyright-banner lint-go lint-all config-docker operator-sdk kube-builder opm setup-envtest controller-gen fetch-test-crds kustomize kind 147 | -------------------------------------------------------------------------------- /common/config/kind-config.yaml: -------------------------------------------------------------------------------- 1 | kind: Cluster 2 | apiVersion: kind.x-k8s.io/v1alpha4 3 | nodes: 4 | - role: control-plane 5 | - role: worker 6 | -------------------------------------------------------------------------------- /common/manifest.yaml: -------------------------------------------------------------------------------- 1 | image: __IMAGE_REPO__/__IMAGE_NAME__:__RELEASE_TAG__ 2 | manifests: 3 | - image: __IMAGE_REPO__/__IMAGE_NAME__-amd64:__RELEASE_TAG__ 4 | platform: 5 | architecture: amd64 6 | os: linux 7 | - image: __IMAGE_REPO__/__IMAGE_NAME__-ppc64le:__RELEASE_TAG__ 8 | platform: 9 | architecture: ppc64le 10 | os: linux 11 | - image: __IMAGE_REPO__/__IMAGE_NAME__-s390x:__RELEASE_TAG__ 12 | platform: 13 | architecture: s390x 14 | os: linux 15 | -------------------------------------------------------------------------------- /common/scripts/.githooks/make_lint-all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | # Launches fmt and lint checks 19 | make lint-all 20 | -------------------------------------------------------------------------------- /common/scripts/.githooks/pre-commit: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2021 The Kubernetes Authors. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # This hook is called with the following parameters: 18 | # 19 | # $1 -- Name of the remote to which the push is being done 20 | # $2 -- URL to which the push is being done 21 | # 22 | # If pushing without using a named remote those arguments will be equal. 23 | # 24 | # Information about the commits which are being pushed is supplied as lines to 25 | # the standard input in the form: 26 | # 27 | # 28 | # 29 | 30 | remote="$1" 31 | url="$2" 32 | 33 | .git/hooks/make_lint-all.sh 34 | 35 | exit $? 36 | -------------------------------------------------------------------------------- /common/scripts/artifactory_config_docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | KUBECTL=$(which kubectl) 19 | DOCKER_REGISTRY="docker-na-public.artifactory.swg-devops.com/hyc-cloud-private-integration-docker-local" 20 | DOCKER_EDGE_REGISTRY="docker-na-public.artifactory.swg-devops.com/hyc-cloud-private-edge-docker-local" 21 | DOCKER_USERNAME=$(${KUBECTL} -n default get secret artifactory-cred -o jsonpath='{.data.username}' | base64 --decode) 22 | DOCKER_PASSWORD=$(${KUBECTL} -n default get secret artifactory-cred -o jsonpath='{.data.password}' | base64 --decode) 23 | 24 | # support other container tools, e.g. podman 25 | CONTAINER_CLI=${CONTAINER_CLI:-docker} 26 | 27 | # login the docker registry 28 | ${CONTAINER_CLI} login "${DOCKER_REGISTRY}" -u "${DOCKER_USERNAME}" -p "${DOCKER_PASSWORD}" 29 | ${CONTAINER_CLI} login "${DOCKER_EDGE_REGISTRY}" -u "${DOCKER_USERNAME}" -p "${DOCKER_PASSWORD}" 30 | -------------------------------------------------------------------------------- /common/scripts/create_bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http:#www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | 17 | # create zip file containing the bundle to submit for Red Hat certification 18 | # the bundle consists of package.yaml, clusterserviceversion.yaml, crd.yaml 19 | # run as 'scripts/create-bundle.sh' 20 | 21 | if [ -d "./bundle" ] 22 | then 23 | echo "cleanup bundle directory" 24 | rm bundle/*.yaml 25 | rm bundle/*.zip 26 | else 27 | echo "create bundle directory" 28 | mkdir bundle 29 | fi 30 | 31 | cp -p deploy/olm-catalog/operand-deployment-lifecycle-manager/operand-deployment-lifecycle-manager.package.yaml bundle/ 32 | cp -p deploy/olm-catalog/operand-deployment-lifecycle-manager/"$1"/*.yaml bundle/ 33 | 34 | cd bundle || exit 35 | zip operand-deployment-lifecycle-manager ./*.yaml 36 | -------------------------------------------------------------------------------- /common/scripts/gobuild.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | # This script builds and version stamps the output 19 | 20 | VERBOSE=${VERBOSE:-"0"} 21 | V="" 22 | if [[ "${VERBOSE}" == "1" ]];then 23 | V="-x" 24 | set -x 25 | fi 26 | 27 | OUT=${1:?"output path"} 28 | shift 29 | 30 | set -e 31 | 32 | BUILD_GOOS=${GOOS:-linux} 33 | BUILD_GOARCH=${GOARCH:-amd64} 34 | GOBINARY=${GOBINARY:-go} 35 | BUILDINFO=${BUILDINFO:-""} 36 | STATIC=${STATIC:-1} 37 | GOBUILDFLAGS=${GOBUILDFLAGS:-} 38 | GCFLAGS=${GCFLAGS:-} 39 | LDFLAGS=${LDFLAGS:-"-extldflags -static"} 40 | # Split GOBUILDFLAGS by spaces into an array called GOBUILDFLAGS_ARRAY. 41 | IFS=' ' read -r -a GOBUILDFLAGS_ARRAY <<< "$GOBUILDFLAGS" 42 | 43 | export CGO_ENABLED=0 44 | 45 | if [[ "${STATIC}" != "1" ]];then 46 | LDFLAGS="" 47 | fi 48 | 49 | time GOOS=${BUILD_GOOS} GOARCH=${BUILD_GOARCH} ${GOBINARY} build \ 50 | ${V} "${GOBUILDFLAGS_ARRAY[@]}" ${GCFLAGS:+-gcflags "${GCFLAGS}"} \ 51 | -o "${OUT}" \ 52 | -ldflags "${LDFLAGS}" "${@}" 53 | -------------------------------------------------------------------------------- /common/scripts/install-kubebuilder.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | echo ">>> Installing kubebuilder" 19 | version=2.3.1 # latest stable version 20 | arch=$(uname -m | sed 's/x86_64/amd64/') 21 | local_os=$(uname) 22 | if [[ $local_os == "Linux" ]]; then 23 | target_os="linux" 24 | elif [[ $local_os == "Darwin" ]]; then 25 | target_os="darwin" 26 | else 27 | echo "This system's OS $local_os isn't recognized/supported" 28 | fi 29 | 30 | # download the release 31 | curl -L "https://github.com/kubernetes-sigs/kubebuilder/releases/download/v${version}/kubebuilder_${version}_${target_os}_${arch}.tar.gz" -o /tmp/kubebuilder_${version}_${target_os}_${arch}.tar.gz 32 | 33 | # extract the archive 34 | tar -zxvf /tmp/kubebuilder_${version}_${target_os}_${arch}.tar.gz -C /tmp 35 | mv /tmp/kubebuilder_${version}_${target_os}_${arch} /tmp/kubebuilder && sudo mv /tmp/kubebuilder /usr/local/ 36 | 37 | # update your PATH to include /usr/local/kubebuilder/bin 38 | export PATH=$PATH:/usr/local/kubebuilder/bin 39 | -------------------------------------------------------------------------------- /common/scripts/install-olm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | # This script is for installing OLM from a GitHub release 19 | 20 | set -e 21 | 22 | default_base_url=https://github.com/operator-framework/operator-lifecycle-manager/releases/download 23 | 24 | if [[ ${#@} -lt 1 || ${#@} -gt 2 ]]; then 25 | echo "Usage: $0 version [base_url]" 26 | echo "* version: the github release version" 27 | echo "* base_url: the github base URL (Default: $default_base_url)" 28 | exit 1 29 | fi 30 | 31 | if kubectl get deployment olm-operator -n openshift-operator-lifecycle-manager > /dev/null 2>&1; then 32 | echo "OLM is already installed in a different configuration. This is common if you are not running a vanilla Kubernetes cluster. Exiting..." 33 | exit 1 34 | fi 35 | 36 | release="$1" 37 | base_url="${2:-${default_base_url}}" 38 | url="${base_url}/${release}" 39 | namespace=olm 40 | 41 | if kubectl get deployment olm-operator -n ${namespace} > /dev/null 2>&1; then 42 | echo "OLM is already installed in ${namespace} namespace. Exiting..." 43 | exit 1 44 | fi 45 | 46 | kubectl create -f "${url}/crds.yaml" 47 | kubectl wait --for=condition=Established -f "${url}/crds.yaml" 48 | kubectl create -f "${url}/olm.yaml" 49 | 50 | # wait for deployments to be ready 51 | kubectl rollout status -w deployment/olm-operator --namespace="${namespace}" 52 | kubectl rollout status -w deployment/catalog-operator --namespace="${namespace}" 53 | 54 | retries=30 55 | until [[ $retries == 0 ]]; do 56 | new_csv_phase=$(kubectl get csv -n "${namespace}" packageserver -o jsonpath='{.status.phase}' 2>/dev/null || echo "Waiting for CSV to appear") 57 | if [[ $new_csv_phase != "$csv_phase" ]]; then 58 | csv_phase=$new_csv_phase 59 | echo "Package server phase: $csv_phase" 60 | fi 61 | if [[ "$new_csv_phase" == "Succeeded" ]]; then 62 | break 63 | fi 64 | sleep 10 65 | retries=$((retries - 1)) 66 | done 67 | 68 | if [ $retries == 0 ]; then 69 | echo "CSV \"packageserver\" failed to reach phase succeeded" 70 | exit 1 71 | fi 72 | 73 | kubectl rollout status -w deployment/packageserver --namespace="${namespace}" 74 | -------------------------------------------------------------------------------- /common/scripts/install-operator-sdk.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | echo ">>> Installing Operator SDK" 19 | 20 | arch=$(uname -m) 21 | local_os=$(uname) 22 | if [[ $local_os == "Linux" ]]; then 23 | target_os="linux-gnu" 24 | elif [[ $local_os == "Darwin" ]]; then 25 | target_os="apple-darwin" 26 | else 27 | echo "This system's OS $local_os isn't recognized/supported" 28 | fi 29 | 30 | # Use version 0.19.2 31 | RELEASE_VERSION=v0.19.2 32 | # Download binary 33 | curl -LO https://github.com/operator-framework/operator-sdk/releases/download/${RELEASE_VERSION}/operator-sdk-${RELEASE_VERSION}-${arch}-${target_os} 34 | # Install binary 35 | chmod +x operator-sdk-${RELEASE_VERSION}-${arch}-${target_os} && mkdir -p /usr/local/bin/ && cp operator-sdk-${RELEASE_VERSION}-${arch}-${target_os} /usr/local/bin/operator-sdk && rm operator-sdk-${RELEASE_VERSION}-${arch}-${target_os} -------------------------------------------------------------------------------- /common/scripts/install-opm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | echo ">>> Installing opm" 19 | version=v1.14.0 # latest stable version 20 | arch=$(uname -m | sed 's/x86_64/amd64/') 21 | local_os=$(uname) 22 | if [[ $local_os == "Linux" ]]; then 23 | target_os="linux" 24 | elif [[ $local_os == "Darwin" ]]; then 25 | target_os="darwin" 26 | else 27 | echo "This system's OS $local_os isn't recognized/supported" 28 | fi 29 | 30 | # download the release 31 | curl -L https://github.com/operator-framework/operator-registry/releases/download/${version}/linux-${target_os}-${arch} -o opm 32 | 33 | # move opm to /usr/local/opm 34 | chmod +x opm 35 | sudo mv opm /usr/local/ 36 | 37 | export PATH=$PATH:/usr/local/opm 38 | -------------------------------------------------------------------------------- /common/scripts/lint_copyright_banner.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | set -e 19 | 20 | ec=0 21 | for fn in "$@"; do 22 | if ! grep -L -q -e "Apache License, Version 2" "${fn}"; then 23 | echo "Missing license: ${fn}" 24 | ec=1 25 | fi 26 | 27 | if ! grep -L -q -e "Copyright" "${fn}"; then 28 | echo "Missing copyright: ${fn}" 29 | ec=1 30 | fi 31 | done 32 | 33 | exit $ec 34 | -------------------------------------------------------------------------------- /common/scripts/lint_go.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | GOGC=25 golangci-lint run -c ./common/config/.golangci.yml --timeout=600s 19 | -------------------------------------------------------------------------------- /common/scripts/multiarch_image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | # This script build and push multiarch(amd64, ppc64le and s390x) image for the one specified by 19 | # IMAGE_REPO, IMAGE_NAME and VERSION. 20 | # It assumes the specified image for each platform is already pushed into corresponding docker registry. 21 | 22 | ALL_PLATFORMS="amd64 ppc64le s390x" 23 | 24 | IMAGE_REPO=${1} 25 | IMAGE_NAME=${2} 26 | VERSION=${3-"$(git describe --exact-match 2> /dev/null || git describe --match=$(git rev-parse --short=8 HEAD) --always --dirty --abbrev=8)"} 27 | RELEASE_VERSION=${4} 28 | MAX_PULLING_RETRY=${MAX_PULLING_RETRY-10} 29 | RETRY_INTERVAL=${RETRY_INTERVAL-10} 30 | # support other container tools, e.g. podman 31 | CONTAINER_CLI=${CONTAINER_CLI:-docker} 32 | 33 | # Loop until the image for each single platform is ready in the docker registry. 34 | # TODO: remove this if prow job support dependency. 35 | for arch in ${ALL_PLATFORMS} 36 | do 37 | for i in $(seq 1 "${MAX_PULLING_RETRY}") 38 | do 39 | echo "Checking image '${IMAGE_REPO}'/'${IMAGE_NAME}'-'${arch}':'${VERSION}'..." 40 | ${CONTAINER_CLI} manifest inspect "${IMAGE_REPO}"/"${IMAGE_NAME}"-"${arch}":"${VERSION}" && break 41 | sleep "${RETRY_INTERVAL}" 42 | if [ "${i}" -eq "${MAX_PULLING_RETRY}" ]; then 43 | echo "Failed to found image '${IMAGE_REPO}'/'${IMAGE_NAME}'-'${arch}':'${VERSION}'!!!" 44 | exit 1 45 | fi 46 | done 47 | done 48 | 49 | # create multi-arch manifest 50 | echo "Creating the multi-arch image manifest for ${IMAGE_REPO}/${IMAGE_NAME}:${RELEASE_VERSION}..." 51 | ${CONTAINER_CLI} manifest create "${IMAGE_REPO}"/"${IMAGE_NAME}":"${RELEASE_VERSION}" \ 52 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-amd64:"${VERSION}" \ 53 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-ppc64le:"${VERSION}" \ 54 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-s390x:"${VERSION}" 55 | echo "Creating the multi-arch image manifest for ${IMAGE_REPO}/${IMAGE_NAME}:latest..." 56 | ${CONTAINER_CLI} manifest create "${IMAGE_REPO}"/"${IMAGE_NAME}":latest \ 57 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-amd64:"${VERSION}" \ 58 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-ppc64le:"${VERSION}" \ 59 | "${IMAGE_REPO}"/"${IMAGE_NAME}"-s390x:"${VERSION}" 60 | 61 | # push multi-arch manifest 62 | echo "Pushing the multi-arch image manifest for ${IMAGE_REPO}/${IMAGE_NAME}:${RELEASE_VERSION}..." 63 | ${CONTAINER_CLI} manifest push "${IMAGE_REPO}"/"${IMAGE_NAME}":"${RELEASE_VERSION}" 64 | echo "Pushing the multi-arch image manifest for ${IMAGE_REPO}/${IMAGE_NAME}:latest..." 65 | ${CONTAINER_CLI} manifest push "${IMAGE_REPO}"/"${IMAGE_NAME}":latest 66 | -------------------------------------------------------------------------------- /common/scripts/next-csv.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # 4 | # Copyright 2022 IBM Corporation 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); 7 | # you may not use this file except in compliance with the License. 8 | # You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | 19 | # This script needs to inputs 20 | # The CSV version that is currently in dev 21 | 22 | CURRENT_DEV_CSV=$1 23 | NEW_DEV_CSV=$2 24 | PREVIOUS_DEV_CSV=$3 25 | 26 | if [[ "$OSTYPE" == "linux-gnu"* ]]; then 27 | # Linux OS 28 | # Update bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 29 | sed -i "/olm.skipRange/s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 30 | sed -i "s/operand-deployment-lifecycle-manager.v$CURRENT_DEV_CSV/operand-deployment-lifecycle-manager.v$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 31 | sed -i "s/odlm:$CURRENT_DEV_CSV/odlm:$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 32 | sed -i "s/version: $CURRENT_DEV_CSV/version: $NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 33 | sed -i "s/$PREVIOUS_DEV_CSV/$CURRENT_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 34 | echo "Updated the bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml" 35 | 36 | # Update config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 37 | sed -i "/olm.skipRange/s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 38 | sed -i "s/odlm:$CURRENT_DEV_CSV/odlm:$NEW_DEV_CSV/g" config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 39 | echo "Updated the config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml" 40 | 41 | sed -i "s/OPERATOR_VERSION ?= $CURRENT_DEV_CSV/OPERATOR_VERSION ?= $NEW_DEV_CSV/g" Makefile 42 | echo "Updated the Makefile" 43 | sed -i "s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" version/version.go 44 | echo "Updated the version/version.go" 45 | 46 | elif [[ "$OSTYPE" == "darwin"* ]]; then 47 | # Mac OSX 48 | # Update bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 49 | sed -i "" "/olm.skipRange/s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 50 | sed -i "" "s/operand-deployment-lifecycle-manager.v$CURRENT_DEV_CSV/operand-deployment-lifecycle-manager.v$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 51 | sed -i "" "s/odlm:$CURRENT_DEV_CSV/odlm:$NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 52 | sed -i "" "s/version: $CURRENT_DEV_CSV/version: $NEW_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 53 | sed -i "" "s/$PREVIOUS_DEV_CSV/$CURRENT_DEV_CSV/g" bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 54 | echo "Updated the bundle/manifests/operand-deployment-lifecycle-manager.clusterserviceversion.yaml" 55 | 56 | # Update config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 57 | sed -i "" "/olm.skipRange/s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 58 | sed -i "" "s/odlm:$CURRENT_DEV_CSV/odlm:$NEW_DEV_CSV/g" config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml 59 | echo "Updated the config/manifests/bases/operand-deployment-lifecycle-manager.clusterserviceversion.yaml" 60 | 61 | sed -i "" "s/OPERATOR_VERSION ?= $CURRENT_DEV_CSV/OPERATOR_VERSION ?= $NEW_DEV_CSV/g" Makefile 62 | echo "Updated the Makefile" 63 | sed -i "" "s/$CURRENT_DEV_CSV/$NEW_DEV_CSV/g" version/version.go 64 | echo "Updated the version/version.go" 65 | 66 | else 67 | echo "Not support on other operating system" 68 | fi 69 | 70 | make generate-all -------------------------------------------------------------------------------- /common/scripts/push-csv.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright 2022 IBM Corporation 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, software 12 | # distributed under the License is distributed on an "AS IS" BASIS, 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | # See the License for the specific language governing permissions and 15 | # limitations under the License. 16 | # 17 | 18 | set -e 19 | QUAY_NAMESPACE=${QUAY_NAMESPACE:-opencloudio} 20 | QUAY_REPOSITORY=${QUAY_REPOSITORY:-ibm-odlm} 21 | BUNDLE_DIR=${BUNDLE_DIR:-deploy/olm-catalog/operand-deployment-lifecycle-manager} 22 | 23 | [[ "X$QUAY_USERNAME" == "X" ]] && read -rp "Enter username quay.io: " QUAY_USERNAME 24 | [[ "X$QUAY_PASSWORD" == "X" ]] && read -rsp "Enter password quay.io: " QUAY_PASSWORD && echo 25 | [[ "X$RELEASE" == "X" ]] && read -rp "Enter Version/Release of operator: " RELEASE 26 | 27 | # Fetch authentication token used to push to Quay.io 28 | AUTH_TOKEN=$(curl -sH "Content-Type: application/json" -XPOST https://quay.io/cnr/api/v1/users/login -d ' 29 | { 30 | "user": { 31 | "username": "'"${QUAY_USERNAME}"'", 32 | "password": "'"${QUAY_PASSWORD}"'" 33 | } 34 | }' | awk -F'"' '{print $4}') 35 | 36 | function cleanup() { 37 | rm -f bundle.tar.gz 38 | } 39 | trap cleanup EXIT 40 | 41 | tar czf bundle.tar.gz "${BUNDLE_DIR}" 42 | 43 | if [[ "${OSTYPE}" == "darwin"* ]]; then 44 | BLOB=$(base64 -b0 < bundle.tar.gz) 45 | else 46 | BLOB=$(base64 -w0 < bundle.tar.gz) 47 | fi 48 | 49 | # Push application to repository 50 | function push_csv() { 51 | echo "Push package ${QUAY_REPOSITORY} into namespace ${QUAY_NAMESPACE}" 52 | curl -H "Content-Type: application/json" \ 53 | -H "Authorization: ${AUTH_TOKEN}" \ 54 | -XPOST https://quay.io/cnr/api/v1/packages/"${QUAY_NAMESPACE}"/"${QUAY_REPOSITORY}" -d ' 55 | { 56 | "blob": "'"${BLOB}"'", 57 | "release": "'"${RELEASE}"'", 58 | "media_type": "helm" 59 | }' 60 | } 61 | 62 | # Delete application release in repository 63 | function delete_csv() { 64 | echo "Delete release ${RELEASE} of package ${QUAY_REPOSITORY} from namespace ${QUAY_NAMESPACE}" 65 | curl -H "Content-Type: application/json" \ 66 | -H "Authorization: ${AUTH_TOKEN}" \ 67 | -XDELETE https://quay.io/cnr/api/v1/packages/"${QUAY_NAMESPACE}"/"${QUAY_REPOSITORY}"/"${RELEASE}"/helm 68 | } 69 | 70 | #-------------------------------------- Main --------------------------------------# 71 | delete_csv 72 | push_csv 73 | -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | # WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for 4 | # breaking changes 5 | apiVersion: cert-manager.io/v1alpha2 6 | kind: Issuer 7 | metadata: 8 | name: selfsigned-issuer 9 | namespace: system 10 | spec: 11 | selfSigned: {} 12 | --- 13 | apiVersion: cert-manager.io/v1alpha2 14 | kind: Certificate 15 | metadata: 16 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 17 | namespace: system 18 | spec: 19 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 20 | dnsNames: 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 22 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 23 | issuerRef: 24 | kind: Issuer 25 | name: selfsigned-issuer 26 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize 27 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/operator.ibm.com_operandrequests.yaml 6 | - bases/operator.ibm.com_operandconfigs.yaml 7 | - bases/operator.ibm.com_operandbindinfos.yaml 8 | - bases/operator.ibm.com_operandregistries.yaml 9 | - bases/operator.ibm.com_operatorconfigs.yaml 10 | # +kubebuilder:scaffold:crdkustomizeresource 11 | 12 | patchesStrategicMerge: 13 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 14 | # patches here are for enabling the conversion webhook for each CRD 15 | #- patches/webhook_in_operandrequests.yaml 16 | #- patches/webhook_in_operandconfigs.yaml 17 | #- patches/webhook_in_operandbindinfoes.yaml 18 | #- patches/webhook_in_operandregistries.yaml 19 | #- patches/webhook_in_operatorconfigs.yaml 20 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 21 | 22 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 23 | # patches here are for enabling the CA injection for each CRD 24 | #- patches/cainjection_in_operandrequests.yaml 25 | #- patches/cainjection_in_operandconfigs.yaml 26 | #- patches/cainjection_in_operandbindinfoes.yaml 27 | #- patches/cainjection_in_operandregistries.yaml 28 | #- patches/cainjection_in_operatorconfigs.yaml 29 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 30 | 31 | # patches here are for adding labels for each CRD 32 | - patches/label_in_operandrequests.yaml 33 | - patches/label_in_operandconfigs.yaml 34 | - patches/label_in_operandbindinfos.yaml 35 | - patches/label_in_operandregistries.yaml 36 | - patches/label_in_operatorconfigs.yaml 37 | #- patches/cainjection_in_operatorconfigs.yaml 38 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 39 | 40 | # the following config is for teaching kustomize how to do kustomization for CRDs. 41 | configurations: 42 | - kustomizeconfig.yaml 43 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/crd/patches/label_in_operandbindinfos.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: operandbindinfos.operator.ibm.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/label_in_operandconfigs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: operandconfigs.operator.ibm.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/label_in_operandregistries.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: operandregistries.operator.ibm.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/label_in_operandrequests.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: operandrequests.operator.ibm.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/label_in_operatorconfigs.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | apiVersion: apiextensions.k8s.io/v1 3 | kind: CustomResourceDefinition 4 | metadata: 5 | labels: 6 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 8 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 9 | name: operatorconfigs.operator.ibm.com 10 | -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | # namespace: system 3 | 4 | # Value of this field is prepended to the 5 | # names of all resources, e.g. a deployment named 6 | # "wordpress" becomes "alices-wordpress". 7 | # Note that it should also match with the prefix (text before '-') of the namespace 8 | # field above. 9 | # namePrefix: operand-deployment-lifecycle-manager- 10 | 11 | # Labels to add to all resources and selectors. 12 | #commonLabels: 13 | # someName: someValue 14 | 15 | bases: 16 | - ../crd 17 | - ../rbac 18 | - ../manager 19 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 20 | # crd/kustomization.yaml 21 | #- ../webhook 22 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. 23 | #- ../certmanager 24 | # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 25 | #- ../prometheus 26 | 27 | patchesStrategicMerge: 28 | # Protect the /metrics endpoint by putting it behind auth. 29 | # If you want your controller-manager to expose the /metrics 30 | # endpoint w/o any authn/z, please comment the following line. 31 | # - manager_auth_proxy_patch.yaml 32 | 33 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 34 | # crd/kustomization.yaml 35 | #- manager_webhook_patch.yaml 36 | 37 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 38 | # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. 39 | # 'CERTMANAGER' needs to be enabled to use ca injection 40 | #- webhookcainjection_patch.yaml 41 | 42 | # the following config is for teaching kustomize how to do var substitution 43 | vars: 44 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. 45 | #- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR 46 | # objref: 47 | # kind: Certificate 48 | # group: cert-manager.io 49 | # version: v1alpha2 50 | # name: serving-cert # this name should match the one in certificate.yaml 51 | # fieldref: 52 | # fieldpath: metadata.namespace 53 | #- name: CERTIFICATE_NAME 54 | # objref: 55 | # kind: Certificate 56 | # group: cert-manager.io 57 | # version: v1alpha2 58 | # name: serving-cert # this name should match the one in certificate.yaml 59 | #- name: SERVICE_NAMESPACE # namespace of the service 60 | # objref: 61 | # kind: Service 62 | # version: v1 63 | # name: webhook-service 64 | # fieldref: 65 | # fieldpath: metadata.namespace 66 | #- name: SERVICE_NAME 67 | # objref: 68 | # kind: Service 69 | # version: v1 70 | # name: webhook-service 71 | -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the 2 | # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 9443 13 | name: webhook-server 14 | protocol: TCP 15 | volumeMounts: 16 | - mountPath: /tmp/k8s-webhook-server/serving-certs 17 | name: cert 18 | readOnly: true 19 | volumes: 20 | - name: cert 21 | secret: 22 | defaultMode: 420 23 | secretName: webhook-server-cert 24 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1beta1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1beta1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/e2e/crd/bases/operator.ibm.com_namespacescopes.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | controller-gen.kubebuilder.io/version: v0.4.0 8 | creationTimestamp: null 9 | name: namespacescopes.operator.ibm.com 10 | spec: 11 | group: operator.ibm.com 12 | names: 13 | kind: NamespaceScope 14 | listKind: NamespaceScopeList 15 | plural: namespacescopes 16 | shortNames: 17 | - nss 18 | singular: namespacescope 19 | scope: Namespaced 20 | versions: 21 | - name: v1 22 | schema: 23 | openAPIV3Schema: 24 | description: NamespaceScope is the Schema for the namespacescopes API 25 | properties: 26 | apiVersion: 27 | description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 28 | type: string 29 | kind: 30 | description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 31 | type: string 32 | metadata: 33 | type: object 34 | spec: 35 | x-kubernetes-preserve-unknown-fields: true 36 | description: NamespaceScopeSpec defines the desired state of NamespaceScope 37 | properties: 38 | configmapName: 39 | description: ConfigMap name that will contain the list of namespaces to be watched 40 | type: string 41 | csvInjector: 42 | description: When CSVInjector is enabled, operator will inject the watch namespace list into operator csv. 43 | properties: 44 | enable: 45 | type: boolean 46 | required: 47 | - enable 48 | type: object 49 | manualManagement: 50 | description: Set the following to true to manually manage permissions for the NamespaceScope operator to extend control over other namespaces The operator may fail when trying to extend permissions to other namespaces, but the cluster administrator can correct this using the authorize-namespace command. 51 | type: boolean 52 | namespaceMembers: 53 | description: Namespaces that are part of this scope 54 | items: 55 | type: string 56 | type: array 57 | restartLabels: 58 | additionalProperties: 59 | type: string 60 | description: Restart pods with the following labels when the namespace list changes 61 | type: object 62 | serviceAccountMembers: 63 | description: ServiceAccountMembers are extra service accounts will be bond the roles from other namespaces 64 | items: 65 | type: string 66 | type: array 67 | type: object 68 | status: 69 | description: NamespaceScopeStatus defines the observed state of NamespaceScope 70 | properties: 71 | managedCSVList: 72 | items: 73 | type: string 74 | type: array 75 | patchedCSVList: 76 | items: 77 | type: string 78 | type: array 79 | validatedMembers: 80 | items: 81 | type: string 82 | type: array 83 | type: object 84 | type: object 85 | served: true 86 | storage: true 87 | subresources: 88 | status: {} 89 | status: 90 | acceptedNames: 91 | kind: "" 92 | plural: "" 93 | conditions: [] 94 | storedVersions: [] -------------------------------------------------------------------------------- /config/e2e/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/operator.ibm.com_operandrequests.yaml 6 | - bases/operator.ibm.com_operandconfigs.yaml 7 | - bases/operator.ibm.com_operandbindinfos.yaml 8 | - bases/operator.ibm.com_operandregistries.yaml 9 | - bases/operator.ibm.com_namespacescopes.yaml 10 | 11 | 12 | -------------------------------------------------------------------------------- /config/e2e/kustomization.yaml: -------------------------------------------------------------------------------- 1 | bases: 2 | - crd 3 | - rbac 4 | - manager 5 | -------------------------------------------------------------------------------- /config/e2e/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | images: 6 | - name: icr.io/cpopen/odlm 7 | newName: quay.io/opencloudio/odlm 8 | newTag: dev-test 9 | -------------------------------------------------------------------------------- /config/e2e/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: system 5 | --- 6 | apiVersion: apps/v1 7 | kind: Deployment 8 | metadata: 9 | labels: 10 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 11 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 12 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 13 | name: operand-deployment-lifecycle-manager 14 | namespace: system 15 | spec: 16 | selector: 17 | matchLabels: 18 | name: operand-deployment-lifecycle-manager 19 | replicas: 1 20 | template: 21 | metadata: 22 | labels: 23 | name: operand-deployment-lifecycle-manager 24 | app.kubernetes.io/instance: operand-deployment-lifecycle-manager 25 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 26 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 27 | intent: projected-odlm 28 | annotations: 29 | productName: "IBM Cloud Platform Common Services" 30 | productID: "068a62892a1e4db39641342e592daa25" 31 | productMetric: "FREE" 32 | spec: 33 | serviceAccountName: operand-deployment-lifecycle-manager 34 | affinity: 35 | nodeAffinity: 36 | requiredDuringSchedulingIgnoredDuringExecution: 37 | nodeSelectorTerms: 38 | - matchExpressions: 39 | - key: beta.kubernetes.io/arch 40 | operator: In 41 | values: 42 | - amd64 43 | - ppc64le 44 | - s390x 45 | containers: 46 | - command: 47 | - /manager 48 | args: 49 | - -v=2 50 | image: icr.io/cpopen/odlm:latest 51 | name: manager 52 | resources: 53 | limits: 54 | cpu: 500m 55 | memory: 512Mi 56 | requests: 57 | cpu: 200m 58 | memory: 200Mi 59 | securityContext: 60 | seccompProfile: 61 | type: RuntimeDefault 62 | allowPrivilegeEscalation: false 63 | capabilities: 64 | drop: 65 | - ALL 66 | privileged: false 67 | readOnlyRootFilesystem: true 68 | runAsNonRoot: true 69 | terminationGracePeriodSeconds: 10 70 | serviceAccount: operand-deployment-lifecycle-manager 71 | -------------------------------------------------------------------------------- /config/e2e/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - service_account.yaml 3 | - role.yaml 4 | - role_binding.yaml 5 | # - leader_election_role.yaml 6 | # - leader_election_role_binding.yaml 7 | # Comment the following 4 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | # - auth_proxy_service.yaml 11 | # - auth_proxy_role.yaml 12 | # - auth_proxy_role_binding.yaml 13 | # - auth_proxy_client_clusterrole.yaml 14 | -------------------------------------------------------------------------------- /config/e2e/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRole 5 | metadata: 6 | creationTimestamp: null 7 | name: operand-deployment-lifecycle-manager 8 | rules: 9 | - verbs: 10 | - '*' 11 | apiGroups: 12 | - '*' 13 | resources: 14 | - '*' 15 | -------------------------------------------------------------------------------- /config/e2e/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: operand-deployment-lifecycle-manager 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: operand-deployment-lifecycle-manager 9 | subjects: 10 | - kind: ServiceAccount 11 | name: operand-deployment-lifecycle-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/e2e/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "odlm" 8 | name: operand-deployment-lifecycle-manager 9 | namespace: system 10 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | images: 6 | - name: icr.io/cpopen/odlm 7 | newName: icr.io/cpopen/odlm 8 | newTag: 4.5.1 9 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: system 5 | --- 6 | apiVersion: apps/v1 7 | kind: Deployment 8 | metadata: 9 | labels: 10 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 11 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 12 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 13 | productName: IBM_Cloud_Platform_Common_Services 14 | name: operand-deployment-lifecycle-manager 15 | namespace: system 16 | spec: 17 | selector: 18 | matchLabels: 19 | name: operand-deployment-lifecycle-manager 20 | replicas: 1 21 | template: 22 | metadata: 23 | labels: 24 | name: operand-deployment-lifecycle-manager 25 | app.kubernetes.io/instance: operand-deployment-lifecycle-manager 26 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 27 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 28 | productName: IBM_Cloud_Platform_Common_Services 29 | intent: projected-odlm 30 | annotations: 31 | productName: "IBM Cloud Platform Common Services" 32 | productID: "068a62892a1e4db39641342e592daa25" 33 | productMetric: "FREE" 34 | spec: 35 | serviceAccountName: operand-deployment-lifecycle-manager 36 | affinity: 37 | nodeAffinity: 38 | requiredDuringSchedulingIgnoredDuringExecution: 39 | nodeSelectorTerms: 40 | - matchExpressions: 41 | - key: kubernetes.io/arch 42 | operator: In 43 | values: 44 | - amd64 45 | - ppc64le 46 | - s390x 47 | containers: 48 | - command: 49 | - /manager 50 | args: 51 | - -v=2 52 | env: 53 | - name: OPERATOR_NAMESPACE 54 | valueFrom: 55 | fieldRef: 56 | apiVersion: v1 57 | fieldPath: metadata.namespace 58 | - name: WATCH_NAMESPACE 59 | valueFrom: 60 | fieldRef: 61 | fieldPath: metadata.annotations['olm.targetNamespaces'] 62 | image: icr.io/cpopen/odlm:latest 63 | imagePullPolicy: IfNotPresent 64 | name: manager 65 | livenessProbe: 66 | httpGet: 67 | path: /readyz 68 | port: 8081 69 | initialDelaySeconds: 120 70 | timeoutSeconds: 10 71 | periodSeconds: 60 72 | failureThreshold: 10 73 | readinessProbe: 74 | httpGet: 75 | path: /healthz 76 | port: 8081 77 | initialDelaySeconds: 5 78 | timeoutSeconds: 3 79 | periodSeconds: 20 80 | failureThreshold: 10 81 | resources: 82 | limits: 83 | cpu: 500m 84 | memory: 512Mi 85 | requests: 86 | cpu: 200m 87 | memory: 200Mi 88 | ephemeral-storage: 256Mi 89 | securityContext: 90 | seccompProfile: 91 | type: RuntimeDefault 92 | allowPrivilegeEscalation: false 93 | capabilities: 94 | drop: 95 | - ALL 96 | privileged: false 97 | readOnlyRootFilesystem: true 98 | runAsNonRoot: true 99 | terminationGracePeriodSeconds: 10 100 | serviceAccount: operand-deployment-lifecycle-manager 101 | -------------------------------------------------------------------------------- /config/manifests/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../default 3 | - ../samples 4 | - ../scorecard 5 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - monitor.yaml 3 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | name: controller-manager-metrics-monitor 9 | namespace: system 10 | spec: 11 | endpoints: 12 | - path: /metrics 13 | port: https 14 | selector: 15 | matchLabels: 16 | control-plane: controller-manager 17 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_client_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-reader 5 | rules: 6 | - nonResourceURLs: ["/metrics"] 7 | verbs: ["get"] 8 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: operand-deployment-lifecycle-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | targetPort: https 13 | selector: 14 | control-plane: controller-manager 15 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - service_account.yaml 3 | - role.yaml 4 | - role_binding.yaml 5 | # - leader_election_role.yaml 6 | # - leader_election_role_binding.yaml 7 | # Comment the following 4 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | # - auth_proxy_service.yaml 11 | # - auth_proxy_role.yaml 12 | # - auth_proxy_role_binding.yaml 13 | # - auth_proxy_client_clusterrole.yaml 14 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: operand-deployment-lifecycle-manager-leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - configmaps/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | - patch 34 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: operand-deployment-lifecycle-manager-leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: operand-deployment-lifecycle-manager-leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: operand-deployment-lifecycle-manager 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/operandbindinfo_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit operandbindinfoes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandbindinfo-editor-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandbindinfoes 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - operator.ibm.com 21 | resources: 22 | - operandbindinfoes/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/operandbindinfo_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view operandbindinfoes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandbindinfo-viewer-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandbindinfoes 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - operator.ibm.com 17 | resources: 18 | - operandbindinfoes/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/operandconfig_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit operandconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandconfig-editor-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandconfigs 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - operator.ibm.com 21 | resources: 22 | - operandconfigs/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/operandconfig_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view operandconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandconfig-viewer-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandconfigs 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - operator.ibm.com 17 | resources: 18 | - operandconfigs/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/operandregistry_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit operandregistries. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandregistry-editor-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandregistries 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - operator.ibm.com 21 | resources: 22 | - operandregistries/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/operandregistry_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view operandregistries. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandregistry-viewer-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandregistries 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - operator.ibm.com 17 | resources: 18 | - operandregistries/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/operandrequest_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit operandrequests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandrequest-editor-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandrequests 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - operator.ibm.com 21 | resources: 22 | - operandrequests/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/operandrequest_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view operandrequests. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operandrequest-viewer-role 6 | rules: 7 | - apiGroups: 8 | - operator.ibm.com 9 | resources: 10 | - operandrequests 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - operator.ibm.com 17 | resources: 18 | - operandrequests/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/operatorconfig_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit operatorconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: clusterrole 7 | app.kubernetes.io/instance: operatorconfig-editor-role 8 | app.kubernetes.io/component: rbac 9 | app.kubernetes.io/created-by: operand-deployment-lifecycle-manager 10 | app.kubernetes.io/part-of: operand-deployment-lifecycle-manager 11 | app.kubernetes.io/managed-by: kustomize 12 | name: operatorconfig-editor-role 13 | rules: 14 | - apiGroups: 15 | - operator.ibm.com 16 | resources: 17 | - operatorconfigs 18 | verbs: 19 | - create 20 | - delete 21 | - get 22 | - list 23 | - patch 24 | - update 25 | - watch 26 | - apiGroups: 27 | - operator.ibm.com 28 | resources: 29 | - operatorconfigs/status 30 | verbs: 31 | - get 32 | -------------------------------------------------------------------------------- /config/rbac/operatorconfig_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view operatorconfigs. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | labels: 6 | app.kubernetes.io/name: clusterrole 7 | app.kubernetes.io/instance: operatorconfig-viewer-role 8 | app.kubernetes.io/component: rbac 9 | app.kubernetes.io/created-by: operand-deployment-lifecycle-manager 10 | app.kubernetes.io/part-of: operand-deployment-lifecycle-manager 11 | app.kubernetes.io/managed-by: kustomize 12 | name: operatorconfig-viewer-role 13 | rules: 14 | - apiGroups: 15 | - operator.ibm.com 16 | resources: 17 | - operatorconfigs 18 | verbs: 19 | - get 20 | - list 21 | - watch 22 | - apiGroups: 23 | - operator.ibm.com 24 | resources: 25 | - operatorconfigs/status 26 | verbs: 27 | - get 28 | -------------------------------------------------------------------------------- /config/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: operand-deployment-lifecycle-manager 6 | rules: 7 | - apiGroups: 8 | - apiextensions.k8s.io 9 | resources: 10 | - customresourcedefinitions 11 | verbs: 12 | - get 13 | - apiGroups: 14 | - operator.ibm.com 15 | resources: 16 | - auditloggings 17 | - certmanagers 18 | verbs: 19 | - delete 20 | - get 21 | - apiGroups: 22 | - operators.coreos.com 23 | resources: 24 | - catalogsources 25 | verbs: 26 | - get 27 | --- 28 | apiVersion: rbac.authorization.k8s.io/v1 29 | kind: Role 30 | metadata: 31 | name: operand-deployment-lifecycle-manager 32 | namespace: placeholder 33 | rules: 34 | - apiGroups: 35 | - "" 36 | resources: 37 | - configmaps 38 | - namespaces 39 | - secrets 40 | - services 41 | verbs: 42 | - create 43 | - delete 44 | - get 45 | - list 46 | - patch 47 | - update 48 | - watch 49 | - apiGroups: 50 | - '*' 51 | resources: 52 | - '*' 53 | verbs: 54 | - create 55 | - delete 56 | - get 57 | - list 58 | - patch 59 | - update 60 | - watch 61 | - apiGroups: 62 | - k8s.keycloak.org 63 | resources: 64 | - keycloakrealmimports 65 | - keycloaks 66 | verbs: 67 | - create 68 | - delete 69 | - get 70 | - list 71 | - patch 72 | - update 73 | - watch 74 | - apiGroups: 75 | - operator.ibm.com 76 | resources: 77 | - operandbindinfos 78 | - operandbindinfos/finalizers 79 | - operandbindinfos/status 80 | verbs: 81 | - create 82 | - delete 83 | - get 84 | - list 85 | - patch 86 | - update 87 | - watch 88 | - apiGroups: 89 | - operator.ibm.com 90 | resources: 91 | - operandconfigs 92 | - operandconfigs/finalizers 93 | - operandconfigs/status 94 | verbs: 95 | - create 96 | - delete 97 | - get 98 | - list 99 | - patch 100 | - update 101 | - watch 102 | - apiGroups: 103 | - operator.ibm.com 104 | resources: 105 | - operandregistries 106 | - operandregistries/finalizers 107 | - operandregistries/status 108 | verbs: 109 | - create 110 | - delete 111 | - get 112 | - list 113 | - patch 114 | - update 115 | - watch 116 | - apiGroups: 117 | - operator.ibm.com 118 | resources: 119 | - operandrequests 120 | - operandrequests/finalizers 121 | - operandrequests/status 122 | verbs: 123 | - create 124 | - delete 125 | - get 126 | - list 127 | - patch 128 | - update 129 | - watch 130 | - apiGroups: 131 | - operator.ibm.com 132 | resources: 133 | - operatorconfigs 134 | - operatorconfigs/finalizers 135 | - operatorconfigs/status 136 | verbs: 137 | - create 138 | - delete 139 | - get 140 | - list 141 | - patch 142 | - update 143 | - watch 144 | - apiGroups: 145 | - operators.coreos.com 146 | resources: 147 | - clusterserviceversions 148 | - subscriptions 149 | verbs: 150 | - create 151 | - delete 152 | - get 153 | - list 154 | - patch 155 | - update 156 | - watch 157 | - apiGroups: 158 | - operators.coreos.com 159 | resources: 160 | - installplans 161 | - operatorgroups 162 | verbs: 163 | - create 164 | - delete 165 | - get 166 | - list 167 | - patch 168 | - update 169 | - watch 170 | - apiGroups: 171 | - packages.operators.coreos.com 172 | resources: 173 | - packagemanifests 174 | verbs: 175 | - get 176 | - list 177 | - patch 178 | - update 179 | - watch 180 | - apiGroups: 181 | - route.openshift.io 182 | resources: 183 | - routes 184 | verbs: 185 | - create 186 | - delete 187 | - get 188 | - list 189 | - patch 190 | - update 191 | - watch 192 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: operand-deployment-lifecycle-manager 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: operand-deployment-lifecycle-manager 9 | subjects: 10 | - kind: ServiceAccount 11 | name: operand-deployment-lifecycle-manager 12 | namespace: system 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1 15 | kind: RoleBinding 16 | metadata: 17 | name: operand-deployment-lifecycle-manager 18 | roleRef: 19 | apiGroup: rbac.authorization.k8s.io 20 | kind: Role 21 | name: operand-deployment-lifecycle-manager 22 | subjects: 23 | - kind: ServiceAccount 24 | name: operand-deployment-lifecycle-manager 25 | namespace: system 26 | -------------------------------------------------------------------------------- /config/rbac/service_account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "odlm" 8 | name: operand-deployment-lifecycle-manager 9 | namespace: system 10 | -------------------------------------------------------------------------------- /config/samples/kustomization.yaml: -------------------------------------------------------------------------------- 1 | ## This file is auto-generated, do not modify ## 2 | resources: 3 | - operator_v1alpha1_operandrequest.yaml 4 | - operator_v1alpha1_operandregistry.yaml 5 | - operator_v1alpha1_operandconfig.yaml 6 | - operator_v1alpha1_operandbindinfo.yaml 7 | -------------------------------------------------------------------------------- /config/samples/operator_v1alpha1_operandbindinfo.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operator.ibm.com/v1alpha1 2 | kind: OperandBindInfo 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: example-service 9 | spec: 10 | bindings: 11 | public: 12 | secret: mongodb-secret 13 | configmap: mongodb-configmap 14 | description: Binding information that should be accessible to MongoDB adopters 15 | operand: mongodb-atlas-kubernetes 16 | registry: example-service 17 | -------------------------------------------------------------------------------- /config/samples/operator_v1alpha1_operandconfig.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operator.ibm.com/v1alpha1 2 | kind: OperandConfig 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: example-service 9 | spec: 10 | services: 11 | - name: jaeger 12 | spec: 13 | jaeger: 14 | strategy: allinone 15 | - name: mongodb-atlas-kubernetes 16 | spec: 17 | atlasDeployment: 18 | deploymentSpec: 19 | name: test-deployment 20 | projectRef: 21 | name: my-project 22 | 23 | -------------------------------------------------------------------------------- /config/samples/operator_v1alpha1_operandregistry.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operator.ibm.com/v1alpha1 2 | kind: OperandRegistry 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: example-service 9 | spec: 10 | operators: 11 | - name: jaeger 12 | namespace: default 13 | channel: stable 14 | installMode: cluster 15 | packageName: jaeger 16 | sourceName: community-operators 17 | sourceNamespace: openshift-marketplace 18 | - name: mongodb-atlas-kubernetes 19 | namespace: default 20 | channel: stable 21 | packageName: mongodb-atlas-kubernetes 22 | sourceName: community-operators 23 | sourceNamespace: openshift-marketplace 24 | -------------------------------------------------------------------------------- /config/samples/operator_v1alpha1_operandrequest.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operator.ibm.com/v1alpha1 2 | kind: OperandRequest 3 | metadata: 4 | labels: 5 | app.kubernetes.io/instance: "operand-deployment-lifecycle-manager" 6 | app.kubernetes.io/managed-by: "operand-deployment-lifecycle-manager" 7 | app.kubernetes.io/name: "operand-deployment-lifecycle-manager" 8 | name: example-service 9 | spec: 10 | requests: 11 | - registry: example-service 12 | operands: 13 | - name: jaeger 14 | - name: mongodb-atlas-kubernetes 15 | -------------------------------------------------------------------------------- /config/samples/operator_v1alpha1_operatorconfig.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operator.ibm.com/v1alpha1 2 | kind: OperatorConfig 3 | metadata: 4 | labels: 5 | app.kubernetes.io/name: operatorconfig 6 | app.kubernetes.io/instance: operatorconfig-sample 7 | app.kubernetes.io/part-of: operand-deployment-lifecycle-manager 8 | app.kubernetes.io/managed-by: kustomize 9 | app.kubernetes.io/created-by: operand-deployment-lifecycle-manager 10 | name: operatorconfig-sample 11 | spec: 12 | # TODO(user): Add fields here 13 | -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: [] 8 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/config.yaml 3 | patchesJson6902: 4 | - path: patches/basic.config.yaml 5 | target: 6 | group: scorecard.operatorframework.io 7 | version: v1alpha3 8 | kind: Configuration 9 | name: config 10 | - path: patches/olm.config.yaml 11 | target: 12 | group: scorecard.operatorframework.io 13 | version: v1alpha3 14 | kind: Configuration 15 | name: config 16 | # +kubebuilder:scaffold:patchesJson6902 17 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - basic-check-spec 7 | image: quay.io/operator-framework/scorecard-test:master 8 | labels: 9 | suite: basic 10 | test: basic-check-spec-test 11 | -------------------------------------------------------------------------------- /config/scorecard/patches/olm.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - olm-bundle-validation 7 | image: quay.io/operator-framework/scorecard-test:master 8 | labels: 9 | suite: olm 10 | test: olm-bundle-validation-test 11 | - op: add 12 | path: /stages/0/tests/- 13 | value: 14 | entrypoint: 15 | - scorecard-test 16 | - olm-crds-have-validation 17 | image: quay.io/operator-framework/scorecard-test:master 18 | labels: 19 | suite: olm 20 | test: olm-crds-have-validation-test 21 | # - op: add 22 | # path: /stages/0/tests/- 23 | # value: 24 | # entrypoint: 25 | # - scorecard-test 26 | # - olm-crds-have-resources 27 | # image: quay.io/operator-framework/scorecard-test:master 28 | # labels: 29 | # suite: olm 30 | # test: olm-crds-have-resources-test 31 | - op: add 32 | path: /stages/0/tests/- 33 | value: 34 | entrypoint: 35 | - scorecard-test 36 | - olm-spec-descriptors 37 | image: quay.io/operator-framework/scorecard-test:master 38 | labels: 39 | suite: olm 40 | test: olm-spec-descriptors-test 41 | # - op: add 42 | # path: /stages/0/tests/- 43 | # value: 44 | # entrypoint: 45 | # - scorecard-test 46 | # - olm-status-descriptors 47 | # image: quay.io/operator-framework/scorecard-test:master 48 | # labels: 49 | # suite: olm 50 | # test: olm-status-descriptors-test 51 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /controllers/constant/constant.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package constant 18 | 19 | import ( 20 | "time" 21 | ) 22 | 23 | const ( 24 | 25 | //ClusterOperatorNamespace is the namespace of cluster operators 26 | ClusterOperatorNamespace string = "openshift-operators" 27 | 28 | //NotUninstallLabel is the label used to prevent subscription/CR from uninstall 29 | NotUninstallLabel string = "operator.ibm.com/opreq-do-not-uninstall" 30 | 31 | //OpreqLabel is the label used to label the Subscription/CR/Configmap managed by ODLM 32 | OpreqLabel string = "operator.ibm.com/opreq-control" 33 | 34 | //OpreqTrackerLabel is the label used to label the OperandRequest Configmap managed by ODLM 35 | OpreqTrackerLabel string = "operator.ibm.com/operand-request-tracker" 36 | 37 | //InternalOpreqLabel is the label used label the OperandRequest internally created by ODLM 38 | OperandOnlyLabel string = "operator.ibm.com/operand-only" 39 | 40 | //ODLMReferenceAnnotation is the annotation used to annotate the resources used for ODLM operand value reference 41 | ODLMReferenceAnnotation string = "operator.ibm.com/referenced-by-odlm-resource" 42 | 43 | //ODLMWatchedLabel is the label used to label the resources watched by ODLM for value reference 44 | ODLMWatchedLabel string = "operator.ibm.com/watched-by-odlm" 45 | 46 | //OpbiNsLabel is the label used to add OperandBindInfo namespace to the secrets/configmaps watched by ODLM 47 | OpbiNsLabel string = "operator.ibm.com/watched-by-opbi-with-namespace" 48 | 49 | //OpbiNameLabel is the label used to add OperandBindInfo name to the secrets/configmaps watched by ODLM 50 | OpbiNameLabel string = "operator.ibm.com/watched-by-opbi-with-name" 51 | 52 | //OpbiTypeLabel is the label used to label if secrets/configmaps are "original" or "copy" 53 | OpbiTypeLabel string = "operator.ibm.com/managedBy-opbi" 54 | 55 | //BindInfoRefreshLabel is the label used to label if secrets/configmaps are "original" or "copy" 56 | BindInfoRefreshLabel string = "operator.ibm.com/bindinfoRefresh" 57 | 58 | //NamespaceScopeCrName is the name use to get NamespaceScopeCrName instance 59 | NamespaceScopeCrName string = "nss-managedby-odlm" 60 | 61 | //OdlmScopeNssCrName is the name use to get OdlmScopeNssCrName instance 62 | OdlmScopeNssCrName string = "odlm-scope-managedby-odlm" 63 | 64 | //FindOperandRegistry is the key for checking if the OperandRegistry is found 65 | FindOperandRegistry string = "operator.ibm.com/operandregistry-is-not-found" 66 | 67 | //HashedData is the key for checking the checksum of data section 68 | HashedData string = "hashedData" 69 | 70 | //HashedData is the key for k8s Resource 71 | K8sHashedData string = "operator.ibm.com/operand-depoyment-lifecycle-manager.hashedData" 72 | 73 | //RouteHash is the key for hash value of route 74 | RouteHash string = "operator.ibm.com/odlm.route.hashedData" 75 | 76 | //DefaultRequestTimeout is the default timeout for kube request 77 | DefaultRequestTimeout = 5 * time.Second 78 | 79 | //DefaultRequeueDuration is the default requeue time duration for request 80 | DefaultRequeueDuration = 20 * time.Second 81 | 82 | //DefaultSyncPeriod is the frequency at which watched resources are reconciled 83 | DefaultSyncPeriod = 3 * time.Hour 84 | 85 | //DefaultCRFetchTimeout is the default timeout for getting a custom resource 86 | DefaultCRFetchTimeout = 250 * time.Millisecond 87 | 88 | //DefaultCRFetchPeriod is the default retry Period for getting a custom resource 89 | DefaultCRFetchPeriod = 5 * time.Second 90 | 91 | //DefaultCRDeleteTimeout is the default timeout for deleting a custom resource 92 | DefaultCRDeleteTimeout = 5 * time.Minute 93 | 94 | //DefaultCRDeletePeriod is the default retry Period for deleting a custom resource 95 | DefaultCRDeletePeriod = 20 * time.Second 96 | 97 | //DefaultSubDeleteTimeout is the default timeout for deleting a subscription 98 | DefaultSubDeleteTimeout = 10 * time.Minute 99 | 100 | //DefaultCSVWaitPeriod is the default period for wait CSV ready 101 | DefaultCSVWaitPeriod = 1 * time.Minute 102 | 103 | //DefaultCRRetryNumber is the default maximum number of retry for reconciling a custom resource 104 | DefaultCRRetryNumber = 3 105 | 106 | //StatusMonitoredServices is the annotation key for monitored services 107 | StatusMonitoredServices = "status-monitored-services" 108 | ) 109 | -------------------------------------------------------------------------------- /controllers/namespacescope/namespacescope_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package namespacescope 18 | 19 | import ( 20 | "os" 21 | "path/filepath" 22 | "testing" 23 | "time" 24 | 25 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 26 | . "github.com/onsi/ginkgo" 27 | . "github.com/onsi/gomega" 28 | "github.com/onsi/gomega/gexec" 29 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 30 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 31 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 32 | "k8s.io/client-go/rest" 33 | ctrl "sigs.k8s.io/controller-runtime" 34 | "sigs.k8s.io/controller-runtime/pkg/client" 35 | "sigs.k8s.io/controller-runtime/pkg/envtest" 36 | logf "sigs.k8s.io/controller-runtime/pkg/log" 37 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 38 | 39 | nssv1 "github.com/IBM/ibm-namespace-scope-operator/api/v1" 40 | 41 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 42 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandregistry" 43 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandrequest" 44 | deploy "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operator" 45 | // +kubebuilder:scaffold:imports 46 | ) 47 | 48 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 49 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 50 | 51 | const useExistingCluster = "USE_EXISTING_CLUSTER" 52 | 53 | var ( 54 | cfg *rest.Config 55 | k8sClient client.Client 56 | testEnv *envtest.Environment 57 | // scheme = runtime.NewScheme() 58 | 59 | timeout = time.Second * 100 60 | interval = time.Second * 5 61 | ) 62 | 63 | func TestNamespaceScope(t *testing.T) { 64 | RegisterFailHandler(Fail) 65 | 66 | RunSpecs(t, 67 | "NamespaceScope Controller Suite") 68 | } 69 | 70 | var _ = BeforeSuite(func(done Done) { 71 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 72 | 73 | By("bootstrapping test environment") 74 | testEnv = &envtest.Environment{ 75 | UseExistingCluster: UseExistingCluster(), 76 | CRDDirectoryPaths: []string{filepath.Join("../..", "config", "crd", "bases"), filepath.Join("../..", "testcrds"), 77 | filepath.Join("../..", "config", "crd", "namespacescope")}, 78 | } 79 | 80 | var err error 81 | cfg, err = testEnv.Start() 82 | Expect(err).ToNot(HaveOccurred()) 83 | Expect(cfg).ToNot(BeNil()) 84 | 85 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 86 | Expect(err).NotTo(HaveOccurred()) 87 | // +kubebuilder:scaffold:scheme 88 | 89 | err = nssv1.AddToScheme(clientgoscheme.Scheme) 90 | Expect(err).NotTo(HaveOccurred()) 91 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 92 | Expect(err).NotTo(HaveOccurred()) 93 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 94 | Expect(err).NotTo(HaveOccurred()) 95 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 96 | Expect(err).NotTo(HaveOccurred()) 97 | 98 | k8sClient, err = client.New(cfg, client.Options{Scheme: clientgoscheme.Scheme}) 99 | Expect(err).ToNot(HaveOccurred()) 100 | Expect(k8sClient).ToNot(BeNil()) 101 | 102 | // Start your controllers test logic 103 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 104 | Scheme: clientgoscheme.Scheme, 105 | MetricsBindAddress: "0", 106 | }) 107 | Expect(err).ToNot(HaveOccurred()) 108 | 109 | // Setup Manager with NamespaceScope Controller 110 | err = (&Reconciler{ 111 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "NamespaceScope"), 112 | }).SetupWithManager(k8sManager) 113 | Expect(err).ToNot(HaveOccurred()) 114 | // Setup Manager with OperandRegistry Controller 115 | err = (&operandregistry.Reconciler{ 116 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRegistry"), 117 | }).SetupWithManager(k8sManager) 118 | Expect(err).ToNot(HaveOccurred()) 119 | // Setup Manager with OperandRequest Controller 120 | err = (&operandrequest.Reconciler{ 121 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRequest"), 122 | }).SetupWithManager(k8sManager) 123 | Expect(err).ToNot(HaveOccurred()) 124 | 125 | go func() { 126 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 127 | Expect(err).ToNot(HaveOccurred()) 128 | }() 129 | 130 | close(done) 131 | }, 600) 132 | 133 | var _ = AfterSuite(func() { 134 | By("tearing down the test environment") 135 | gexec.KillAndWait(5 * time.Second) 136 | err := testEnv.Stop() 137 | Expect(err).ToNot(HaveOccurred()) 138 | }) 139 | 140 | func UseExistingCluster() *bool { 141 | use := false 142 | if os.Getenv(useExistingCluster) != "" && os.Getenv(useExistingCluster) == "true" { 143 | use = true 144 | } 145 | return &use 146 | } 147 | -------------------------------------------------------------------------------- /controllers/operandbindinfo/operandbindinfo_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package operandbindinfo 18 | 19 | import ( 20 | "os" 21 | "path/filepath" 22 | "testing" 23 | "time" 24 | 25 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 26 | . "github.com/onsi/ginkgo" 27 | . "github.com/onsi/gomega" 28 | "github.com/onsi/gomega/gexec" 29 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 30 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 31 | operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" 32 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 33 | "k8s.io/client-go/rest" 34 | ctrl "sigs.k8s.io/controller-runtime" 35 | "sigs.k8s.io/controller-runtime/pkg/client" 36 | "sigs.k8s.io/controller-runtime/pkg/envtest" 37 | logf "sigs.k8s.io/controller-runtime/pkg/log" 38 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 39 | 40 | nssv1 "github.com/IBM/ibm-namespace-scope-operator/api/v1" 41 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 42 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandregistry" 43 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandrequest" 44 | deploy "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operator" 45 | // +kubebuilder:scaffold:imports 46 | ) 47 | 48 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 49 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 50 | 51 | const useExistingCluster = "USE_EXISTING_CLUSTER" 52 | 53 | var ( 54 | cfg *rest.Config 55 | k8sClient client.Client 56 | testEnv *envtest.Environment 57 | // scheme = runtime.NewScheme() 58 | 59 | timeout = time.Second * 300 60 | interval = time.Second * 5 61 | ) 62 | 63 | func TestOperandBindInfo(t *testing.T) { 64 | RegisterFailHandler(Fail) 65 | 66 | RunSpecs(t, 67 | "OperandBindInfo Controller Suite") 68 | } 69 | 70 | var _ = BeforeSuite(func(done Done) { 71 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 72 | 73 | By("bootstrapping test environment") 74 | testEnv = &envtest.Environment{ 75 | UseExistingCluster: UseExistingCluster(), 76 | CRDDirectoryPaths: []string{filepath.Join("../..", "config", "crd", "bases"), filepath.Join("../..", "testcrds")}, 77 | } 78 | 79 | var err error 80 | cfg, err = testEnv.Start() 81 | Expect(err).ToNot(HaveOccurred()) 82 | Expect(cfg).ToNot(BeNil()) 83 | 84 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 85 | Expect(err).NotTo(HaveOccurred()) 86 | // +kubebuilder:scaffold:scheme 87 | 88 | err = nssv1.AddToScheme(clientgoscheme.Scheme) 89 | Expect(err).NotTo(HaveOccurred()) 90 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 91 | Expect(err).NotTo(HaveOccurred()) 92 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 93 | Expect(err).NotTo(HaveOccurred()) 94 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 95 | Expect(err).NotTo(HaveOccurred()) 96 | err = operatorsv1.AddToScheme(clientgoscheme.Scheme) 97 | Expect(err).NotTo(HaveOccurred()) 98 | 99 | k8sClient, err = client.New(cfg, client.Options{Scheme: clientgoscheme.Scheme}) 100 | Expect(err).ToNot(HaveOccurred()) 101 | Expect(k8sClient).ToNot(BeNil()) 102 | 103 | // Start your controllers test logic 104 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 105 | Scheme: clientgoscheme.Scheme, 106 | MetricsBindAddress: "0", 107 | }) 108 | Expect(err).ToNot(HaveOccurred()) 109 | 110 | // Setup Manager with OperandBindInfo Controller 111 | err = (&Reconciler{ 112 | Config: cfg, 113 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandBindInfo"), 114 | }).SetupWithManager(k8sManager) 115 | Expect(err).ToNot(HaveOccurred()) 116 | // Setup Manager with OperandRegistry Controller 117 | err = (&operandregistry.Reconciler{ 118 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRegistry"), 119 | }).SetupWithManager(k8sManager) 120 | Expect(err).ToNot(HaveOccurred()) 121 | // Setup Manager with OperandRequest Controller 122 | err = (&operandrequest.Reconciler{ 123 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRequest"), 124 | }).SetupWithManager(k8sManager) 125 | Expect(err).ToNot(HaveOccurred()) 126 | 127 | go func() { 128 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 129 | Expect(err).ToNot(HaveOccurred()) 130 | }() 131 | 132 | close(done) 133 | }, 600) 134 | 135 | var _ = AfterSuite(func() { 136 | By("tearing down the test environment") 137 | gexec.KillAndWait(5 * time.Second) 138 | err := testEnv.Stop() 139 | Expect(err).ToNot(HaveOccurred()) 140 | }) 141 | 142 | func UseExistingCluster() *bool { 143 | use := false 144 | if os.Getenv(useExistingCluster) != "" && os.Getenv(useExistingCluster) == "true" { 145 | use = true 146 | } 147 | return &use 148 | } 149 | -------------------------------------------------------------------------------- /controllers/operandconfig/operandconfig_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package operandconfig 18 | 19 | import ( 20 | "os" 21 | "path/filepath" 22 | "testing" 23 | "time" 24 | 25 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 26 | . "github.com/onsi/ginkgo" 27 | . "github.com/onsi/gomega" 28 | "github.com/onsi/gomega/gexec" 29 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 30 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 31 | operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" 32 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 33 | "k8s.io/client-go/rest" 34 | ctrl "sigs.k8s.io/controller-runtime" 35 | "sigs.k8s.io/controller-runtime/pkg/client" 36 | "sigs.k8s.io/controller-runtime/pkg/envtest" 37 | logf "sigs.k8s.io/controller-runtime/pkg/log" 38 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 39 | 40 | nssv1 "github.com/IBM/ibm-namespace-scope-operator/api/v1" 41 | 42 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 43 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandregistry" 44 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandrequest" 45 | deploy "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operator" 46 | // +kubebuilder:scaffold:imports 47 | ) 48 | 49 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 50 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 51 | 52 | const useExistingCluster = "USE_EXISTING_CLUSTER" 53 | 54 | var ( 55 | cfg *rest.Config 56 | k8sClient client.Client 57 | testEnv *envtest.Environment 58 | // scheme = runtime.NewScheme() 59 | 60 | timeout = time.Second * 300 61 | interval = time.Second * 5 62 | ) 63 | 64 | func TestOperandConfig(t *testing.T) { 65 | RegisterFailHandler(Fail) 66 | 67 | RunSpecs(t, 68 | "OperandConfig Controller Suite") 69 | } 70 | 71 | var _ = BeforeSuite(func(done Done) { 72 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 73 | 74 | By("bootstrapping test environment") 75 | testEnv = &envtest.Environment{ 76 | UseExistingCluster: UseExistingCluster(), 77 | CRDDirectoryPaths: []string{filepath.Join("../..", "config", "crd", "bases"), filepath.Join("../..", "testcrds")}, 78 | } 79 | 80 | var err error 81 | cfg, err = testEnv.Start() 82 | Expect(err).ToNot(HaveOccurred()) 83 | Expect(cfg).ToNot(BeNil()) 84 | 85 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 86 | Expect(err).NotTo(HaveOccurred()) 87 | // +kubebuilder:scaffold:scheme 88 | 89 | err = nssv1.AddToScheme(clientgoscheme.Scheme) 90 | Expect(err).NotTo(HaveOccurred()) 91 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 92 | Expect(err).NotTo(HaveOccurred()) 93 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 94 | Expect(err).NotTo(HaveOccurred()) 95 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 96 | Expect(err).NotTo(HaveOccurred()) 97 | err = operatorsv1.AddToScheme(clientgoscheme.Scheme) 98 | Expect(err).NotTo(HaveOccurred()) 99 | 100 | k8sClient, err = client.New(cfg, client.Options{Scheme: clientgoscheme.Scheme}) 101 | Expect(err).ToNot(HaveOccurred()) 102 | Expect(k8sClient).ToNot(BeNil()) 103 | 104 | // Start your controllers test logic 105 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 106 | Scheme: clientgoscheme.Scheme, 107 | MetricsBindAddress: "0", 108 | }) 109 | Expect(err).ToNot(HaveOccurred()) 110 | 111 | // Setup Manager with OperandRegistry Controller 112 | err = (&operandregistry.Reconciler{ 113 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRegistry"), 114 | }).SetupWithManager(k8sManager) 115 | Expect(err).ToNot(HaveOccurred()) 116 | // Setup Manager with OperandConfig Controller 117 | err = (&Reconciler{ 118 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandConfig"), 119 | }).SetupWithManager(k8sManager) 120 | Expect(err).ToNot(HaveOccurred()) 121 | // Setup Manager with OperandRequest Controller 122 | err = (&operandrequest.Reconciler{ 123 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRequest"), 124 | }).SetupWithManager(k8sManager) 125 | Expect(err).ToNot(HaveOccurred()) 126 | 127 | go func() { 128 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 129 | Expect(err).ToNot(HaveOccurred()) 130 | }() 131 | 132 | // End your controllers test logic 133 | 134 | close(done) 135 | }, 600) 136 | 137 | var _ = AfterSuite(func() { 138 | By("tearing down the test environment") 139 | gexec.KillAndWait(5 * time.Second) 140 | err := testEnv.Stop() 141 | Expect(err).ToNot(HaveOccurred()) 142 | }) 143 | 144 | func UseExistingCluster() *bool { 145 | use := false 146 | if os.Getenv(useExistingCluster) != "" && os.Getenv(useExistingCluster) == "true" { 147 | use = true 148 | } 149 | return &use 150 | } 151 | -------------------------------------------------------------------------------- /controllers/operandregistry/operandregistry_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package operandregistry 18 | 19 | import ( 20 | "os" 21 | "path/filepath" 22 | "testing" 23 | "time" 24 | 25 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 26 | . "github.com/onsi/ginkgo" 27 | . "github.com/onsi/gomega" 28 | "github.com/onsi/gomega/gexec" 29 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 30 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 31 | operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" 32 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 33 | "k8s.io/client-go/rest" 34 | ctrl "sigs.k8s.io/controller-runtime" 35 | "sigs.k8s.io/controller-runtime/pkg/client" 36 | "sigs.k8s.io/controller-runtime/pkg/envtest" 37 | logf "sigs.k8s.io/controller-runtime/pkg/log" 38 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 39 | 40 | nssv1 "github.com/IBM/ibm-namespace-scope-operator/api/v1" 41 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 42 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandconfig" 43 | "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operandrequest" 44 | deploy "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operator" 45 | // +kubebuilder:scaffold:imports 46 | ) 47 | 48 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 49 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 50 | 51 | const useExistingCluster = "USE_EXISTING_CLUSTER" 52 | 53 | var ( 54 | cfg *rest.Config 55 | k8sClient client.Client 56 | testEnv *envtest.Environment 57 | // scheme = runtime.NewScheme() 58 | 59 | timeout = time.Second * 300 60 | interval = time.Second * 5 61 | ) 62 | 63 | func TestOperandRegistry(t *testing.T) { 64 | RegisterFailHandler(Fail) 65 | 66 | RunSpecs(t, 67 | "OperandRegistry Controller Suite") 68 | } 69 | 70 | var _ = BeforeSuite(func(done Done) { 71 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 72 | 73 | By("bootstrapping test environment") 74 | testEnv = &envtest.Environment{ 75 | UseExistingCluster: UseExistingCluster(), 76 | CRDDirectoryPaths: []string{filepath.Join("../..", "config", "crd", "bases"), filepath.Join("../..", "testcrds")}, 77 | } 78 | 79 | var err error 80 | cfg, err = testEnv.Start() 81 | Expect(err).ToNot(HaveOccurred()) 82 | Expect(cfg).ToNot(BeNil()) 83 | 84 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 85 | Expect(err).NotTo(HaveOccurred()) 86 | // +kubebuilder:scaffold:scheme 87 | 88 | err = nssv1.AddToScheme(clientgoscheme.Scheme) 89 | Expect(err).NotTo(HaveOccurred()) 90 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 91 | Expect(err).NotTo(HaveOccurred()) 92 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 93 | Expect(err).NotTo(HaveOccurred()) 94 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 95 | Expect(err).NotTo(HaveOccurred()) 96 | err = operatorsv1.AddToScheme(clientgoscheme.Scheme) 97 | Expect(err).NotTo(HaveOccurred()) 98 | 99 | k8sClient, err = client.New(cfg, client.Options{Scheme: clientgoscheme.Scheme}) 100 | Expect(err).ToNot(HaveOccurred()) 101 | Expect(k8sClient).ToNot(BeNil()) 102 | 103 | // Start your controllers test logic 104 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 105 | Scheme: clientgoscheme.Scheme, 106 | MetricsBindAddress: "0", 107 | }) 108 | Expect(err).ToNot(HaveOccurred()) 109 | 110 | // Setup Manager with OperandRegistry Controller 111 | err = (&Reconciler{ 112 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRegistry"), 113 | }).SetupWithManager(k8sManager) 114 | Expect(err).ToNot(HaveOccurred()) 115 | // Setup Manager with OperandConfig Controller 116 | err = (&operandconfig.Reconciler{ 117 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandConfig"), 118 | }).SetupWithManager(k8sManager) 119 | Expect(err).ToNot(HaveOccurred()) 120 | // Setup Manager with OperandRequest Controller 121 | err = (&operandrequest.Reconciler{ 122 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRequest"), 123 | }).SetupWithManager(k8sManager) 124 | Expect(err).ToNot(HaveOccurred()) 125 | 126 | go func() { 127 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 128 | Expect(err).ToNot(HaveOccurred()) 129 | }() 130 | 131 | // End your controllers test logic 132 | 133 | close(done) 134 | }, 600) 135 | 136 | var _ = AfterSuite(func() { 137 | By("tearing down the test environment") 138 | gexec.KillAndWait(5 * time.Second) 139 | err := testEnv.Stop() 140 | Expect(err).ToNot(HaveOccurred()) 141 | }) 142 | 143 | func UseExistingCluster() *bool { 144 | use := false 145 | if os.Getenv(useExistingCluster) != "" && os.Getenv(useExistingCluster) == "true" { 146 | use = true 147 | } 148 | return &use 149 | } 150 | -------------------------------------------------------------------------------- /controllers/operandrequest/operandrequest_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package operandrequest 18 | 19 | import ( 20 | "os" 21 | "path/filepath" 22 | "testing" 23 | "time" 24 | 25 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 26 | . "github.com/onsi/ginkgo" 27 | . "github.com/onsi/gomega" 28 | "github.com/onsi/gomega/gexec" 29 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 30 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 31 | operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" 32 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 33 | "k8s.io/client-go/rest" 34 | ctrl "sigs.k8s.io/controller-runtime" 35 | "sigs.k8s.io/controller-runtime/pkg/client" 36 | "sigs.k8s.io/controller-runtime/pkg/envtest" 37 | logf "sigs.k8s.io/controller-runtime/pkg/log" 38 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 39 | 40 | nssv1 "github.com/IBM/ibm-namespace-scope-operator/api/v1" 41 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 42 | deploy "github.com/IBM/operand-deployment-lifecycle-manager/v4/controllers/operator" 43 | // +kubebuilder:scaffold:imports 44 | ) 45 | 46 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 47 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 48 | 49 | const useExistingCluster = "USE_EXISTING_CLUSTER" 50 | 51 | var ( 52 | cfg *rest.Config 53 | k8sClient client.Client 54 | testEnv *envtest.Environment 55 | ) 56 | 57 | func TestOperanRequest(t *testing.T) { 58 | RegisterFailHandler(Fail) 59 | 60 | RunSpecs(t, 61 | "OperandRequest Controller Suite") 62 | } 63 | 64 | var _ = BeforeSuite(func(done Done) { 65 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 66 | 67 | By("bootstrapping test environment") 68 | testEnv = &envtest.Environment{ 69 | UseExistingCluster: UseExistingCluster(), 70 | CRDDirectoryPaths: []string{filepath.Join("../..", "config", "crd", "bases"), filepath.Join("../..", "testcrds")}, 71 | } 72 | 73 | var err error 74 | cfg, err = testEnv.Start() 75 | Expect(err).ToNot(HaveOccurred()) 76 | Expect(cfg).ToNot(BeNil()) 77 | 78 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 79 | Expect(err).NotTo(HaveOccurred()) 80 | // +kubebuilder:scaffold:scheme 81 | 82 | err = nssv1.AddToScheme(clientgoscheme.Scheme) 83 | Expect(err).NotTo(HaveOccurred()) 84 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 85 | Expect(err).NotTo(HaveOccurred()) 86 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 87 | Expect(err).NotTo(HaveOccurred()) 88 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 89 | Expect(err).NotTo(HaveOccurred()) 90 | err = operatorsv1.AddToScheme(clientgoscheme.Scheme) 91 | Expect(err).NotTo(HaveOccurred()) 92 | 93 | k8sClient, err = client.New(cfg, client.Options{Scheme: clientgoscheme.Scheme}) 94 | Expect(err).ToNot(HaveOccurred()) 95 | Expect(k8sClient).ToNot(BeNil()) 96 | 97 | // Start your controllers test logic 98 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 99 | Scheme: clientgoscheme.Scheme, 100 | MetricsBindAddress: "0", 101 | }) 102 | Expect(err).ToNot(HaveOccurred()) 103 | 104 | // Setup Manager with OperandRequest Controller 105 | err = (&Reconciler{ 106 | ODLMOperator: deploy.NewODLMOperator(k8sManager, "OperandRequest"), 107 | StepSize: 3, 108 | }).SetupWithManager(k8sManager) 109 | Expect(err).ToNot(HaveOccurred()) 110 | 111 | go func() { 112 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 113 | Expect(err).ToNot(HaveOccurred()) 114 | }() 115 | 116 | close(done) 117 | }, 600) 118 | 119 | var _ = AfterSuite(func() { 120 | By("tearing down the test environment") 121 | gexec.KillAndWait(5 * time.Second) 122 | err := testEnv.Stop() 123 | Expect(err).ToNot(HaveOccurred()) 124 | }) 125 | 126 | func UseExistingCluster() *bool { 127 | use := false 128 | if os.Getenv(useExistingCluster) != "" && os.Getenv(useExistingCluster) == "true" { 129 | use = true 130 | } 131 | return &use 132 | } 133 | -------------------------------------------------------------------------------- /controllers/operatorconfig/operatorconfig_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package operatorconfig 18 | 19 | import ( 20 | "path/filepath" 21 | "testing" 22 | 23 | . "github.com/onsi/ginkgo/v2" 24 | . "github.com/onsi/gomega" 25 | 26 | operatorsv1 "github.com/operator-framework/operator-lifecycle-manager/pkg/package-server/apis/operators/v1" 27 | "k8s.io/client-go/kubernetes/scheme" 28 | "k8s.io/client-go/rest" 29 | "sigs.k8s.io/controller-runtime/pkg/client" 30 | "sigs.k8s.io/controller-runtime/pkg/envtest" 31 | logf "sigs.k8s.io/controller-runtime/pkg/log" 32 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 33 | 34 | operatorv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 35 | //+kubebuilder:scaffold:imports 36 | ) 37 | 38 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 39 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 40 | 41 | var cfg *rest.Config 42 | var k8sClient client.Client 43 | var testEnv *envtest.Environment 44 | 45 | func TestAPIs(t *testing.T) { 46 | RegisterFailHandler(Fail) 47 | 48 | RunSpecs(t, "Controller Suite") 49 | } 50 | 51 | var _ = BeforeSuite(func() { 52 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 53 | 54 | By("bootstrapping test environment") 55 | testEnv = &envtest.Environment{ 56 | CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, 57 | ErrorIfCRDPathMissing: true, 58 | } 59 | 60 | var err error 61 | // cfg is defined in this file globally. 62 | cfg, err = testEnv.Start() 63 | Expect(err).NotTo(HaveOccurred()) 64 | Expect(cfg).NotTo(BeNil()) 65 | 66 | err = operatorv1alpha1.AddToScheme(scheme.Scheme) 67 | Expect(err).NotTo(HaveOccurred()) 68 | err = operatorsv1.AddToScheme(scheme.Scheme) 69 | Expect(err).NotTo(HaveOccurred()) 70 | 71 | //+kubebuilder:scaffold:scheme 72 | 73 | k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) 74 | Expect(err).NotTo(HaveOccurred()) 75 | Expect(k8sClient).NotTo(BeNil()) 76 | 77 | }) 78 | 79 | var _ = AfterSuite(func() { 80 | By("tearing down the test environment") 81 | err := testEnv.Stop() 82 | Expect(err).NotTo(HaveOccurred()) 83 | }) 84 | -------------------------------------------------------------------------------- /controllers/testutil/test_data.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package testutil 18 | 19 | import ( 20 | "time" 21 | ) 22 | 23 | const ( 24 | Timeout = time.Second * 300 25 | Interval = time.Second * 5 26 | ) 27 | 28 | const JaegerExample string = ` 29 | [ 30 | { 31 | "apiVersion": "jaegertracing.io/v1", 32 | "kind": "Jaeger", 33 | "metadata": { 34 | "name": "my-jaeger" 35 | }, 36 | "spec": { 37 | "strategy": "allinone" 38 | } 39 | } 40 | ] 41 | ` 42 | const MongodbExample string = ` 43 | [ 44 | { 45 | "apiVersion": "atlas.mongodb.com/v1", 46 | "kind": "AtlasDeployment", 47 | "metadata": { 48 | "name": "my-atlas-deployment" 49 | }, 50 | "spec": { 51 | "deploymentSpec": { 52 | "name": "test-deployment", 53 | "providerSettings": { 54 | "instanceSizeName": "M10", 55 | "providerName": "AWS", 56 | "regionName": "US_EAST_1" 57 | } 58 | }, 59 | "projectRef": {"name": "my-project"} 60 | } 61 | } 62 | ] 63 | ` 64 | -------------------------------------------------------------------------------- /controllers/util/merge.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package util 18 | 19 | import ( 20 | "encoding/json" 21 | 22 | "k8s.io/apimachinery/pkg/api/equality" 23 | "k8s.io/klog" 24 | ) 25 | 26 | // MergeCR deep merge two custom resource spec 27 | func MergeCR(defaultCR, changedCR []byte) map[string]interface{} { 28 | if len(defaultCR) == 0 && len(changedCR) == 0 { 29 | return make(map[string]interface{}) 30 | } 31 | 32 | // Handle when only one CR is provided 33 | defaultCRDecoded := make(map[string]interface{}) 34 | changedCRDecoded := make(map[string]interface{}) 35 | if len(defaultCR) != 0 && len(changedCR) == 0 { 36 | defaultCRUnmarshalErr := json.Unmarshal(defaultCR, &defaultCRDecoded) 37 | if defaultCRUnmarshalErr != nil { 38 | klog.Errorf("failed to unmarshal CR Template: %v", defaultCRUnmarshalErr) 39 | } 40 | return defaultCRDecoded 41 | } else if len(defaultCR) == 0 && len(changedCR) != 0 { 42 | changedCRUnmarshalErr := json.Unmarshal(changedCR, &changedCRDecoded) 43 | if changedCRUnmarshalErr != nil { 44 | klog.Errorf("failed to unmarshal service spec: %v", changedCRUnmarshalErr) 45 | } 46 | return changedCRDecoded 47 | } 48 | defaultCRUnmarshalErr := json.Unmarshal(defaultCR, &defaultCRDecoded) 49 | if defaultCRUnmarshalErr != nil { 50 | klog.Errorf("failed to unmarshal CR Template: %v", defaultCRUnmarshalErr) 51 | } 52 | changedCRUnmarshalErr := json.Unmarshal(changedCR, &changedCRDecoded) 53 | if changedCRUnmarshalErr != nil { 54 | klog.Errorf("failed to unmarshal service spec: %v", changedCRUnmarshalErr) 55 | } 56 | 57 | // Merge both specs 58 | for key := range defaultCRDecoded { 59 | checkKeyBeforeMerging(key, defaultCRDecoded[key], changedCRDecoded[key], changedCRDecoded) 60 | } 61 | 62 | return changedCRDecoded 63 | } 64 | 65 | func checkKeyBeforeMerging(key string, defaultMap interface{}, changedMap interface{}, finalMap map[string]interface{}) { 66 | if !equality.Semantic.DeepEqual(defaultMap, changedMap) { 67 | switch defaultMap := defaultMap.(type) { 68 | case map[string]interface{}: 69 | //Check that the changed map value doesn't contain this map at all and is nil 70 | if changedMap == nil { 71 | finalMap[key] = defaultMap 72 | } else if _, ok := changedMap.(map[string]interface{}); ok { //Check that the changed map value is also a map[string]interface 73 | defaultMapRef := defaultMap 74 | changedMapRef := changedMap.(map[string]interface{}) 75 | for newKey := range defaultMapRef { 76 | checkKeyBeforeMerging(newKey, defaultMapRef[newKey], changedMapRef[newKey], finalMap[key].(map[string]interface{})) 77 | } 78 | } 79 | case []interface{}: 80 | if changedMap == nil { 81 | finalMap[key] = defaultMap 82 | } else if _, ok := changedMap.([]interface{}); ok { //Check that the changed map value is also a slice []interface 83 | defaultMapRef := defaultMap 84 | changedMapRef := changedMap.([]interface{}) 85 | for i := range defaultMapRef { 86 | if _, ok := defaultMapRef[i].(map[string]interface{}); ok { 87 | if len(changedMapRef) > i { 88 | for newKey := range defaultMapRef[i].(map[string]interface{}) { 89 | checkKeyBeforeMerging(newKey, defaultMapRef[i].(map[string]interface{})[newKey], changedMapRef[i].(map[string]interface{})[newKey], finalMap[key].([]interface{})[i].(map[string]interface{})) 90 | } 91 | } 92 | } 93 | } 94 | } 95 | default: 96 | //Check if the value was set, otherwise set it 97 | if changedMap == nil { 98 | finalMap[key] = defaultMap 99 | } 100 | } 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /controllers/util/merge_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package util 18 | 19 | import ( 20 | "encoding/json" 21 | 22 | . "github.com/onsi/ginkgo" 23 | . "github.com/onsi/gomega" 24 | ) 25 | 26 | var _ = Describe("DeepMerge", func() { 27 | 28 | Context("Deep Merge two JSON files", func() { 29 | It("Should two JSON files get deep merged", func() { 30 | defaultJSON := `{"greetings":{"first":"hi","second":"hello"},"name":"John"}` 31 | changedJSON := `{"greetings":{"first":"hey"},"name":"Jane"}` 32 | resultJSON := `{"greetings":{"first":"hey","second":"hello"},"name":"Jane"}` 33 | 34 | changedJSONDecoded := MergeCR([]byte(defaultJSON), []byte(changedJSON)) 35 | 36 | mergedJSON, err := json.Marshal(changedJSONDecoded) 37 | Expect(err).NotTo(HaveOccurred()) 38 | 39 | Expect(mergedJSON).Should(Equal([]byte(resultJSON))) 40 | }) 41 | }) 42 | 43 | Context("Deep Merge two JSON files with list", func() { 44 | It("Should two JSON files get deep merged", func() { 45 | defaultJSON := `{"age":30,"cars":["Ford","BMW","Fiat"],"bicycle":["Giant"],"name":"John"}` 46 | changedJSON := `{"age":13,"cars":["Benz","BMW","Fiat"],"plane":["Boeing"],"name":"Jane"}` 47 | resultJSON := `{"age":13,"bicycle":["Giant"],"cars":["Benz","BMW","Fiat"],"name":"Jane","plane":["Boeing"]}` 48 | 49 | changedJSONDecoded := MergeCR([]byte(defaultJSON), []byte(changedJSON)) 50 | 51 | mergedJSON, err := json.Marshal(changedJSONDecoded) 52 | Expect(err).NotTo(HaveOccurred()) 53 | 54 | Expect(mergedJSON).Should(Equal([]byte(resultJSON))) 55 | }) 56 | }) 57 | }) 58 | -------------------------------------------------------------------------------- /controllers/util/multi_errors.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package util 18 | 19 | import ( 20 | "strings" 21 | ) 22 | 23 | // MultiErr is a multiple error slice 24 | type MultiErr struct { 25 | Errors []string 26 | } 27 | 28 | // Error is the error message 29 | func (mer *MultiErr) Error() string { 30 | if len(mer.Errors) == 0 { 31 | return "no error occurred" 32 | } 33 | var sb strings.Builder 34 | sb.WriteString("the following errors occurred:") 35 | for _, errMessage := range mer.Errors { 36 | sb.WriteString("\n - " + errMessage) 37 | } 38 | return sb.String() 39 | } 40 | 41 | // Add appends error message 42 | func (mer *MultiErr) Add(err error) { 43 | if mer.Errors == nil { 44 | mer.Errors = []string{} 45 | } 46 | mer.Errors = append(mer.Errors, err.Error()) 47 | } 48 | -------------------------------------------------------------------------------- /controllers/util/multi_errors_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package util 18 | 19 | import ( 20 | "errors" 21 | 22 | . "github.com/onsi/ginkgo" 23 | . "github.com/onsi/gomega" 24 | ) 25 | 26 | var _ = Describe("Multiple error list", func() { 27 | 28 | Context("Combine multiple errors into one instance", func() { 29 | It("Should return one instance includes multiple error message", func() { 30 | 31 | By("Initialize a new multiple error") 32 | merr := &MultiErr{} 33 | 34 | merr.Add(errors.New("this is the First error")) 35 | merr.Add(errors.New("this is the Second error")) 36 | 37 | errMessage := `the following errors occurred: 38 | - this is the First error 39 | - this is the Second error` 40 | Expect(merr.Error()).Should(Equal(errMessage)) 41 | }) 42 | }) 43 | 44 | }) 45 | -------------------------------------------------------------------------------- /controllers/util/util_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package util 18 | 19 | import ( 20 | . "github.com/onsi/ginkgo" 21 | . "github.com/onsi/gomega" 22 | 23 | "testing" 24 | ) 25 | 26 | func TestStatus(t *testing.T) { 27 | RegisterFailHandler(Fail) 28 | RunSpecs(t, "util Suite") 29 | } 30 | -------------------------------------------------------------------------------- /docs/design/comparison-to-olm.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Operand Deployment Lifecycle Manager (ODLM) and Operator Lifecycle Manager (OLM)](#operand-deployment-lifecycle-manager-odlm-and-operator-lifecycle-manager-olm) 6 | - [What is Operator Lifecycle Manager?](#what-is-operator-lifecycle-manager) 7 | - [What are operands?](#what-are-operands) 8 | - [How does the ODLM work?](#how-does-the-odlm-work) 9 | - [Application Lifecycle Management](#application-lifecycle-management) 10 | - [installation](#installation) 11 | - [uninstall](#uninstall) 12 | - [Dependency Management](#dependency-management) 13 | - [Additional Features](#additional-features) 14 | - [Binding Information sharing](#binding-information-sharing) 15 | 16 | 17 | 18 | # Operand Deployment Lifecycle Manager (ODLM) and Operator Lifecycle Manager (OLM) 19 | 20 | When it comes to deploying operator services, users will always want to know what is the difference between Operand Deployment Lifecycle Manager (ODLM) and Operator Lifecycle Manager (OLM). In this document, we compare them and discuss what advantages of using ODLM and when you should pick ODLM as an extension of OLM. 21 | 22 | ## What is Operator Lifecycle Manager? 23 | 24 | Operator Lifecycle Manager (OLM) helps users install, update, and manage the lifecycle of Kubernetes native applications (Operators) and their associated services running across their OpenShift Container Platform clusters. 25 | It implements features, like application lifecycle management and dependency management. For more details, you can check [operator-lifecycle-manager](https://github.com/operator-framework/operator-lifecycle-manager) 26 | 27 | ## What are operands? 28 | 29 | Operator is a method of packaging, deploying and managing a Kubernetes application. 30 | Operands are the services and applications that Operator manage. 31 | 32 | For example, cert-manager operator deploys a cert-manager deployment, then the cert-manager-operator is an operator and the cert-manager deployment is an operand. 33 | 34 | ## How does the ODLM work? 35 | 36 | The ODLM manages the deployment of the operands for OLM managed operators. This provides a mechanism for dynamically deploying dependent (and optionally, shared) services in a prescriptive manner and allowing these deployments to interact when and where needed in a scoped fashion. 37 | 38 | ## Application Lifecycle Management 39 | 40 | ### installation 41 | 42 | - **OLM** can be used to deploy a single operator by creating a Subscription. 43 | - **ODLM** can be used to manage the lifecycle of a group of operands, compared with operator lifecycle manager, **ODLM** focuses on the management of both operands and operators. Users can create an OperandRequest to install a group of Operators and specific CRs for these operators. 44 | 45 | ### uninstall 46 | 47 | - When users use **OLM** only, they need to delete every created custom resource and all the operators. 48 | - When using **ODLM**, if users don't need an operator application anymore, they can delete the OperandRequest created for the application. **ODLM** will handle the logic of checking if there are other users requesting this application and delete both custom resources and operators when they are no longer referenced. 49 | 50 | ## Dependency Management 51 | 52 | - **OLM** creates all required, dependent operators automatically by creating additional Subscriptions automatically. Each operator statically defines all of it's REQUIRED dependencies in the form of CustomResourceDefinitions, API Service Definitions or Operator Package versions. 53 | - **OLM** operators declare which CRDs, and API Services are PROVIDED. 54 | - **OLM** operators declare which CRDs, API Services and other Operator Package Versions are REQUIRED. 55 | - All dependencies are statically defined as REQUIRED (vs. optional, or preferred), which result in all dependencies must be installed as a unit. 56 | - All dependencies must be in the same OperatorGroup, which may require the operators to be in the same namespace. 57 | - Example: The _Parent_ Operator REQUIRES the _Child_ CRD and the _Child_ Operator PROVIDES the _Child_ CRD. When the _Parent_ Operator Subscription is created, the _Child_ Subscription is dynamically created, satisfying the _Child_ CRD dependency. 58 | - **ODLM** manages dependencies by creating _OperandRequests_. Instead of providing a statically REQUIRED dependency, the Operator's creates a soft dependency using one or more OperandRequests for the dependent Operators as needed. 59 | - **ODLM** *OperandRequests* decouple the lifecycle of the dependant Operators and allows dependencies to be installed (Subscribed) on demand. 60 | - The dependent _OperandRequests_ can be statically defined in the `alm-examples` section of the OLM _ClusterServiceVersion_, or can be created dynamically by the Operator's controller. 61 | - OLM Operators, managed by **ODLM** can be managed in any namespace combination allowing single-namespace installations to be shared between namespaces, avoiding the need for All-Namespace or Multi-Namespace OperatorGroups and Install Modes. 62 | - Example: The _Parent_ Operator controller REQUIRES the _Child_ Operator, by expressing the dependency in the Controller code, creating an OperandRequest. This dependency is NOT defined in the OLM ClusterServiceVersion. 63 | 64 | ## Additional Features 65 | 66 | ### Binding Information sharing 67 | 68 | **ODLM** can use the OperandBindInfo to claim the information that services want to share with the requester. The ODLM will use the request to copy the secret and/or configmap to the namespace of the OperandRequest. For more details, you can check [OperandBindInfo](./operand-deployment-lifecycle-manager.md#operandbindinfo-spec) 69 | -------------------------------------------------------------------------------- /docs/design/create-cr-by-operandrequest.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Create Custom Resource by OperandRequest](#create-custom-resource-by-operandrequest) 6 | - [How to create Custom Resource by OperandRequest](#how-to-create-custom-resource-by-operandrequest) 7 | 8 | 9 | 10 | # Create Custom Resource by OperandRequest 11 | 12 | Using OperandConfig can apply a default custom resource according to the alm-example in the CSV, which provides convenience to users using a template to customize their own custom resource. 13 | 14 | However, while it provides convenience, it also creates some limitations: 15 | 16 | - Users can't create multiple custom resources for the same CustomResourceDefinition. 17 | - Users can't create the custom resource in a different namespace from the operator. 18 | - Users have to update the OperandConfig to customize the custom resource. 19 | 20 | Thus, we implement creating Custom Resource by OperandRequest to decouple with alm-example and OperandConfig. Customized resources are completely generated by the configuration of OperandRequest. 21 | 22 | ## How to create Custom Resource by OperandRequest 23 | 24 | ```yaml 25 | apiVersion: operator.ibm.com/v1alpha1 26 | kind: OperandRequest 27 | metadata: 28 | name: db2-instance1 29 | namespace: my-service 30 | spec: 31 | requests: 32 | - registry: common-service 33 | registryNamespace: ibm-common-services 34 | operands: 35 | - name: ibm-db2-operator 36 | kind: db2 37 | apiVersion: operator.ibm.com/v1alpha1 38 | instanceName: db2-instance1 39 | spec: 40 | replicas: 3 41 | - name: ibm-db2-operator 42 | kind: db2 43 | apiVersion: operator.ibm.com/v1alpha1 44 | instanceName: db2-instance2 45 | spec: 46 | replicas: 3 47 | ``` 48 | 49 | The above `OperandRequest` will create two `db2` custom resources in the `my-service` namespace and the `db2` operator will be created in the namespace specified in the OperandRegistry `common-service` in the `ibm-common-service` namespace. 50 | 51 | The first custom resource is 52 | 53 | ```yaml 54 | apiVersion: operator.ibm.com/v1alpha1 55 | kind: db2 56 | metadata: 57 | name: db2-instance1 58 | namespace: my-service 59 | spec: 60 | replicas: 3 61 | ``` 62 | 63 | The second custom resource is 64 | 65 | ```yaml 66 | apiVersion: operator.ibm.com/v1alpha1 67 | kind: db2 68 | metadata: 69 | name: db2-instance2 70 | namespace: my-service 71 | spec: 72 | replicas: 3 73 | ``` 74 | -------------------------------------------------------------------------------- /docs/dev/development.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Development Guide](#development-guide) 6 | - [Prerequisite](#prerequisite) 7 | - [Developer quick start](#developer-quick-start) 8 | 9 | 10 | 11 | # Development Guide 12 | 13 | ## Prerequisite 14 | 15 | - git 16 | - go version v1.12+ 17 | - Linting Tools 18 | 19 | | linting tool | version | 20 | | ------------ | ------- | 21 | | [hadolint](https://github.com/hadolint/hadolint#install) | [v1.17.2](https://github.com/hadolint/hadolint/releases/tag/v1.17.2) | 22 | | [shellcheck](https://github.com/koalaman/shellcheck#installing) | [v0.7.0](https://github.com/koalaman/shellcheck/releases/tag/v0.7.0) | 23 | | [yamllint](https://github.com/adrienverge/yamllint#installation) | [v1.17.0](https://github.com/adrienverge/yamllint/releases/tag/v1.17.0) 24 | | [helm client](https://helm.sh/docs/using_helm/#install-helm) | [v2.10.0](https://github.com/helm/helm/releases/tag/v2.10.0) | 25 | | [golangci-lint](https://github.com/golangci/golangci-lint#install) | [v1.18.0](https://github.com/golangci/golangci-lint/releases/tag/v1.18.0) | 26 | | [autopep8](https://github.com/hhatto/autopep8#installation) | [v1.4.4](https://github.com/hhatto/autopep8/releases/tag/v1.4.4) | 27 | | [mdl](https://github.com/markdownlint/markdownlint#installation) | [v0.5.0](https://github.com/markdownlint/markdownlint/releases/tag/v0.5.0) | 28 | | [awesome_bot](https://github.com/dkhamsing/awesome_bot#installation) | [1.19.1](https://github.com/dkhamsing/awesome_bot/releases/tag/1.19.1) | 29 | | [sass-lint](https://github.com/sasstools/sass-lint#install) | [v1.13.1](https://github.com/sasstools/sass-lint/releases/tag/v1.13.1) | 30 | | [tslint](https://github.com/palantir/tslint#installation--usage) | [v5.18.0](https://github.com/palantir/tslint/releases/tag/5.18.0) 31 | | [prototool](https://github.com/uber/prototool/blob/dev/docs/install.md) | `7df3b95` | 32 | | [goimports](https://godoc.org/golang.org/x/tools/cmd/goimports) | `3792095` | 33 | 34 | ## Developer quick start 35 | 36 | - Run the `code-dev` to check your code and run the unit test. 37 | 38 | ```bash 39 | make code-dev 40 | ``` 41 | 42 | - Build and push the docker image for local development. 43 | 44 | ```bash 45 | export DEV_REGISTRY= 46 | make build-push-dev-image 47 | ``` 48 | 49 | > **Note:** You need to login the docker registry before running the command above. 50 | -------------------------------------------------------------------------------- /docs/dev/e2e.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Running E2E Tests](#running-e2e-tests) 6 | - [Reference](#reference) 7 | 8 | 9 | 10 | # Running E2E Tests 11 | 12 | 1. Ensure **operator-sdk** is installed and login to your OpenShift cluster as an admin user. 13 | 14 | 1. Run the test using `make e2e-test-kind` command locally. 15 | 16 | ```bash 17 | make e2e-test-kind 18 | ``` 19 | 20 | ## Reference 21 | 22 | - [Running tests](https://github.com/operator-framework/operator-sdk/blob/master/doc/test-framework/writing-e2e-tests.md#running-the-tests) 23 | - [Installing Operator-SDK](https://github.com/operator-framework/operator-sdk#quick-start) 24 | -------------------------------------------------------------------------------- /docs/images/before-update.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/before-update.png -------------------------------------------------------------------------------- /docs/images/create-operand-request.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/create-operand-request.png -------------------------------------------------------------------------------- /docs/images/create-project.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/create-project.png -------------------------------------------------------------------------------- /docs/images/etcd-channel-after.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/etcd-channel-after.png -------------------------------------------------------------------------------- /docs/images/etcd-channel-before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/etcd-channel-before.png -------------------------------------------------------------------------------- /docs/images/etcd-cluster-before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/etcd-cluster-before.png -------------------------------------------------------------------------------- /docs/images/etcd-cluster-example-after.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/etcd-cluster-example-after.png -------------------------------------------------------------------------------- /docs/images/etcd-cluster-example-before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/etcd-cluster-example-before.png -------------------------------------------------------------------------------- /docs/images/install-odlm-success.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/install-odlm-success.png -------------------------------------------------------------------------------- /docs/images/install-odlm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/install-odlm.png -------------------------------------------------------------------------------- /docs/images/odlm-all-instances.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/odlm-all-instances.png -------------------------------------------------------------------------------- /docs/images/odlm-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/odlm-arch.png -------------------------------------------------------------------------------- /docs/images/operand-request-create-done.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/operand-request-create-done.png -------------------------------------------------------------------------------- /docs/images/operand-request-detail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/operand-request-detail.png -------------------------------------------------------------------------------- /docs/images/operator-list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/operator-list.png -------------------------------------------------------------------------------- /docs/images/operator-source-list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/operator-source-list.png -------------------------------------------------------------------------------- /docs/images/search-install-odlm-preview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/search-install-odlm-preview.png -------------------------------------------------------------------------------- /docs/images/search-odlm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/IBM/operand-deployment-lifecycle-manager/d497be663c8c05fc2fc66cf541bf68b23412d784/docs/images/search-odlm.png -------------------------------------------------------------------------------- /docs/install/install-with-kind.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Install the operand deployment lifecycle manager on vanila Kubernetes](#install-the-operand-deployment-lifecycle-manager-on-vanila-kubernetes) 6 | - [1. Deploy a Kubernetes cluster](#1-deploy-a-kubernetes-cluster) 7 | - [2. Install OLM](#2-install-olm) 8 | - [3. Create CatalogSource](#3-create-catalogsource) 9 | - [4. Create Operator Namespace, OperatorGroup, Subscription](#4-create-operator-namespace-operatorgroup-subscription) 10 | - [5. Check Operator CSV](#5-check-operator-csv) 11 | - [6. Create OperandRegistry and OperandConfig instance](#6-create-operandregistry-and-operandconfig-instance) 12 | - [Create OperandConfig](#create-operandconfig) 13 | - [Create OperandRegistry](#create-operandregistry) 14 | - [7. Create OperandRequest instance](#7-create-operandrequest-instance) 15 | - [Create Operand Request](#create-operand-request) 16 | - [Enable or Delete an Operator](#enable-or-delete-an-operator) 17 | - [Post-installation](#post-installation) 18 | 19 | 20 | 21 | # Install the operand deployment lifecycle manager on vanila Kubernetes 22 | 23 | In this document, we will show you how to deploy and use the operand deployment lifecycle manager on the vanila Kubernetes. 24 | 25 | ## 1. Deploy a Kubernetes cluster 26 | 27 | In this document, we will deploy a Kubernetes cluster by [kind](https://github.com/kubernetes-sigs/kind), which is a tool for running local Kubernetes clusters using Docker container. 28 | 29 | If you have go (1.11+) and docker installed, you can run the following commnad to generate a Kubernetes cluster. 30 | 31 | ```bash 32 | GO111MODULE="on" go get sigs.k8s.io/kind@v0.10.0 && kind create cluster 33 | ``` 34 | 35 | For more information see the [kind](https://github.com/kubernetes-sigs/kind#installation-and-usage) 36 | 37 | ## 2. Install OLM 38 | 39 | Dowload and install operator lifecycle manager 40 | 41 | For example, install operator lifecycle manager at version 0.17.0. 42 | 43 | ```bash 44 | curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.17.0/install.sh | bash -s 0.17.0 45 | ``` 46 | 47 | ## 3. Create CatalogSource 48 | 49 | ```yaml 50 | kubectl apply -f - < 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Install the operand deployment lifecycle manager On OCP 3.11](#install-the-operand-deployment-lifecycle-manager-on-ocp-311) 6 | - [0. Install OLM](#0-install-olm) 7 | - [1. Build Operator Registry image](#1-build-operator-registry-image) 8 | - [2. Create CatalogSource](#2-create-catalogsource) 9 | - [3. Create Operator NS, Group, Subscription](#3-create-operator-ns-group-subscription) 10 | - [4. Check Operator CSV](#4-check-operator-csv) 11 | - [5. Create OperandRegistry and OperandConfig instance](#5-create-operandregistry-and-operandconfig-instance) 12 | - [Create OperandConfig](#create-operandconfig) 13 | - [Create OperandRegistry](#create-operandregistry) 14 | - [6. Create OperandRequest instance](#6-create-operandrequest-instance) 15 | - [Create Operand Request](#create-operand-request) 16 | - [Enable or Delete an Operator](#enable-or-delete-an-operator) 17 | - [Post-installation](#post-installation) 18 | 19 | 20 | 21 | # Install the operand deployment lifecycle manager On OCP 3.11 22 | 23 | We can't install latest version operand deployment lifecycle manager on OCP 3.11, because OCP 3.11 doesn't support v1 version cCustomResourceDefinition. So we use 3.6 version in this example. 24 | ## 0. Install OLM 25 | 26 | ```bash 27 | curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.13.0/install.sh | bash -s 0.13.0 28 | ``` 29 | 30 | ## 1. Build Operator Registry image 31 | 32 | > You need to remove the last `type: object` in all CRDs to avoid the following error: The CustomResourceDefinition "operandconfigs.operator.ibm.com" is invalid: spec.validation.openAPIV3Schema: Invalid value: apiextensions.JSONSchemaProps ..... must only have "properties", "required" or "description" at the root if the status subresource is enabled 33 | 34 | ```bash 35 | cd deploy 36 | docker build -t quay.io/opencloudio/operator-registry -f operator-registry.Dockerfile . 37 | docker push quay.io/opencloudio/operator-registry 38 | ``` 39 | 40 | ## 2. Create CatalogSource 41 | 42 | ```yaml 43 | apiVersion: operators.coreos.com/v1alpha1 44 | kind: CatalogSource 45 | metadata: 46 | name: opencloud-operators 47 | namespace: olm 48 | spec: 49 | displayName: IBMCS Operators 50 | publisher: IBM 51 | sourceType: grpc 52 | image: docker.io/ibmcom/ibm-common-service-catalog:3.6 53 | updateStrategy: 54 | registryPoll: 55 | interval: 45m 56 | ``` 57 | 58 | ## 3. Create Operator NS, Group, Subscription 59 | 60 | ```yaml 61 | apiVersion: v1 62 | kind: Namespace 63 | metadata: 64 | name: odlm 65 | 66 | --- 67 | apiVersion: operators.coreos.com/v1alpha2 68 | kind: OperatorGroup 69 | metadata: 70 | name: operatorgroup 71 | namespace: odlm 72 | spec: 73 | targetNamespaces: 74 | - odlm 75 | 76 | --- 77 | apiVersion: v1 78 | data: 79 | namespaces: odlm 80 | kind: ConfigMap 81 | metadata: 82 | name: namespace-scope 83 | namespace: odlm 84 | 85 | --- 86 | apiVersion: operators.coreos.com/v1alpha1 87 | kind: Subscription 88 | metadata: 89 | name: operand-deployment-lifecycle-manager 90 | namespace: odlm 91 | spec: 92 | channel: v3 93 | name: ibm-odlm 94 | source: opencloud-operators 95 | sourceNamespace: olm 96 | config: 97 | env: 98 | - name: INSTALL_SCOPE 99 | value: namespaced 100 | END 101 | ``` 102 | 103 | ## 4. Check Operator CSV 104 | 105 | ```bash 106 | oc -n ibm-common-services get csv 107 | ``` 108 | 109 | ## 5. Create OperandRegistry and OperandConfig instance 110 | 111 | ### Create OperandConfig 112 | 113 | ```yaml 114 | kubectl apply -f - < 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [Install the operand deployment lifecycle manager On OCP 4.3+](#install-the-operand-deployment-lifecycle-manager-on-ocp-43) 6 | - [1. Create CatalogSource](#1-create-catalogsource) 7 | - [2. Create Operator NS, Group, Subscription](#2-create-operator-ns-group-subscription) 8 | - [3. Check Operator CSV](#3-check-operator-csv) 9 | - [4. Create OperandRegistry and OperandConfig instance](#4-create-operandregistry-and-operandconfig-instance) 10 | - [Create OperandConfig](#create-operandconfig) 11 | - [Create OperandRegistry](#create-operandregistry) 12 | - [5. Create OperandRequest instance](#5-create-operandrequest-instance) 13 | - [Create Operand Request](#create-operand-request) 14 | - [Enable or Delete an Operator](#enable-or-delete-an-operator) 15 | - [Post-installation](#post-installation) 16 | 17 | 18 | 19 | # Install the operand deployment lifecycle manager On OCP 4.3+ 20 | 21 | ## 1. Create CatalogSource 22 | 23 | ```yaml 24 | apiVersion: operators.coreos.com/v1alpha1 25 | kind: CatalogSource 26 | metadata: 27 | name: opencloud-operators 28 | namespace: olm 29 | spec: 30 | displayName: IBMCS Operators 31 | publisher: IBM 32 | sourceType: grpc 33 | image: docker.io/ibmcom/ibm-common-service-catalog:latest 34 | updateStrategy: 35 | registryPoll: 36 | interval: 45m 37 | ``` 38 | 39 | ## 2. Create Operator NS, Group, Subscription 40 | 41 | ```yaml 42 | apiVersion: v1 43 | kind: Namespace 44 | metadata: 45 | name: odlm 46 | 47 | --- 48 | apiVersion: operators.coreos.com/v1alpha2 49 | kind: OperatorGroup 50 | metadata: 51 | name: operatorgroup 52 | namespace: odlm 53 | spec: 54 | targetNamespaces: 55 | - odlm 56 | 57 | --- 58 | apiVersion: v1 59 | data: 60 | namespaces: odlm 61 | kind: ConfigMap 62 | metadata: 63 | name: namespace-scope 64 | namespace: odlm 65 | 66 | --- 67 | apiVersion: operators.coreos.com/v1alpha1 68 | kind: Subscription 69 | metadata: 70 | name: operand-deployment-lifecycle-manager 71 | namespace: odlm 72 | spec: 73 | channel: v3.20 74 | name: ibm-odlm 75 | source: opencloud-operators 76 | sourceNamespace: olm 77 | config: 78 | env: 79 | - name: INSTALL_SCOPE 80 | value: namespaced 81 | END 82 | ``` 83 | 84 | ## 3. Check Operator CSV 85 | 86 | ```bash 87 | oc -n ibm-common-services get csv 88 | ``` 89 | 90 | ## 4. Create OperandRegistry and OperandConfig instance 91 | 92 | ### Create OperandConfig 93 | 94 | ```yaml 95 | kubectl apply -f - < 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [How to update OperandRegistry instance](#how-to-update-operandregistry-instance) 6 | - [OperandRegistry Overview](#operandregistry-overview) 7 | - [Example](#example) 8 | - [1. ODLM has been deployed and OperandConfig, OperandRegistry and OperandRequest instances have been created](#1-odlm-has-been-deployed-and-operandconfig-operandregistry-and-operandrequest-instances-have-been-created) 9 | - [2. Etcd operator and operands has been created](#2-etcd-operator-and-operands-has-been-created) 10 | - [3. Update OperandRegistry](#3-update-operandregistry) 11 | 12 | 13 | 14 | # How to update OperandRegistry instance 15 | 16 | OperandRegistry defines the OLM information, like channel and catalog source, for each operator. 17 | 18 | ## OperandRegistry Overview 19 | 20 | OperandRegistry defines the individual operator info. 21 | 22 | **NOTE:** When the ODLM operator is deployed, it generates a default OperandRegistry instance. You can edit the instance as required. 23 | 24 | Following is an example of the OperandRegistry CR: 25 | 26 | **NOTE:** The "name" parameter must be unique for each entry. 27 | 28 | ```yaml 29 | apiVersion: operator.ibm.com/v1alpha1 30 | kind: OperandRegistry 31 | metadata: 32 | name: common-service [1] 33 | namespace: ibm-common-services [2] 34 | spec: 35 | operators: 36 | - name: ibm-metering-operator [3] 37 | namespace: ibm-common-services [4] 38 | channel: alpha [5] 39 | packageName: ibm-metering-operator-app [6] 40 | sourceName: opencloud-operators [7] 41 | sourceNamespace: openshift-marketplace [8] 42 | description: The service used to meter workloads in a kubernetes cluster [9] 43 | ``` 44 | 45 | The Operand (Deployment) Registry Custom Resource (CR) lists OLM Operator information for operands that may be requested for installation and/or access by an application that runs in a namespace. The registry CR specifies: 46 | 47 | 1. Name of the OperandRegistry 48 | 2. Namespace of the OperandRegistry 49 | 3. **name** is the name of the operator, which should be the same as the services name in the OperandConfig and OperandRequest. 50 | 4. **namespace** is the namespace where the operator will be deployed. 51 | 5. **channel** is the name of OLM channel that is subscribed for the operator. 52 | 6. **packageName** is the name of the package in CatalogSource that is subscribed for the operator. 53 | 7. **sourceName** is the name of the CatalogSource. 54 | 8. **sourceNamespace** is the namespace of the CatalogSource. 55 | 9. **description** is used to add a detailed description of a service. 56 | 57 | **Note:** Only the channel can be updated for day2 operations. 58 | 59 | ## Example 60 | 61 | Taking etcd operator as an example 62 | 63 | ### 1. ODLM has been deployed and OperandConfig, OperandRegistry and OperandRequest instances have been created 64 | 65 | OperandConfig: 66 | 67 | ```yaml 68 | apiVersion: operator.ibm.com/v1alpha1 69 | kind: OperandConfig 70 | metadata: 71 | name: common-service 72 | namespace: ibm-common-services 73 | spec: 74 | services: 75 | - name: etcd 76 | spec: 77 | etcdCluster: 78 | size: 1 79 | ``` 80 | 81 | OperandRegistry: 82 | 83 | ```yaml 84 | apiVersion: operator.ibm.com/v1alpha1 85 | kind: OperandRegistry 86 | metadata: 87 | name: common-service 88 | namespace: ibm-common-services 89 | spec: 90 | operators: 91 | - channel: singlenamespace-alpha 92 | name: etcd 93 | namespace: etcd-operator 94 | packageName: etcd 95 | scope: private 96 | sourceName: community-operators 97 | sourceNamespace: openshift-marketplace 98 | ``` 99 | 100 | Set channel to `singlenamespace-alpha`. 101 | 102 | OperandRequest: 103 | 104 | ```yaml 105 | apiVersion: operator.ibm.com/v1alpha1 106 | kind: OperandRequest 107 | metadata: 108 | name: common-service 109 | namespace: ibm-common-services 110 | spec: 111 | requests: 112 | - operands: 113 | - name: etcd 114 | registry: common-service 115 | registryNamespace: ibm-common-services 116 | ``` 117 | 118 | ### 2. Etcd operator and operands has been created 119 | 120 | ![Etcd Operator and ODLM Operator](../images/before-update.png) 121 | 122 | ODLM and etcd operators are deployed. 123 | 124 | ![Etcd Custom Resource](../images/etcd-cluster-before.png) 125 | 126 | Etcd operator custom resource `etcdcluster/example` is created 127 | 128 | ![Etcd Channel](../images/etcd-channel-before.png) 129 | 130 | The Channel of etcd subscription is `singlenamespace-alpha`. 131 | 132 | ### 3. Update OperandRegistry 133 | 134 | OperandConfig: 135 | 136 | OperandRegistry: 137 | 138 | ```yaml 139 | apiVersion: operator.ibm.com/v1alpha1 140 | kind: OperandRegistry 141 | metadata: 142 | name: common-service 143 | namespace: ibm-common-services 144 | spec: 145 | operators: 146 | - channel: clusterwide-alpha 147 | name: etcd 148 | namespace: etcd-operator 149 | packageName: etcd 150 | scope: private 151 | sourceName: community-operators 152 | sourceNamespace: openshift-marketplace 153 | ``` 154 | 155 | Update etcd channel to `clusterwide-alpha`. 156 | 157 | ![Etcd Operands](../images/etcd-channel-after.png) 158 | 159 | Etcd subscription channel is updated to `clusterwide-alpha`. 160 | -------------------------------------------------------------------------------- /docs/user/how-to-use-operandBindInfo.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* 4 | 5 | - [How to use OperandBindInfo](#how-to-use-operandbindinfo) 6 | - [OperandBindInfo Overview](#operandbindinfo-overview) 7 | - [Example to use OperandBindInfo](#example-to-use-operandbindinfo) 8 | 9 | 10 | 11 | # How to use OperandBindInfo 12 | 13 | OperandBindInfo is used to share the secret and/or configmap of service to its requester. 14 | ODLM will copy the secret and/or configmap to the namespace of the OperandRequest CR. 15 | 16 | OperandBindInfo makes ODLM can support creating an operator service in one namespace and creating its dependency operator services in another namespace and get the required secret and/or configmap from that namespace. 17 | 18 | ## OperandBindInfo Overview 19 | 20 | [OperandBindInfo design](../design/operand-deployment-lifecycle-manager.md#operandbindinfo-spec) 21 | 22 | ## Example to use OperandBindInfo 23 | 24 | 1. Take an example operator `Bar` as an example. the operator `Bar` needs to get access to the service generated by operator `Foo`. Thus operator `Foo` needs to share the API token with operator `Bar`. 25 | 26 | operator `Bar` creates an `OperandRequest` to create operator `Foo` in another namespace . 27 | 28 | ```yaml 29 | apiVersion: operator.ibm.com/v1alpha1 30 | kind: OperandRequest 31 | metadata: 32 | name: bar 33 | namespace: bar-namespace 34 | spec: 35 | requests: 36 | - registry: foo 37 | registryNamespace: foo-namespace 38 | operands: 39 | - name: foo 40 | ``` 41 | 42 | 2. Operator `Foo` creates an `OperandBindInfo` in the `foo-namespace` namespace to share its secret with operator `Bar`. 43 | 44 | ```yaml 45 | apiVersion: operator.ibm.com/v1alpha1 46 | kind: OperandBindInfo 47 | metadata: 48 | name: foo 49 | namespace: foo-namespace 50 | spec: 51 | operand: foo 52 | registry: foo 53 | description: "Binding information that should be accessible to foo adopters" 54 | bindings: 55 | - scope: public 56 | secret: fooToken 57 | ``` 58 | 59 | When ODLM reconcile `OperandRequest`, it will find the `OperandBindInfo` in the namespace set in the corresponding `OperandRegistry` and add a `requestNamespace` list in the `OperandBindInfo` status. 60 | 61 | ```yaml 62 | apiVersion: operator.ibm.com/v1alpha1 63 | kind: OperandBindInfo 64 | metadata: 65 | name: foo 66 | namespace: foo-namespace 67 | spec: 68 | operand: foo 69 | registry: foo 70 | description: "Binding information that should be accessible to foo adopters" 71 | bindings: 72 | - scope: public 73 | secret: fooToken 74 | status: 75 | requestNamespaces: 76 | - bar-namespace <--- the namespace of OperandRequest 77 | ``` 78 | 79 | Then when ODLM reconciles `OperandBindInfo`, it will deliver public `secret` and/or `configmap` to the `bar-namespace` namespace. If the operator `Foo` is required by multi-operators, their namespaces will be appended into the requestNamespaces and the `secret` and/or `configmap` can be delivered to these namespaces. 80 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/IBM/operand-deployment-lifecycle-manager/v4 2 | 3 | go 1.23.0 4 | 5 | toolchain go1.23.4 6 | 7 | require ( 8 | github.com/IBM/controller-filtered-cache v0.3.5 9 | github.com/IBM/ibm-namespace-scope-operator v1.17.3 10 | github.com/deckarep/golang-set v1.7.1 11 | github.com/google/go-cmp v0.5.9 12 | github.com/jaegertracing/jaeger-operator v1.36.0 13 | github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 14 | github.com/onsi/ginkgo v1.16.5 15 | github.com/onsi/ginkgo/v2 v2.1.4 16 | github.com/onsi/gomega v1.19.0 17 | github.com/openshift/api v0.0.0-20220124143425-d74727069f6f 18 | github.com/operator-framework/api v0.17.1 19 | github.com/operator-framework/operator-lifecycle-manager v0.22.0 20 | github.com/pkg/errors v0.9.1 21 | github.com/stretchr/testify v1.9.0 22 | golang.org/x/mod v0.17.0 23 | k8s.io/api v0.24.3 24 | k8s.io/apimachinery v0.24.17 25 | k8s.io/client-go v0.24.3 26 | k8s.io/klog v1.0.0 27 | k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 28 | sigs.k8s.io/controller-runtime v0.12.3 29 | sigs.k8s.io/kubebuilder v1.0.9-0.20200805184228-f7a3b65dd250 30 | ) 31 | 32 | require ( 33 | cloud.google.com/go/compute v1.23.0 // indirect 34 | cloud.google.com/go/compute/metadata v0.2.3 // indirect 35 | github.com/PuerkitoBio/purell v1.1.1 // indirect 36 | github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect 37 | github.com/Shopify/logrus-bugsnag v0.0.0-20240507214313-004243a594f4 // indirect 38 | github.com/beorn7/perks v1.0.1 // indirect 39 | github.com/blang/semver v3.5.1+incompatible // indirect 40 | github.com/blang/semver/v4 v4.0.0 // indirect 41 | github.com/bshuster-repo/logrus-logstash-hook v1.1.0 // indirect 42 | github.com/cespare/xxhash/v2 v2.2.0 // indirect 43 | github.com/davecgh/go-spew v1.1.1 // indirect 44 | github.com/emicklei/go-restful/v3 v3.10.0 // indirect 45 | github.com/evanphx/json-patch v4.12.0+incompatible // indirect 46 | github.com/fsnotify/fsnotify v1.5.4 // indirect 47 | github.com/go-logr/logr v1.2.3 // indirect 48 | github.com/go-logr/zapr v1.2.0 // indirect 49 | github.com/go-openapi/jsonpointer v0.19.5 // indirect 50 | github.com/go-openapi/jsonreference v0.19.5 // indirect 51 | github.com/go-openapi/swag v0.19.14 // indirect 52 | github.com/gobuffalo/flect v0.2.3 // indirect 53 | github.com/gogo/protobuf v1.3.2 // indirect 54 | github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect 55 | github.com/golang/protobuf v1.5.3 // indirect 56 | github.com/google/gnostic v0.6.9 // indirect 57 | github.com/google/gofuzz v1.2.0 // indirect 58 | github.com/google/uuid v1.3.1 // indirect 59 | github.com/h2non/filetype v1.1.1 // indirect 60 | github.com/h2non/go-is-svg v0.0.0-20160927212452-35e8c4b0612c // indirect 61 | github.com/hashicorp/hcl v1.0.0 // indirect 62 | github.com/imdario/mergo v0.3.12 // indirect 63 | github.com/josharian/intern v1.0.0 // indirect 64 | github.com/json-iterator/go v1.1.12 // indirect 65 | github.com/magiconair/properties v1.8.6 // indirect 66 | github.com/mailru/easyjson v0.7.6 // indirect 67 | github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect 68 | github.com/mitchellh/mapstructure v1.5.0 // indirect 69 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect 70 | github.com/modern-go/reflect2 v1.0.2 // indirect 71 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect 72 | github.com/nxadm/tail v1.4.8 // indirect 73 | github.com/openshift/elasticsearch-operator v0.0.0-20220708171007-a87102296ded // indirect 74 | github.com/operator-framework/operator-registry v1.17.5 // indirect 75 | github.com/pelletier/go-toml v1.9.5 // indirect 76 | github.com/pelletier/go-toml/v2 v2.0.1 // indirect 77 | github.com/pmezard/go-difflib v1.0.0 // indirect 78 | github.com/prometheus/client_golang v1.12.2 // indirect 79 | github.com/prometheus/client_model v0.2.0 // indirect 80 | github.com/prometheus/common v0.32.1 // indirect 81 | github.com/prometheus/procfs v0.7.3 // indirect 82 | github.com/sirupsen/logrus v1.9.3 // indirect 83 | github.com/spf13/afero v1.8.2 // indirect 84 | github.com/spf13/cast v1.5.0 // indirect 85 | github.com/spf13/jwalterweatherman v1.1.0 // indirect 86 | github.com/spf13/pflag v1.0.5 // indirect 87 | github.com/spf13/viper v1.12.0 // indirect 88 | github.com/stretchr/objx v0.5.2 // indirect 89 | github.com/subosito/gotenv v1.3.0 // indirect 90 | go.uber.org/atomic v1.7.0 // indirect 91 | go.uber.org/multierr v1.6.0 // indirect 92 | go.uber.org/zap v1.19.1 // indirect 93 | golang.org/x/net v0.38.0 // indirect 94 | golang.org/x/oauth2 v0.11.0 // indirect 95 | golang.org/x/sys v0.31.0 // indirect 96 | golang.org/x/term v0.30.0 // indirect 97 | golang.org/x/text v0.23.0 // indirect 98 | golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect 99 | gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect 100 | google.golang.org/appengine v1.6.7 // indirect 101 | google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect 102 | google.golang.org/grpc v1.59.0 // indirect 103 | google.golang.org/protobuf v1.33.0 // indirect 104 | gopkg.in/inf.v0 v0.9.1 // indirect 105 | gopkg.in/ini.v1 v1.66.4 // indirect 106 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect 107 | gopkg.in/yaml.v2 v2.4.0 // indirect 108 | gopkg.in/yaml.v3 v3.0.1 // indirect 109 | k8s.io/apiextensions-apiserver v0.24.2 // indirect 110 | k8s.io/component-base v0.24.2 // indirect 111 | k8s.io/klog/v2 v2.60.1 // indirect 112 | k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 // indirect 113 | sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect 114 | sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect 115 | sigs.k8s.io/yaml v1.3.0 // indirect 116 | ) 117 | 118 | // fix vulnerability: CVE-2021-3121 in github.com/gogo/protobuf v1.2.1 119 | replace github.com/gogo/protobuf => github.com/gogo/protobuf v1.3.2 120 | -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // -------------------------------------------------------------------------------- /helm-cluster-scoped/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: ibm-odlm-cluster-scoped 3 | description: A Helm chart for ibm-odlm 4 | type: application 5 | version: 4.5.1 6 | appVersion: 4.5.1 -------------------------------------------------------------------------------- /helm-cluster-scoped/values.yaml: -------------------------------------------------------------------------------- 1 | # imagePullPrefix: icr.io 2 | # imagePullSecret: ibm-entitlement-key 3 | 4 | # Note there are no leading or trailing /'s 5 | cpfs: 6 | imageRegistryNamespaceOperator: cpopen 7 | imageRegistryNamespaceOperand: cpopen/cpfs 8 | 9 | # other configuration you think you might need for your operator 10 | # following are examples, not required: 11 | # operatorNamespace: "" 12 | # servicesNamespace: "" 13 | -------------------------------------------------------------------------------- /helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: ibm-odlm 3 | description: A Helm chart for ibm-odlm 4 | type: application 5 | version: 4.5.1 6 | appVersion: 4.5.1 -------------------------------------------------------------------------------- /helm/values.yaml: -------------------------------------------------------------------------------- 1 | # imagePullPrefix: icr.io 2 | # imagePullSecret: ibm-entitlement-key 3 | 4 | # The following global values could be overridden by top-level values 5 | global: 6 | tetheredNamespaces: [] 7 | operatorNamespace: operator-ns 8 | instanceNamespace: 9 | imagePullPrefix: icr.io 10 | 11 | # Note there are no leading or trailing /'s 12 | cpfs: 13 | imageRegistryNamespaceOperator: cpopen 14 | imageRegistryNamespaceOperand: cpopen/cpfs 15 | labels: 16 | 17 | # other configuration you think you might need for your operator 18 | # following are examples, not required: 19 | # operatorNamespace: "" 20 | # servicesNamespace: "" -------------------------------------------------------------------------------- /test/e2e/constants.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package e2e 18 | 19 | import ( 20 | "time" 21 | ) 22 | 23 | const ( 24 | // APIRetry defines the frequency at which we check for updates against the 25 | // k8s api when waiting for a specific condition to be true. 26 | APIRetry = time.Second * 5 27 | 28 | // APITimeout defines the amount of time we should spend querying the k8s api 29 | // when waiting for a specific condition to be true. 30 | APITimeout = time.Minute * 5 31 | 32 | // CleanupRetry is the interval at which test framework attempts cleanup 33 | CleanupRetry = time.Second * 10 34 | 35 | // CleanupTimeout is the wait time for test framework cleanup 36 | CleanupTimeout = time.Second * 180 37 | 38 | // WaitForTimeout is the wait time for cluster resource 39 | WaitForTimeout = time.Minute * 5 40 | 41 | // WaitForRetry is the the interval at checking cluster resource 42 | WaitForRetry = time.Second * 10 43 | 44 | // TestOperatorName specifies the name of the operator being tested 45 | TestOperatorName = "operand-deployment-lifecycle-manager" 46 | 47 | // OperandRequestCrName specifies the name of the custom resource of the OperandRequest 48 | OperandRequestCrName = "ibm-cloudpak-name" 49 | 50 | // OperandRegistryCrName specifies the name of the custom resource of the OperandRegistry 51 | OperandRegistryCrName = "common-service" 52 | 53 | // OperandConfigCrName specifies the name of the custom resource of the OperandConfig 54 | OperandConfigCrName = "common-service" 55 | 56 | // OperandBindInfoCrName specifies the name of the custom resource of the OperandBindInfo 57 | OperandBindInfoCrName = "mongodb-public-bindinfo" 58 | 59 | // OperandRequestNamespace1 specifies the namespace of the OperandRequest 60 | OperandRequestNamespace1 = "ibm-cloudpak-1" 61 | 62 | // OperandRequestNamespace2 specifies the namespace of the OperandRequest 63 | OperandRequestNamespace2 = "ibm-cloudpak-2" 64 | 65 | // OperandRegistryNamespace specifies the namespace of the OperandRegistry 66 | OperandRegistryNamespace = "ibm-common-services" 67 | 68 | // OperatorNamespace specifies the namespace of the generated operators 69 | OperatorNamespace = "ibm-operators" 70 | ) 71 | -------------------------------------------------------------------------------- /test/e2e/e2e_suite_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package e2e 18 | 19 | import ( 20 | "testing" 21 | 22 | . "github.com/onsi/ginkgo" 23 | . "github.com/onsi/gomega" 24 | ) 25 | 26 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 27 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 28 | 29 | func TestODLME2E(t *testing.T) { 30 | RegisterFailHandler(Fail) 31 | 32 | RunSpecs(t, 33 | "Operand Deployment Lifecycle Manager TestSuite") 34 | } 35 | 36 | var _ = BeforeSuite(func(done Done) { 37 | 38 | // Initialize the test suite 39 | initSuite() 40 | 41 | // End your controllers test logic 42 | By("Creating the Namespace for the first OperandRequest") 43 | createTestNamespace(OperandRequestNamespace1) 44 | By("Creating the Namespace for the second OperandRequest") 45 | createTestNamespace(OperandRequestNamespace2) 46 | By("Creating the Namespace for OperandRegistry") 47 | createTestNamespace(OperandRegistryNamespace) 48 | By("Creating the Namespace for Operators") 49 | createTestNamespace(OperatorNamespace) 50 | 51 | close(done) 52 | 53 | }, 600) 54 | 55 | var _ = AfterSuite(func() { 56 | 57 | By("Delete the Namespace for the first OperandRequest") 58 | deleteTestNamespace(OperandRequestNamespace1) 59 | By("Delete the Namespace for the second OperandRequest") 60 | deleteTestNamespace(OperandRequestNamespace2) 61 | By("Delete the Namespace for OperandRegistry") 62 | deleteTestNamespace(OperandRegistryNamespace) 63 | By("Delete the Namespace for Operators") 64 | deleteTestNamespace(OperatorNamespace) 65 | 66 | // Close the test suite 67 | tearDownSuite() 68 | }, 1200) 69 | -------------------------------------------------------------------------------- /test/e2e/utils_test.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package e2e 18 | 19 | import ( 20 | "strings" 21 | 22 | jaegerv1 "github.com/jaegertracing/jaeger-operator/apis/v1" 23 | . "github.com/onsi/ginkgo" 24 | . "github.com/onsi/gomega" 25 | olmv1 "github.com/operator-framework/api/pkg/operators/v1" 26 | olmv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1" 27 | "k8s.io/client-go/kubernetes" 28 | clientgoscheme "k8s.io/client-go/kubernetes/scheme" 29 | "k8s.io/client-go/rest" 30 | ctrl "sigs.k8s.io/controller-runtime" 31 | "sigs.k8s.io/controller-runtime/pkg/client" 32 | "sigs.k8s.io/controller-runtime/pkg/envtest" 33 | logf "sigs.k8s.io/controller-runtime/pkg/log" 34 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 35 | kbtestutils "sigs.k8s.io/kubebuilder/test/e2e/utils" 36 | 37 | apiv1alpha1 "github.com/IBM/operand-deployment-lifecycle-manager/v4/api/v1alpha1" 38 | ) 39 | 40 | var ( 41 | cfg *rest.Config 42 | k8sClient client.Client 43 | clientset *kubernetes.Clientset 44 | testEnv *envtest.Environment 45 | ) 46 | 47 | var log = logf.Log.WithName("e2e test") 48 | 49 | func initSuite() { 50 | logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) 51 | 52 | By("bootstrapping test environment") 53 | 54 | useCluster := true 55 | 56 | testEnv = &envtest.Environment{ 57 | UseExistingCluster: &useCluster, 58 | AttachControlPlaneOutput: false, 59 | } 60 | 61 | var err error 62 | cfg, err = testEnv.Start() 63 | Expect(err).ToNot(HaveOccurred()) 64 | Expect(cfg).ToNot(BeNil()) 65 | 66 | err = apiv1alpha1.AddToScheme(clientgoscheme.Scheme) 67 | Expect(err).NotTo(HaveOccurred()) 68 | 69 | err = olmv1alpha1.AddToScheme(clientgoscheme.Scheme) 70 | Expect(err).NotTo(HaveOccurred()) 71 | err = olmv1.AddToScheme(clientgoscheme.Scheme) 72 | Expect(err).NotTo(HaveOccurred()) 73 | err = jaegerv1.AddToScheme(clientgoscheme.Scheme) 74 | Expect(err).NotTo(HaveOccurred()) 75 | 76 | k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{ 77 | Scheme: clientgoscheme.Scheme, 78 | }) 79 | Expect(err).ToNot(HaveOccurred()) 80 | 81 | go func() { 82 | err = k8sManager.Start(ctrl.SetupSignalHandler()) 83 | Expect(err).ToNot(HaveOccurred()) 84 | }() 85 | 86 | k8sClient = k8sManager.GetClient() 87 | 88 | clientset = kubernetes.NewForConfigOrDie(cfg) 89 | } 90 | 91 | func tearDownSuite() { 92 | By("tearing down the test environment") 93 | err := testEnv.Stop() 94 | Expect(err).ToNot(HaveOccurred()) 95 | } 96 | 97 | // isRunningOnKind returns true when the tests are executed in a Kind Cluster 98 | func isRunningOnKind() bool { 99 | testContext, err := kbtestutils.NewTestContext("operand-deployment-lifecycle-mamanger", "GO111MODULE=on") 100 | Expect(err).NotTo(HaveOccurred()) 101 | Expect(testContext.Prepare()).To(Succeed()) 102 | kubectx, err := testContext.Kubectl.Command("config", "current-context") 103 | Expect(err).NotTo(HaveOccurred()) 104 | return strings.Contains(kubectx, "kind") 105 | } 106 | -------------------------------------------------------------------------------- /triggerfile: -------------------------------------------------------------------------------- 1 | 20240424-1440 2 | -------------------------------------------------------------------------------- /version/version.go: -------------------------------------------------------------------------------- 1 | // 2 | // Copyright 2022 IBM Corporation 3 | // 4 | // Licensed under the Apache License, Version 2.0 (the "License"); 5 | // you may not use this file except in compliance with the License. 6 | // You may obtain a copy of the License at 7 | // 8 | // http://www.apache.org/licenses/LICENSE-2.0 9 | // 10 | // Unless required by applicable law or agreed to in writing, software 11 | // distributed under the License is distributed on an "AS IS" BASIS, 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | // See the License for the specific language governing permissions and 14 | // limitations under the License. 15 | // 16 | 17 | package version 18 | 19 | var ( 20 | Version = "4.5.1" 21 | ) 22 | --------------------------------------------------------------------------------