Skip to content

Commit

Permalink
Add CRD Upgrade Safety Preflight check to the ClusterExtension contro…
Browse files Browse the repository at this point in the history
…ller

Signed-off-by: Rashmi Gottipati <[email protected]>
  • Loading branch information
rashmigottipati committed Jun 25, 2024
1 parent 2eca31d commit de72c86
Show file tree
Hide file tree
Showing 7 changed files with 440 additions and 9 deletions.
18 changes: 18 additions & 0 deletions api/v1alpha1/clusterextension_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,24 @@ type ClusterExtensionSpec struct {
// the bundle may contain resources that are cluster-scoped or that are
// installed in a different namespace. This namespace is expected to exist.
InstallNamespace string `json:"installNamespace"`

//+kubebuilder:Optional
// Preflight defines the configuration of preflight checks.
Preflight *PreflightConfig `json:"preflight,omitempty"`
}

// PreflightConfig holds the configuration for the preflight checks.
type PreflightConfig struct {
//+kubebuilder:Required
// CRDUpgradeSafety holds necessary configuration for the CRD Upgrade Safety preflight checks.
CRDUpgradeSafety *CRDUpgradeSafetyPreflightConfig `json:"crdUpgradeSafety,omitempty"`
}

// CRDUpgradeSafetyPreflightConfig is the configuration for CRD upgrade safety preflight check.
type CRDUpgradeSafetyPreflightConfig struct {
//+kubebuilder:Required
// Disabled represents the state of the CRD upgrade safety preflight check being disabled/enabled.
Disabled bool `json:"disabled,omitempty"`
}

const (
Expand Down
42 changes: 41 additions & 1 deletion api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 13 additions & 0 deletions cmd/manager/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ import (
"github.com/operator-framework/operator-controller/internal/version"
"github.com/operator-framework/operator-controller/pkg/features"
"github.com/operator-framework/operator-controller/pkg/scheme"
crdupgradesafety "github.com/operator-framework/rukpak/pkg/preflights/crdupgradesafety"
apiextensionsv1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
)

var (
Expand Down Expand Up @@ -215,6 +217,16 @@ func main() {
os.Exit(1)
}

aeClient, err := apiextensionsv1client.NewForConfig(mgr.GetConfig())
if err != nil {
setupLog.Error(err, "unable to create apiextensions client")
os.Exit(1)
}

preflights := []controllers.Preflight{
crdupgradesafety.NewPreflight(aeClient.CustomResourceDefinitions()),
}

if err = (&controllers.ClusterExtensionReconciler{
Client: cl,
BundleProvider: catalogClient,
Expand All @@ -225,6 +237,7 @@ func main() {
Handler: registryv1handler.HandlerFunc(registry.HandleBundleDeployment),
Finalizers: clusterExtensionFinalizers,
CaCertDir: caCertDir,
Preflights: preflights,
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "ClusterExtension")
os.Exit(1)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,19 @@ spec:
maxLength: 48
pattern: ^[a-z0-9]+(-[a-z0-9]+)*$
type: string
preflight:
description: Preflight defines the configuration of preflight checks.
properties:
crdUpgradeSafety:
description: CRDUpgradeSafety holds necessary configuration for
the CRD Upgrade Safety preflight checks.
properties:
disabled:
description: Disabled represents the state of the CRD upgrade
safety preflight check being disabled/enabled.
type: boolean
type: object
type: object
upgradeConstraintPolicy:
default: Enforce
description: Defines the policy for how to handle upgrade constraints
Expand Down
13 changes: 12 additions & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ require (
gopkg.in/yaml.v2 v2.4.0
helm.sh/helm/v3 v3.15.2
k8s.io/api v0.30.1
k8s.io/apiextensions-apiserver v0.30.1
k8s.io/apimachinery v0.30.1
k8s.io/client-go v0.30.1
k8s.io/component-base v0.30.1
Expand All @@ -29,6 +30,7 @@ require (
)

require (
carvel.dev/kapp v0.62.1-0.20240508153820-7d8a03ed7ccf // indirect
cloud.google.com/go/compute/metadata v0.3.0 // indirect
dario.cat/mergo v1.0.0 // indirect
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
Expand Down Expand Up @@ -86,6 +88,9 @@ require (
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
github.com/containers/ocicrypt v1.1.10 // indirect
github.com/containers/storage v1.54.0 // indirect
github.com/cppforlife/cobrautil v0.0.0-20221130162803-acdfead391ef // indirect
github.com/cppforlife/color v1.9.1-0.20200716202919-6706ac40b835 // indirect
github.com/cppforlife/go-cli-ui v0.0.0-20220425131040-94f26b16bc14 // indirect
github.com/cyphar/filepath-securejoin v0.2.5 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
Expand Down Expand Up @@ -138,6 +143,7 @@ require (
github.com/h2non/go-is-svg v0.0.0-20160927212452-35e8c4b0612c // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-version v1.6.0 // indirect
github.com/huandu/xstrings v1.4.0 // indirect
github.com/imdario/mergo v0.3.16 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
Expand All @@ -147,6 +153,8 @@ require (
github.com/joelanford/ignore v0.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/k14s/starlark-go v0.0.0-20200720175618-3a5c849cc368 // indirect
github.com/k14s/ytt v0.36.0 // indirect
github.com/kevinburke/ssh_config v1.2.0 // indirect
github.com/klauspost/compress v1.17.8 // indirect
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
Expand Down Expand Up @@ -177,6 +185,7 @@ require (
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/opencontainers/runtime-spec v1.2.0 // indirect
github.com/openshift/crd-schema-checker v0.0.0-20240404194209-35a9033b1d11 // indirect
github.com/operator-framework/operator-lib v0.14.0 // indirect
github.com/otiai10/copy v1.14.0 // indirect
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
Expand All @@ -200,6 +209,9 @@ require (
github.com/stretchr/objx v0.5.2 // indirect
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
github.com/vito/go-interact v1.0.1 // indirect
github.com/vmware-tanzu/carvel-kapp-controller v0.50.2 // indirect
github.com/vmware-tanzu/carvel-vendir v0.36.0 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
Expand Down Expand Up @@ -235,7 +247,6 @@ require (
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.30.1 // indirect
k8s.io/apiserver v0.30.1 // indirect
k8s.io/cli-runtime v0.30.0 // indirect
k8s.io/klog/v2 v2.120.1 // indirect
Expand Down
Loading

0 comments on commit de72c86

Please sign in to comment.