Skip to content

Commit

Permalink
Revert "DSC, DSCI: add validating webhook (opendatahub-io#711)"
Browse files Browse the repository at this point in the history 
This reverts commit 9992e2a.

Signed-off-by: Wen Zhou <[email protected]>
(cherry picked from commit 03b468b)
  • Loading branch information
@zdtsw @VaishnaviHire
zdtsw authored and VaishnaviHire committed Mar 11, 2024
1 parent b2dd99d commit 5288015
Show file tree
Hide file tree
Showing 24 changed files with 129 additions and 668 deletions.
4 changes: 3 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,9 @@ endef

.PHONY: manifests
manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
$(CONTROLLER_GEN) rbac:roleName=controller-manager-role crd:ignoreUnexportedFields=true webhook paths="./..." output:crd:artifacts:config=config/crd/bases
# TODO: enable below when we do webhook
# $(CONTROLLER_GEN) rbac:roleName=controller-manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
$(CONTROLLER_GEN) rbac:roleName=controller-manager-role crd:ignoreUnexportedFields=true paths="./..." output:crd:artifacts:config=config/crd/bases
$(call fetch-external-crds,github.com/openshift/api,route/v1)
$(call fetch-external-crds,github.com/openshift/api,user/v1)

Expand Down
6 changes: 0 additions & 6 deletions PROJECT
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,6 @@ resources:
kind: DSCInitialization
path: github.com/opendatahub-io/opendatahub-operator/v2/apis/dscinitialization/v1
version: v1
webhooks:
validation: true
webhookVersion: v1
- api:
crdVersion: v1
namespaced: false
Expand All @@ -33,7 +30,4 @@ resources:
kind: DataScienceCluster
path: github.com/opendatahub-io/opendatahub-operator/v2/apis/datasciencecluster/v1
version: v1
webhooks:
validation: true
webhookVersion: v1
version: "3"
36 changes: 18 additions & 18 deletions bundle/manifests/datasciencecluster.opendatahub.io_datascienceclusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,12 +62,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -105,12 +105,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -149,12 +149,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -207,12 +207,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -310,12 +310,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -354,12 +354,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -397,12 +397,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -440,12 +440,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down Expand Up @@ -483,12 +483,12 @@ spec:
description: 'sourcePath is the subpath within contextDir
where kustomize builds start. Examples include
any sub-folder or path: `base`, `overlays/dev`,
`default`, `odh` etc.'
`default`, `odh` etc'
type: string
uri:
default: ""
description: uri is the URI point to a git repo
with tag/branch. e.g. https://github.com/org/repo/tarball/<tag/branch>
with tag/branch. e.g https://github.com/org/repo/tarball/<tag/branch>
type: string
type: object
type: array
Expand Down
2 changes: 0 additions & 2 deletions bundle/manifests/dscinitialization.opendatahub.io_dscinitializations.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,6 @@ spec:
field.
properties:
customCABundle:
default: ""
description: A custom CA bundle that will be available for all components
in the Data Science Cluster(DSC). This bundle will be stored
in odh-trusted-ca-bundle ConfigMap .data.odh-ca-bundle.crt .
Expand All @@ -147,7 +146,6 @@ spec:
pattern: ^(Managed|Unmanaged|Force|Removed)$
type: string
required:
- customCABundle
- managementState
type: object
required:
Expand Down
24 changes: 0 additions & 24 deletions bundle/manifests/redhat-ods-operator-webhook-service_v1_service.yaml
View file

This file was deleted.

69 changes: 23 additions & 46 deletions bundle/manifests/rhods-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,15 +136,15 @@ metadata:
},
"kserve": {
"managementState": "Managed",
"serving": {
"ingressGateway": {
"certificate": {
"type": "SelfSigned"
}
},
"managementState": "Managed",
"name": "knative-serving"
}
"serving": {
"ingressGateway": {
"certificate": {
"type": "SelfSigned"
}
},
"managementState": "Managed",
"name": "knative-serving"
}
},
"kueue": {
"managementState": "Removed"
Expand All @@ -165,7 +165,7 @@ metadata:
operators.operatorframework.io/internal-objects: '[dscinitialization.opendatahub.io]'
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/red-hat-data-services/rhods-operator
name: rhods-operator.v2.8.0
name: rhods-operator.v2.4.0
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -1744,6 +1744,18 @@ spec:
- patch
- update
- watch
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
serviceAccountName: redhat-ods-operator-controller-manager
deployments:
- label:
Expand Down Expand Up @@ -1778,10 +1790,6 @@ spec:
initialDelaySeconds: 15
periodSeconds: 20
name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
Expand All @@ -1795,15 +1803,6 @@ spec:
requests:
cpu: 500m
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
securityContext:
runAsNonRoot: true
serviceAccountName: redhat-ods-operator-controller-manager
Expand Down Expand Up @@ -1862,33 +1861,11 @@ spec:
- training
- kserve
- distributed-workloads
- trustyai
links:
- name: Red Hat OpenShift AI
url: https://www.redhat.com/en/technologies/cloud-computing/openshift/openshift-ai
minKubeVersion: 1.22.0
provider:
name: Red Hat
version: 2.8.0
webhookdefinitions:
- admissionReviewVersions:
- v1
containerPort: 443
deploymentName: redhat-ods-operator-controller-manager
failurePolicy: Fail
generateName: operator.opendatahub.io
rules:
- apiGroups:
- datasciencecluster.opendatahub.io
- dscinitialization.opendatahub.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- datascienceclusters
- dscinitializations
sideEffects: None
targetPort: 9443
type: ValidatingAdmissionWebhook
webhookPath: /validate-opendatahub-io-v1
2 changes: 0 additions & 2 deletions config/crd/bases/dscinitialization.opendatahub.io_dscinitializations.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,6 @@ spec:
field.
properties:
customCABundle:
default: ""
description: A custom CA bundle that will be available for all components
in the Data Science Cluster(DSC). This bundle will be stored
in odh-trusted-ca-bundle ConfigMap .data.odh-ca-bundle.crt .
Expand All @@ -148,7 +147,6 @@ spec:
pattern: ^(Managed|Unmanaged|Force|Removed)$
type: string
required:
- customCABundle
- managementState
type: object
required:
Expand Down
5 changes: 1 addition & 4 deletions config/default/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ resources:
- ../manager
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
# crd/kustomization.yaml
- ../webhook
#- ../webhook
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
#- ../certmanager
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
Expand All @@ -37,7 +37,6 @@ resources:

# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
# crd/kustomization.yaml
# Moved below to patches
#- manager_webhook_patch.yaml

# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
Expand Down Expand Up @@ -77,5 +76,3 @@ resources:

patches:
- path: manager_auth_proxy_patch.yaml
# [WEBHOOK]
- path: manager_webhook_patch.yaml
23 changes: 0 additions & 23 deletions config/default/manager_webhook_patch.yaml
View file

This file was deleted.

6 changes: 0 additions & 6 deletions config/manifests/bases/rhods-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,12 +97,6 @@ spec:
e.g. it provides unified authentication giving a Single Sign On experience.
displayName: Service Mesh
path: serviceMesh
- description: When set to `Managed`, adds odh-trusted-ca-bundle Configmap to
all namespaces that includes cluster-wide Trusted CA Bundle in .data["ca-bundle.crt"].
Additionally, this fields allows admins to add custom CA bundles to the
configmap using the .CustomCABundle field.
displayName: Trusted CABundle
path: trustedCABundle
- description: Internal development useful field to test customizations. This
is not recommended to be used in production environment.
displayName: Dev Flags
Expand Down
Loading

0 comments on commit 5288015

Please sign in to comment.