Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: olm deployment helper #546

Open
wants to merge 34 commits into
base: main
Choose a base branch
from
Open

feat: olm deployment helper #546

wants to merge 34 commits into from

Conversation

razvan
Copy link
Member

@razvan razvan commented Jan 20, 2025
edited
Loading

Description

Part of: stackabletech/issues#666

This PR adds a new binary crate (olm-deployer) to the secret operator.
The binary is bundled in the resulting container image and is only used by the OLM.

How to test

Requirements:

  1. An OpenShift cluster.
  2. Checkout the branch secret-olm-deployer from the operators repo.
  3. Clone the stackable-utils repo

Install the secret operator using OLM and the olm-deployer. From the stackable-utils repo, run:

$ ./olm/build-bundles.sh -c $HOME/repo/stackable/openshift-certified-operators -r 24.11.0 -o secret -d

The secret op and all it's dependencies should be installed and running in the stackable-operators namespace.

Note

The ClusterSertviceVersion is now using the olm-deployer binary instead of the shell script

This is the relevant part of the clusterservicedefinition.yaml file:

containers:
  - name: secret-operator-deployer
    image: "docker.stackable.tech/stackable/secret-operator:0.0.0-pr546"
    command: ["/usr/bin/bash"]
    args:
      - "-c"
      - "/usr/local/bin/olm-deployer run --dir /manifests --namespace $NAMESPACE --csv secret-operator.v24.11.0 --keep-alive"

Integration tests

First checkout release-24.11 branch of the secret operator repo. This is needed because secret-olm-deployer branch deploys the 24.11.0 op version. The fact that 24.11.1 is now latest doesn't matter.

$ ./scripts/run-tests --skip-operator secret --test-suite openshift

@razvan razvan self-assigned this Jan 20, 2025
@razvan razvan mentioned this pull request Jan 22, 2025
Closed
@razvan razvan marked this pull request as ready for review February 5, 2025 11:09
@razvan razvan requested a review from a team February 5, 2025 11:10
@razvan razvan mentioned this pull request Feb 5, 2025
Open
NickLarsenNZ
NickLarsenNZ reviewed Feb 5, 2025
View reviewed changes
nginx-deployment.yaml Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this an accidental left-over?

NickLarsenNZ
NickLarsenNZ reviewed Feb 5, 2025
View reviewed changes
Copy link
Member

@NickLarsenNZ NickLarsenNZ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Partial review. Will try to give it a proper look tomorrow.

rust/olm-deployer/src/data.rs
Comment on lines +68 to +71
x @ serde_json::Value::Null => {
*x = serde_json::json!({});
x.as_object_mut().unwrap()
}
Copy link
Member

@NickLarsenNZ NickLarsenNZ Feb 5, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should use expect instead of unwrap, and then write the expectation as the fist argument.

Suggested change
x @ serde_json::Value::Null => {
*x = serde_json::json!({});
x.as_object_mut().unwrap()
}
x @ serde_json::Value::Null => {
*x = serde_json::json!({});
x.as_object_mut().expect("the empty object above is guaranteed to result in Some(serde_json::Map)")
}

@adwk67 adwk67 self-requested a review February 6, 2025 13:31
@adwk67
Copy link
Member

adwk67 commented Feb 6, 2025

🟢 Tested on Openshift:

--- PASS: kuttl (155.30s)
    --- PASS: kuttl/harness (0.00s)
        --- PASS: kuttl/harness/kerberos_krb5-1.21.1_openshift-true (27.30s)
        --- PASS: kuttl/harness/tls_openshift-true_rsa-key-length-2048 (67.93s)
        --- PASS: kuttl/harness/tls_openshift-true_rsa-key-length-3072 (34.65s)
        --- PASS: kuttl/harness/cert-manager-tls_openshift-true (93.66s)
        --- PASS: kuttl/harness/listener_openshift-true (44.16s)
PASS

adwk67
adwk67 reviewed Feb 6, 2025
View reviewed changes
rust/olm-deployer/README.md
Install the secret operator using OLM and the `olm-deployer`. From the `stackable-utils` repo, run:

```bash
$ ./olm/build-bundles.sh -c $HOME/repo/stackable/openshift-certified-operators -r 24.11.0 -o secret -d
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as we are now pushing to OCI, it is necessary to login first with:
docker login oci.stackable.tech and then supply username plus a CLI key obtained from User/Profile in the Harbor UI

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adwk67 adwk67 adwk67 left review comments

@NickLarsenNZ NickLarsenNZ NickLarsenNZ left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@razvan razvan

Labels
None yet
Projects
Stackable Engineering
Status: Development: Waiting for Review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@razvan @adwk67 @NickLarsenNZ