From 630c6099ae0cfdf05585b99e19936ff167cade15 Mon Sep 17 00:00:00 2001 From: Ramon Perez Date: Wed, 14 Feb 2024 16:15:45 +0100 Subject: [PATCH] Adapt testpmd-lb-operator to operator-sdk v1.33.0 (#53) * Adapt testpmd-lb-operator to operator-sdk v1.33.0 * Use old Makefile * Use new Makefile format * Update README * Fix version in makefile --- README.md | 39 ++++ testpmd-lb-operator/.gitignore | 17 +- testpmd-lb-operator/CHANGELOG.md | 6 +- testpmd-lb-operator/Dockerfile | 19 +- testpmd-lb-operator/Makefile | 188 ++++++++++++++---- testpmd-lb-operator/PROJECT | 18 +- .../config/crd/kustomization.yaml | 2 +- .../config/default/kustomization.yaml | 19 +- .../default/manager_auth_proxy_patch.yaml | 22 +- .../config/default/manager_config_patch.yaml | 10 + .../config/manager/kustomization.yaml | 6 - .../config/manager/manager.yaml | 100 ++++++---- ...pmd-lb-operator.clusterserviceversion.yaml | 2 - .../config/manifests/kustomization.yaml | 3 + .../config/prometheus/monitor.yaml | 12 +- .../rbac/auth_proxy_client_clusterrole.yaml | 13 +- .../config/rbac/auth_proxy_role.yaml | 19 +- .../config/rbac/auth_proxy_role_binding.yaml | 7 + .../config/rbac/auth_proxy_service.yaml | 7 + .../config/rbac/leader_election_role.yaml | 19 ++ .../rbac/leader_election_role_binding.yaml | 7 + .../config/rbac/loadbalancer_editor_role.yaml | 7 + .../config/rbac/loadbalancer_viewer_role.yaml | 7 + testpmd-lb-operator/config/rbac/role.yaml | 2 +- .../config/rbac/role_binding.yaml | 8 +- .../config/rbac/service_account.yaml | 7 + .../samples/examplecnf_v1_loadbalancer.yaml | 8 +- .../config/samples/kustomization.yaml | 4 +- .../config/scorecard/kustomization.yaml | 2 +- .../scorecard/patches/basic.config.yaml | 2 +- .../config/scorecard/patches/olm.config.yaml | 10 +- .../config/testing/debug_logs_patch.yaml | 4 +- testpmd-lb-operator/licenses/bsd.txt | 2 +- .../molecule/default/converge.yml | 2 +- .../molecule/default/destroy.yml | 2 +- .../molecule/default/kustomize.yml | 9 +- .../molecule/default/molecule.yml | 9 - .../molecule/default/prepare.yml | 2 +- .../default/tasks/loadbalancer_test.yml | 3 +- .../molecule/default/verify.yml | 2 +- testpmd-lb-operator/molecule/kind/destroy.yml | 2 +- .../molecule/kind/molecule.yml | 9 - testpmd-lb-operator/requirements.yml | 8 +- .../roles/loadbalancer/defaults/main.yml.in | 1 + .../roles/loadbalancer/files/.placeholder | 0 .../roles/loadbalancer/handlers/main.yml | 2 + .../roles/loadbalancer/meta/main.yml | 2 +- .../roles/loadbalancer/tasks/main.yml | 1 + .../roles/loadbalancer/templates/role.yml | 2 +- .../roles/loadbalancer/vars/main.yml | 2 + testpmd-lb-operator/watches.yaml | 2 +- 51 files changed, 489 insertions(+), 169 deletions(-) create mode 100644 testpmd-lb-operator/config/default/manager_config_patch.yaml create mode 100644 testpmd-lb-operator/roles/loadbalancer/files/.placeholder create mode 100644 testpmd-lb-operator/roles/loadbalancer/handlers/main.yml create mode 100644 testpmd-lb-operator/roles/loadbalancer/vars/main.yml diff --git a/README.md b/README.md index 2fa2c562..ba016e2c 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,45 @@ It is providing the following operators: You can use them from the [Example CNF Catalog](https://quay.io/repository/rh-nfv-int/nfv-example-cnf-catalog?tab=tags). +How operators are created +------------------------ + +The four operators defined in this repository are built with [Operator SDK tool](https://sdk.operatorframework.io/docs/building-operators/). + +We can differentiate between these two cases: + +**Ansible-based operators:** + +This is the case of testpmd-operator, trex-operator and testpmd-lb-operator. + +Base structure for each case is achieved with the following commands, then it's just a matter of accommodating the required code for each operator in the corresponding files and folders: + +- testpmd-operator + +TBD + +- trex-operator + +TBD + +- testpmd-lb-operator + +``` +$ mkdir testpmd-lb-operator; cd testpmd-lb-operator +$ operator-sdk init --domain openshift.io --plugins ansible +$ operator-sdk create api --version v1 --generate-role --group examplecnf --kind LoadBalancer +``` + +**Go-based operators:** + +This is the case of cnf-app-mac-operator. + +Base structure for this case is achieved with the following commands, then it's just a matter of accommodating the required code for the operator in the corresponding files and folders: + +- cnf-app-mac-operator + +TBD + Ansible based automation ------------------------ diff --git a/testpmd-lb-operator/.gitignore b/testpmd-lb-operator/.gitignore index 0e6d226d..b15030e5 100644 --- a/testpmd-lb-operator/.gitignore +++ b/testpmd-lb-operator/.gitignore @@ -1,5 +1,20 @@ -_cache + +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib bin + +# editor and IDE paraphernalia +.idea +*.swp +*.swo +*~ + +# custom +_cache *.patch *sync.sh build.sh diff --git a/testpmd-lb-operator/CHANGELOG.md b/testpmd-lb-operator/CHANGELOG.md index 9d4913c4..407919f0 100644 --- a/testpmd-lb-operator/CHANGELOG.md +++ b/testpmd-lb-operator/CHANGELOG.md @@ -4,7 +4,11 @@ All notable changes to this project will be documented in this file. ## [Unreleased] - -## [0.2.13] - 2023-01-12 +## [0.2.14] - 2024-02-07 + +- Changed skeleton, based on operator-sdk v1.33.0 + +## [0.2.13] - 2024-01-12 - Lifecycle webserver included in container images consumed from testpmd-container-app to cover CNF Certification requirements for liveness, readiness and startup probes diff --git a/testpmd-lb-operator/Dockerfile b/testpmd-lb-operator/Dockerfile index 0c2b3910..02549da8 100644 --- a/testpmd-lb-operator/Dockerfile +++ b/testpmd-lb-operator/Dockerfile @@ -1,22 +1,17 @@ -FROM quay.io/operator-framework/ansible-operator:v1.10.0 +FROM quay.io/operator-framework/ansible-operator:v1.33.0 -MAINTAINER skramaja@redhat.com +MAINTAINER telcoci@redhat.com LABEL name="NFV Example CNF LB Operator" \ - maintainer="skramaja@redhat.com" \ + maintainer="telcoci@redhat.com" \ vendor="fredco" \ - version="v0.2.3" \ - release="v0.2.3" \ - summary="An example CNF for platform valiation" \ - description="An example CNF for platform valiation" + version="v0.2.14" \ + release="v0.2.14" \ + summary="An example CNF for platform validation" \ + description="An example CNF for platform validation" COPY licenses /licenses -USER root -RUN yum -y update-minimal --setopt=tsflags=nodocs \ - --security --sec-severity=Important --sec-severity=Critical -USER ansible - COPY requirements.yml ${HOME}/requirements.yml RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible diff --git a/testpmd-lb-operator/Makefile b/testpmd-lb-operator/Makefile index d9cca2be..c265aaff 100644 --- a/testpmd-lb-operator/Makefile +++ b/testpmd-lb-operator/Makefile @@ -1,8 +1,18 @@ +# VERSION defines the project version for the bundle. +# Update this value when you upgrade the version of your project. +# To re-generate a bundle for another specific version without changing the standard setup, you can: +# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) +# - use environment variables to overwrite this value (e.g export VERSION=0.0.2) +VERSION := 0.2.14 + +# Set the Operator SDK version to use. By default, what is installed on the system is used. +# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit. +OPERATOR_SDK_VER ?= 1.33.0 + +# Other custom variables SHELL := /bin/bash DATE ?= $(shell date --utc +%Y%m%d%H%M) SHA ?= $(shell git rev-parse --short HEAD) -# Current Operator version -VERSION := 0.2.13 TAG := $(VERSION)-$(DATE).$(SHA) REGISTRY ?= quay.io ORG ?= rh-nfv-int @@ -10,66 +20,109 @@ DEFAULT_CHANNEL ?= alpha CONTAINER_CLI ?= podman CLUSTER_CLI ?= oc OPERATOR_NAME := testpmd-lb-operator -OPERATOR_SDK_VER ?= 1.33.0 KUSTOMIZE_VER := 5.0.1 +OPM_VER := 1.23.0 TESTPMD_VER ?= v$(shell bash -c '. ../versions.cfg; echo "$${VERSIONS[testpmd-container-app]}"') -# Default bundle image tag -BUNDLE_IMG ?= $(REGISTRY)/$(ORG)/$(OPERATOR_NAME)-bundle:v$(TAG) -REL_BUNDLE_IMG ?= $(REGISTRY)/$(ORG)/$(OPERATOR_NAME)-bundle:v$(VERSION) -# Options for 'bundle-build' +# CHANNELS define the bundle channels used in the bundle. +# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") +# To re-generate a bundle for other specific channels without changing the standard setup, you can: +# - use the CHANNELS as arg of the bundle target (e.g make bundle CHANNELS=candidate,fast,stable) +# - use environment variables to overwrite this value (e.g export CHANNELS="candidate,fast,stable") ifneq ($(origin CHANNELS), undefined) BUNDLE_CHANNELS := --channels=$(CHANNELS) endif + +# DEFAULT_CHANNEL defines the default channel used in the bundle. +# Add a new line here if you would like to change its default config. (E.g DEFAULT_CHANNEL = "stable") +# To re-generate a bundle for any other default channel without changing the default setup, you can: +# - use the DEFAULT_CHANNEL as arg of the bundle target (e.g make bundle DEFAULT_CHANNEL=stable) +# - use environment variables to overwrite this value (e.g export DEFAULT_CHANNEL="stable") ifneq ($(origin DEFAULT_CHANNEL), undefined) BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL) endif BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) +# IMAGE_TAG_BASE defines the docker.io namespace and part of the image name for remote images. +# This variable is used to construct full image tags for bundle and catalog images. +IMAGE_TAG_BASE ?= $(REGISTRY)/$(ORG)/$(OPERATOR_NAME) + +# BUNDLE_IMG defines the image:tag used for the bundle. +# You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) +BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(TAG) +REL_BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION) + +# BUNDLE_GEN_FLAGS are the flags passed to the operator-sdk generate bundle command +BUNDLE_GEN_FLAGS ?= -q --overwrite --version $(TAG) $(BUNDLE_METADATA_OPTS) + +# USE_IMAGE_DIGESTS defines if images are resolved via tags or digests +# You can enable this value if you would like to use SHA Based Digests +# To enable set flag to true +USE_IMAGE_DIGESTS ?= false +ifeq ($(USE_IMAGE_DIGESTS), true) + BUNDLE_GEN_FLAGS += --use-image-digests +endif + # Image URL to use all building/pushing image targets -IMG ?= $(REGISTRY)/$(ORG)/$(OPERATOR_NAME):v$(TAG) -REL_IMG ?= $(REGISTRY)/$(ORG)/$(OPERATOR_NAME):v$(VERSION) +IMG ?= $(IMAGE_TAG_BASE):v$(TAG) +REL_IMG ?= $(IMAGE_TAG_BASE):v$(VERSION) +# Our general, custom tasks + +.PHONY: all all: operator-all bundle-all +.PHONY: build-all build-all: operator-build bundle-build +.PHONY: push-all push-all: operator-push bundle-push # Operator build and push +.PHONY: operator-all operator-all: operator-build operator-push # Bundle build and push +.PHONY: bundle-all bundle-all: bundle-build bundle-push -# Run against the configured Kubernetes cluster in ~/.kube/config -run: ansible-operator +.PHONY: run +ANSIBLE_ROLES_PATH?="$(shell pwd)/roles" +run: ansible-operator ## Run against the configured Kubernetes cluster in ~/.kube/config $(ANSIBLE_OPERATOR) run -# Install CRDs into a cluster +# Install CRDs into the K8s cluster specified in ~/.kube/config. +.PHONY: install install: kustomize $(KUSTOMIZE) build config/crd | ${CLUSTER_CLI} apply -f - -# Uninstall CRDs from a cluster +# Uninstall CRDs from the K8s cluster specified in ~/.kube/config. +.PHONY: uninstall uninstall: kustomize $(KUSTOMIZE) build config/crd | ${CLUSTER_CLI} delete -f - -# Deploy controller in the configured Kubernetes cluster in ~/.kube/config +# Deploy controller to the K8s cluster specified in ~/.kube/config. +.PHONY: deploy deploy: kustomize cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} $(KUSTOMIZE) build config/default | ${CLUSTER_CLI} apply -f - -# Undeploy controller in the configured Kubernetes cluster in ~/.kube/config -undeploy: kustomize +# Undeploy controller from the K8s cluster specified in ~/.kube/config. +.PHONY: undeploy +undeploy: $(KUSTOMIZE) build config/default | ${CLUSTER_CLI} delete -f - +# Custom tasks for our operator build and push + # Ensure proper digests for testpmd-container-app-listener and testpmd-container-app-testpmd +.PHONY: ensure_digests ensure_digests: cp roles/loadbalancer/defaults/main.yml.in roles/loadbalancer/defaults/main.yml DIGEST=$$(skopeo inspect docker://quay.io/rh-nfv-int/testpmd-container-app-testpmd:$(TESTPMD_VER)|jq -r .Digest) && [ -n "$${DIGEST}" ] && sed -i -e "s/testpmd-container-app-testpmd@.*/testpmd-container-app-testpmd@$${DIGEST}\" # $(TESTPMD_VER)/" roles/loadbalancer/defaults/main.yml DIGEST=$$(skopeo inspect docker://quay.io/rh-nfv-int/testpmd-container-app-listener:$(TESTPMD_VER)|jq -r .Digest) && [ -n "$${DIGEST}" ] && sed -i -e "s/testpmd-container-app-listener@.*/testpmd-container-app-listener@$${DIGEST}\" # $(TESTPMD_VER)/" roles/loadbalancer/defaults/main.yml # Build the operator image +.PHONY: operator-build operator-build: ensure_digests if [ -n "$(RELEASE)" ]; then \ BUILDAH_FORMAT=docker ${CONTAINER_CLI} build . -t ${IMG} -t $(REL_IMG) ;\ @@ -78,64 +131,75 @@ operator-build: ensure_digests fi # Push the operator image +.PHONY: operator-push operator-push: ${CONTAINER_CLI} push ${IMG} if [ -n "$(RELEASE)" ]; then \ ${CONTAINER_CLI} push ${REL_IMG} ;\ fi -PATH := $(PATH):$(PWD)/bin -OS = $(shell uname -s | tr '[:upper:]' '[:lower:]') -ARCH = $(shell uname -m | sed 's/x86_64/amd64/') -OSOPER = $(shell uname -s | tr '[:upper:]' '[:lower:]' | sed 's/darwin/apple-darwin/' | sed 's/linux/linux-gnu/') -ARCHOPER = $(shell uname -m ) +OS := $(shell uname -s | tr '[:upper:]' '[:lower:]') +ARCH := $(shell uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/') # Download kustomize locally if necessary in $(pwd)/bin .PHONY: kustomize KUSTOMIZE = $(shell pwd)/bin/kustomize kustomize: ifeq (,$(wildcard $(KUSTOMIZE))) +ifeq (,$(shell which kustomize 2>/dev/null)) @{ \ - set -ex ;\ + set -e ;\ mkdir -p $(dir $(KUSTOMIZE)) ;\ curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v$(KUSTOMIZE_VER)/kustomize_v$(KUSTOMIZE_VER)_$(OS)_$(ARCH).tar.gz | \ tar xzf - -C bin/ ;\ } -endif - -# Installs operator-sdk if is not available in $(pwd)/bin -.PHONY: operator-sdk -OPERATOR_SDK = $(shell pwd)/bin/operator-sdk -operator-sdk: -ifeq (,$(wildcard $(OPERATOR_SDK))) - @{ \ - set -ex ;\ - mkdir -p $(dir $(OPERATOR_SDK)) ;\ - curl -sLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/v$(OPERATOR_SDK_VER)/operator-sdk_$(OS)_$(ARCH) ; \ - chmod u+x $(OPERATOR_SDK) ; \ - } else +KUSTOMIZE = $(shell which kustomize) +endif endif -# Download ansible-operator locally if necessary in $(pwd)/bin +# Download ansible-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. .PHONY: ansible-operator ANSIBLE_OPERATOR = $(shell pwd)/bin/ansible-operator ansible-operator: ifeq (,$(wildcard $(ANSIBLE_OPERATOR))) +ifeq (,$(shell which ansible-operator 2>/dev/null)) @{ \ - set -ex ;\ + set -e ;\ mkdir -p $(dir $(ANSIBLE_OPERATOR)) ;\ - curl -sSLo $(ANSIBLE_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v$(OPERATOR_SDK_VER)/ansible-operator_$(OS)_$(ARCH) ;\ + curl -sSLo $(ANSIBLE_OPERATOR) https://github.com/operator-framework/ansible-operator-plugins/releases/download/$(OPERATOR_SDK_VER)/ansible-operator_$(OS)_$(ARCH) ;\ chmod +x $(ANSIBLE_OPERATOR) ;\ } +else +ANSIBLE_OPERATOR = $(shell which ansible-operator) +endif +endif + +# Download operator-sdk locally if necessary. +.PHONY: operator-sdk +OPERATOR_SDK = $(shell pwd)/bin/operator-sdk +operator-sdk: +ifeq (,$(wildcard $(OPERATOR_SDK))) +ifeq (, $(shell which operator-sdk 2>/dev/null)) + @{ \ + set -e ;\ + mkdir -p $(dir $(OPERATOR_SDK)) ;\ + curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/v$(OPERATOR_SDK_VER)/operator-sdk_$(OS)_$(ARCH) ; \ + chmod +x $(OPERATOR_SDK) ; \ + } +else +OPERATOR_SDK = $(shell which operator-sdk) +endif endif +# Custom bundle-related tasks + # Generate bundle manifests and metadata, then validate generated files. .PHONY: bundle bundle: kustomize operator-sdk $(OPERATOR_SDK) generate kustomize manifests -q cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) - $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle -q --overwrite --version $(TAG) $(BUNDLE_METADATA_OPTS) + $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) DIGEST=$$(skopeo inspect docker://$(IMG) | jq -r '.Digest') && sed -i -e 's/\(\s*image: .*\):v'$(TAG)'/\1@'$${DIGEST}'/' bundle/manifests/$(OPERATOR_NAME).clusterserviceversion.yaml sed -i -e '/^# Copy.*/i LABEL com.redhat.openshift.versions="v4.6"\nLABEL com.redhat.delivery.backport=false\nLABEL com.redhat.delivery.operator.bundle=true' bundle.Dockerfile cp relatedImages.yaml.in relatedImages.yaml @@ -156,6 +220,7 @@ bundle-build: bundle fi # Tag local bundle image with our registry BUNDLE_IMG +.PHONY: bundle-tag bundle-tag: ${CONTAINER_CLI} tag bundle $(BUNDLE_IMG) if [ -n "$(RELEASE)" ]; then \ @@ -163,6 +228,7 @@ bundle-tag: fi # Push the BUNDLE_IMG +.PHONY: bundle-push bundle-push: bundle-tag ${CONTAINER_CLI} push $(BUNDLE_IMG) if [ -n "$(RELEASE)" ]; then \ @@ -172,3 +238,47 @@ bundle-push: bundle-tag .PHONY: version # Display the version version: @echo $(VERSION) + + +# OPM task + +# Download opm locally if necessary. +.PHONY: opm +OPM = ./bin/opm +opm: +ifeq (,$(wildcard $(OPM))) +ifeq (,$(shell which opm 2>/dev/null)) + @{ \ + set -e ;\ + mkdir -p $(dir $(OPM)) ;\ + curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v$(OPM_VER)/$(OS)-$(ARCH)-opm ;\ + chmod +x $(OPM) ;\ + } +else +OPM = $(shell which opm) +endif +endif + +# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v0.2.0). +# These images MUST exist in a registry and be pull-able. +BUNDLE_IMGS ?= $(BUNDLE_IMG) + +# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v0.2.0). +CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:v$(VERSION) + +# Set CATALOG_BASE_IMG to an existing catalog image tag to add $BUNDLE_IMGS to that image. +ifneq ($(origin CATALOG_BASE_IMG), undefined) +FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG) +endif + +# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'. +# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see: +# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator +.PHONY: catalog-build +catalog-build: opm + $(OPM) index add --container-tool ${CONTAINER_CLI} --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT) + +# Push the catalog image. +.PHONY: catalog-push +catalog-push: ## Push a catalog image. + $(MAKE) ${CONTAINER_CLI} push IMG=$(CATALOG_IMG) diff --git a/testpmd-lb-operator/PROJECT b/testpmd-lb-operator/PROJECT index 653e4791..e9ab5436 100644 --- a/testpmd-lb-operator/PROJECT +++ b/testpmd-lb-operator/PROJECT @@ -1,14 +1,20 @@ +# Code generated by tool. DO NOT EDIT. +# This file is used to track the info used to scaffold your project +# and allow the plugins properly work. +# More info: https://book.kubebuilder.io/reference/project-config.html domain: openshift.io -layout: ansible.sdk.operatorframework.io/v1 +layout: +- ansible.sdk.operatorframework.io/v1 +plugins: + manifests.sdk.operatorframework.io/v2: {} + scorecard.sdk.operatorframework.io/v2: {} projectName: testpmd-lb-operator resources: -- - controller: true +- api: + crdVersion: v1 + namespaced: true domain: openshift.io group: examplecnf kind: LoadBalancer version: v1 version: "3" -plugins: - manifests.sdk.operatorframework.io/v2: {} - scorecard.sdk.operatorframework.io/v2: {} diff --git a/testpmd-lb-operator/config/crd/kustomization.yaml b/testpmd-lb-operator/config/crd/kustomization.yaml index 6e7ab423..136b5232 100644 --- a/testpmd-lb-operator/config/crd/kustomization.yaml +++ b/testpmd-lb-operator/config/crd/kustomization.yaml @@ -3,4 +3,4 @@ # It should be run by config/default resources: - bases/examplecnf.openshift.io_loadbalancers.yaml -# +kubebuilder:scaffold:crdkustomizeresource +#+kubebuilder:scaffold:crdkustomizeresource diff --git a/testpmd-lb-operator/config/default/kustomization.yaml b/testpmd-lb-operator/config/default/kustomization.yaml index 8477a386..acc36d7e 100644 --- a/testpmd-lb-operator/config/default/kustomization.yaml +++ b/testpmd-lb-operator/config/default/kustomization.yaml @@ -9,19 +9,22 @@ namespace: testpmd-lb-operator-system namePrefix: testpmd-lb-operator- # Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue -bases: +resources: - ../crd - ../rbac - ../manager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus -# TODO(skramaja): Enable it -#patchesStrategicMerge: - # Protect the /metrics endpoint by putting it behind auth. - # If you want your controller-manager to expose the /metrics - # endpoint w/o any authn/z, please comment the following line. +patchesStrategicMerge: +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. #- manager_auth_proxy_patch.yaml + + diff --git a/testpmd-lb-operator/config/default/manager_auth_proxy_patch.yaml b/testpmd-lb-operator/config/default/manager_auth_proxy_patch.yaml index cb79ef3e..22d543e3 100644 --- a/testpmd-lb-operator/config/default/manager_auth_proxy_patch.yaml +++ b/testpmd-lb-operator/config/default/manager_auth_proxy_patch.yaml @@ -10,17 +10,31 @@ spec: spec: containers: - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1 args: - "--secure-listen-address=0.0.0.0:8443" - "--upstream=http://127.0.0.1:8080/" - "--logtostderr=true" - - "--v=10" + - "--v=0" ports: - containerPort: 8443 + protocol: TCP name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi - name: manager args: - - "--metrics-addr=127.0.0.1:8080" - - "--enable-leader-election" + - "--health-probe-bind-address=:6789" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" - "--leader-election-id=testpmd-lb-operator" diff --git a/testpmd-lb-operator/config/default/manager_config_patch.yaml b/testpmd-lb-operator/config/default/manager_config_patch.yaml new file mode 100644 index 00000000..f6f58916 --- /dev/null +++ b/testpmd-lb-operator/config/default/manager_config_patch.yaml @@ -0,0 +1,10 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager diff --git a/testpmd-lb-operator/config/manager/kustomization.yaml b/testpmd-lb-operator/config/manager/kustomization.yaml index 23b8aaba..5c5f0b84 100644 --- a/testpmd-lb-operator/config/manager/kustomization.yaml +++ b/testpmd-lb-operator/config/manager/kustomization.yaml @@ -1,8 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: quay.io/rh-nfv-int/testpmd-lb-operator - newTag: v0.2.9.202306011258.121b3f06 diff --git a/testpmd-lb-operator/config/manager/manager.yaml b/testpmd-lb-operator/config/manager/manager.yaml index ce3abe0a..08ac7b3c 100644 --- a/testpmd-lb-operator/config/manager/manager.yaml +++ b/testpmd-lb-operator/config/manager/manager.yaml @@ -3,6 +3,12 @@ kind: Namespace metadata: labels: control-plane: controller-manager + app.kubernetes.io/name: namespace + app.kubernetes.io/instance: system + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: system --- apiVersion: apps/v1 @@ -12,6 +18,12 @@ metadata: namespace: system labels: control-plane: controller-manager + app.kubernetes.io/name: deployment + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize spec: selector: matchLabels: @@ -19,45 +31,61 @@ spec: replicas: 1 template: metadata: + annotations: + kubectl.kubernetes.io/default-container: manager labels: control-plane: controller-manager spec: + securityContext: + runAsNonRoot: true containers: - - name: manager - args: - - "--enable-leader-election" - - "--leader-election-id=testpmd-lb-operator" - env: - - name: ANSIBLE_GATHERING - value: explicit - image: controller:latest - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "echo Hello from the postStart handler"] - preStop: - exec: - command: ["/bin/sh", "-c", "echo Hello from the preStop handler"] - livenessProbe: - httpGet: - path: /healthz - port: 6789 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 6789 - initialDelaySeconds: 5 - periodSeconds: 10 - # operator-sdk is not implementing startup probe up to now, using liveness probe endpoint - # while this feature is developed - startupProbe: - httpGet: - path: /healthz - port: 6789 - initialDelaySeconds: 5 - periodSeconds: 10 - terminationMessagePolicy: FallbackToLogsOnError + - args: + - --leader-elect + - --leader-election-id=testpmd-lb-operator + image: controller:latest + name: manager + env: + - name: ANSIBLE_GATHERING + value: explicit + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "echo Hello from the postStart handler"] + preStop: + exec: + command: ["/bin/sh", "-c", "echo Hello from the preStop handler"] + livenessProbe: + httpGet: + path: /healthz + port: 6789 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 6789 + initialDelaySeconds: 5 + periodSeconds: 10 + # operator-sdk is not implementing startup probe up to now, using liveness probe endpoint + # while this feature is developed + startupProbe: + httpGet: + path: /healthz + port: 6789 + initialDelaySeconds: 5 + periodSeconds: 10 + terminationMessagePolicy: FallbackToLogsOnError + resources: + limits: + cpu: 500m + memory: 768Mi + requests: + cpu: 10m + memory: 256Mi serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/testpmd-lb-operator/config/manifests/bases/testpmd-lb-operator.clusterserviceversion.yaml b/testpmd-lb-operator/config/manifests/bases/testpmd-lb-operator.clusterserviceversion.yaml index b751b636..a74742d8 100644 --- a/testpmd-lb-operator/config/manifests/bases/testpmd-lb-operator.clusterserviceversion.yaml +++ b/testpmd-lb-operator/config/manifests/bases/testpmd-lb-operator.clusterserviceversion.yaml @@ -38,8 +38,6 @@ spec: - name: Testpmd Lb Operator url: https://testpmd-lb-operator.domain maintainers: - - email: skramaja@redhat.com - name: Saravanan KR - email: telcoci@redhat.com name: Telco CI maturity: alpha diff --git a/testpmd-lb-operator/config/manifests/kustomization.yaml b/testpmd-lb-operator/config/manifests/kustomization.yaml index 63ca74d7..1e1f6921 100644 --- a/testpmd-lb-operator/config/manifests/kustomization.yaml +++ b/testpmd-lb-operator/config/manifests/kustomization.yaml @@ -1,4 +1,7 @@ +# These resources constitute the fully configured set of manifests +# used to generate the 'manifests/' directory in a bundle. resources: +- bases/testpmd-lb-operator.clusterserviceversion.yaml - ../default - ../samples - ../scorecard diff --git a/testpmd-lb-operator/config/prometheus/monitor.yaml b/testpmd-lb-operator/config/prometheus/monitor.yaml index 1b44d4f6..25813917 100644 --- a/testpmd-lb-operator/config/prometheus/monitor.yaml +++ b/testpmd-lb-operator/config/prometheus/monitor.yaml @@ -1,16 +1,26 @@ ---- + # Prometheus Monitor Service (Metrics) apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: control-plane: controller-manager + app.kubernetes.io/name: servicemonitor + app.kubernetes.io/instance: controller-manager-metrics-monitor + app.kubernetes.io/component: metrics + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-monitor namespace: system spec: endpoints: - path: /metrics port: https + scheme: https + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + tlsConfig: + insecureSkipVerify: true selector: matchLabels: control-plane: controller-manager diff --git a/testpmd-lb-operator/config/rbac/auth_proxy_client_clusterrole.yaml b/testpmd-lb-operator/config/rbac/auth_proxy_client_clusterrole.yaml index bd4af137..2540e4ab 100644 --- a/testpmd-lb-operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/testpmd-lb-operator/config/rbac/auth_proxy_client_clusterrole.yaml @@ -1,7 +1,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: metrics-reader + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: metrics-reader rules: -- nonResourceURLs: ["/metrics"] - verbs: ["get"] +- nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/testpmd-lb-operator/config/rbac/auth_proxy_role.yaml b/testpmd-lb-operator/config/rbac/auth_proxy_role.yaml index 618f5e41..42e9668f 100644 --- a/testpmd-lb-operator/config/rbac/auth_proxy_role.yaml +++ b/testpmd-lb-operator/config/rbac/auth_proxy_role.yaml @@ -1,13 +1,24 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: proxy-role + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: proxy-role rules: -- apiGroups: ["authentication.k8s.io"] +- apiGroups: + - authentication.k8s.io resources: - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] + verbs: + - create +- apiGroups: + - authorization.k8s.io resources: - subjectaccessreviews - verbs: ["create"] + verbs: + - create diff --git a/testpmd-lb-operator/config/rbac/auth_proxy_role_binding.yaml b/testpmd-lb-operator/config/rbac/auth_proxy_role_binding.yaml index ec7acc0a..06577a1b 100644 --- a/testpmd-lb-operator/config/rbac/auth_proxy_role_binding.yaml +++ b/testpmd-lb-operator/config/rbac/auth_proxy_role_binding.yaml @@ -1,6 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: + labels: + app.kubernetes.io/name: clusterrolebinding + app.kubernetes.io/instance: proxy-rolebinding + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/testpmd-lb-operator/config/rbac/auth_proxy_service.yaml b/testpmd-lb-operator/config/rbac/auth_proxy_service.yaml index 6cf656be..379db058 100644 --- a/testpmd-lb-operator/config/rbac/auth_proxy_service.yaml +++ b/testpmd-lb-operator/config/rbac/auth_proxy_service.yaml @@ -3,12 +3,19 @@ kind: Service metadata: labels: control-plane: controller-manager + app.kubernetes.io/name: service + app.kubernetes.io/instance: controller-manager-metrics-service + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-service namespace: system spec: ports: - name: https port: 8443 + protocol: TCP targetPort: https selector: control-plane: controller-manager diff --git a/testpmd-lb-operator/config/rbac/leader_election_role.yaml b/testpmd-lb-operator/config/rbac/leader_election_role.yaml index 53e97491..58067390 100644 --- a/testpmd-lb-operator/config/rbac/leader_election_role.yaml +++ b/testpmd-lb-operator/config/rbac/leader_election_role.yaml @@ -2,6 +2,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: + labels: + app.kubernetes.io/name: role + app.kubernetes.io/instance: leader-election-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: leader-election-role rules: - apiGroups: @@ -16,6 +23,18 @@ rules: - update - patch - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete - apiGroups: - "" resources: diff --git a/testpmd-lb-operator/config/rbac/leader_election_role_binding.yaml b/testpmd-lb-operator/config/rbac/leader_election_role_binding.yaml index 1d1321ed..ce4a04ba 100644 --- a/testpmd-lb-operator/config/rbac/leader_election_role_binding.yaml +++ b/testpmd-lb-operator/config/rbac/leader_election_role_binding.yaml @@ -1,6 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: + labels: + app.kubernetes.io/name: rolebinding + app.kubernetes.io/instance: leader-election-rolebinding + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: leader-election-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/testpmd-lb-operator/config/rbac/loadbalancer_editor_role.yaml b/testpmd-lb-operator/config/rbac/loadbalancer_editor_role.yaml index d1b552fa..a79676f3 100644 --- a/testpmd-lb-operator/config/rbac/loadbalancer_editor_role.yaml +++ b/testpmd-lb-operator/config/rbac/loadbalancer_editor_role.yaml @@ -2,6 +2,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: loadbalancer-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: loadbalancer-editor-role rules: - apiGroups: diff --git a/testpmd-lb-operator/config/rbac/loadbalancer_viewer_role.yaml b/testpmd-lb-operator/config/rbac/loadbalancer_viewer_role.yaml index cccc5274..7ab943d8 100644 --- a/testpmd-lb-operator/config/rbac/loadbalancer_viewer_role.yaml +++ b/testpmd-lb-operator/config/rbac/loadbalancer_viewer_role.yaml @@ -2,6 +2,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: loadbalancer-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: loadbalancer-viewer-role rules: - apiGroups: diff --git a/testpmd-lb-operator/config/rbac/role.yaml b/testpmd-lb-operator/config/rbac/role.yaml index dfae3b27..a6050271 100644 --- a/testpmd-lb-operator/config/rbac/role.yaml +++ b/testpmd-lb-operator/config/rbac/role.yaml @@ -107,4 +107,4 @@ rules: - patch - update - watch -# +kubebuilder:scaffold:rules +#+kubebuilder:scaffold:rules diff --git a/testpmd-lb-operator/config/rbac/role_binding.yaml b/testpmd-lb-operator/config/rbac/role_binding.yaml index 6bbb46c0..be271288 100644 --- a/testpmd-lb-operator/config/rbac/role_binding.yaml +++ b/testpmd-lb-operator/config/rbac/role_binding.yaml @@ -1,7 +1,13 @@ ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: + labels: + app.kubernetes.io/name: clusterrolebinding + app.kubernetes.io/instance: manager-rolebinding + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/testpmd-lb-operator/config/rbac/service_account.yaml b/testpmd-lb-operator/config/rbac/service_account.yaml index 7cd6025b..84c9f38b 100644 --- a/testpmd-lb-operator/config/rbac/service_account.yaml +++ b/testpmd-lb-operator/config/rbac/service_account.yaml @@ -1,5 +1,12 @@ apiVersion: v1 kind: ServiceAccount metadata: + labels: + app.kubernetes.io/name: serviceaccount + app.kubernetes.io/instance: controller-manager-sa + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: testpmd-lb-operator + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize name: controller-manager namespace: system diff --git a/testpmd-lb-operator/config/samples/examplecnf_v1_loadbalancer.yaml b/testpmd-lb-operator/config/samples/examplecnf_v1_loadbalancer.yaml index 98fd1d94..f83964d1 100644 --- a/testpmd-lb-operator/config/samples/examplecnf_v1_loadbalancer.yaml +++ b/testpmd-lb-operator/config/samples/examplecnf_v1_loadbalancer.yaml @@ -1,6 +1,12 @@ apiVersion: examplecnf.openshift.io/v1 kind: LoadBalancer metadata: + labels: + app.kubernetes.io/name: loadbalancer + app.kubernetes.io/instance: loadbalancer-sample + app.kubernetes.io/part-of: testpmd-lb-operator + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: testpmd-lb-operator name: loadbalancer-sample spec: - foo: bar + # TODO(user): Add fields here diff --git a/testpmd-lb-operator/config/samples/kustomization.yaml b/testpmd-lb-operator/config/samples/kustomization.yaml index 807e0491..f3450a0e 100644 --- a/testpmd-lb-operator/config/samples/kustomization.yaml +++ b/testpmd-lb-operator/config/samples/kustomization.yaml @@ -1,4 +1,4 @@ -## Append samples you want in your CSV to this file as resources ## +## Append samples of your project ## resources: - examplecnf_v1_loadbalancer.yaml -# +kubebuilder:scaffold:manifestskustomizesamples +#+kubebuilder:scaffold:manifestskustomizesamples diff --git a/testpmd-lb-operator/config/scorecard/kustomization.yaml b/testpmd-lb-operator/config/scorecard/kustomization.yaml index d73509ee..50cd2d08 100644 --- a/testpmd-lb-operator/config/scorecard/kustomization.yaml +++ b/testpmd-lb-operator/config/scorecard/kustomization.yaml @@ -13,4 +13,4 @@ patchesJson6902: version: v1alpha3 kind: Configuration name: config -# +kubebuilder:scaffold:patchesJson6902 +#+kubebuilder:scaffold:patchesJson6902 diff --git a/testpmd-lb-operator/config/scorecard/patches/basic.config.yaml b/testpmd-lb-operator/config/scorecard/patches/basic.config.yaml index f80c746f..a2f15894 100644 --- a/testpmd-lb-operator/config/scorecard/patches/basic.config.yaml +++ b/testpmd-lb-operator/config/scorecard/patches/basic.config.yaml @@ -4,7 +4,7 @@ entrypoint: - scorecard-test - basic-check-spec - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: basic test: basic-check-spec-test diff --git a/testpmd-lb-operator/config/scorecard/patches/olm.config.yaml b/testpmd-lb-operator/config/scorecard/patches/olm.config.yaml index ef6834b1..9b7ca41b 100644 --- a/testpmd-lb-operator/config/scorecard/patches/olm.config.yaml +++ b/testpmd-lb-operator/config/scorecard/patches/olm.config.yaml @@ -4,7 +4,7 @@ entrypoint: - scorecard-test - olm-bundle-validation - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: olm test: olm-bundle-validation-test @@ -14,7 +14,7 @@ entrypoint: - scorecard-test - olm-crds-have-validation - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: olm test: olm-crds-have-validation-test @@ -24,7 +24,7 @@ entrypoint: - scorecard-test - olm-crds-have-resources - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: olm test: olm-crds-have-resources-test @@ -34,7 +34,7 @@ entrypoint: - scorecard-test - olm-spec-descriptors - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: olm test: olm-spec-descriptors-test @@ -44,7 +44,7 @@ entrypoint: - scorecard-test - olm-status-descriptors - image: quay.io/operator-framework/scorecard-test:v1.2.0 + image: quay.io/operator-framework/scorecard-test:v1.33.0 labels: suite: olm test: olm-status-descriptors-test diff --git a/testpmd-lb-operator/config/testing/debug_logs_patch.yaml b/testpmd-lb-operator/config/testing/debug_logs_patch.yaml index 3e31e2fb..3fb3d559 100644 --- a/testpmd-lb-operator/config/testing/debug_logs_patch.yaml +++ b/testpmd-lb-operator/config/testing/debug_logs_patch.yaml @@ -10,5 +10,5 @@ spec: containers: - name: manager env: - - name: ANSIBLE_DEBUG_LOGS - value: "TRUE" + - name: ANSIBLE_DEBUG_LOGS + value: "TRUE" diff --git a/testpmd-lb-operator/licenses/bsd.txt b/testpmd-lb-operator/licenses/bsd.txt index a7147497..d7502271 100644 --- a/testpmd-lb-operator/licenses/bsd.txt +++ b/testpmd-lb-operator/licenses/bsd.txt @@ -1,4 +1,4 @@ -Copyright (c) 2021-2023 Fredco +Copyright (c) 2021-2024 Fredco Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. diff --git a/testpmd-lb-operator/molecule/default/converge.yml b/testpmd-lb-operator/molecule/default/converge.yml index 0633db98..9e65e378 100644 --- a/testpmd-lb-operator/molecule/default/converge.yml +++ b/testpmd-lb-operator/molecule/default/converge.yml @@ -4,7 +4,7 @@ connection: local gather_facts: no collections: - - community.kubernetes + - kubernetes.core tasks: - name: Create Namespace diff --git a/testpmd-lb-operator/molecule/default/destroy.yml b/testpmd-lb-operator/molecule/default/destroy.yml index af55e4f1..9a41e7de 100644 --- a/testpmd-lb-operator/molecule/default/destroy.yml +++ b/testpmd-lb-operator/molecule/default/destroy.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false collections: - - community.kubernetes + - kubernetes.core tasks: - import_tasks: kustomize.yml diff --git a/testpmd-lb-operator/molecule/default/kustomize.yml b/testpmd-lb-operator/molecule/default/kustomize.yml index f3d888c2..5c801d6a 100644 --- a/testpmd-lb-operator/molecule/default/kustomize.yml +++ b/testpmd-lb-operator/molecule/default/kustomize.yml @@ -1,13 +1,20 @@ --- - name: Build kustomize testing overlay # load_restrictor must be set to none so we can load patch files from the default overlay - command: '{{ kustomize }} build --load_restrictor none .' + command: '{{ kustomize }} build --load-restrictor LoadRestrictionsNone' args: chdir: '{{ config_dir }}/testing' register: resources changed_when: false - name: Set resources to {{ state }} + k8s: + definition: '{{ item }}' + state: '{{ state }}' + wait: no + loop: '{{ resources.stdout | from_yaml_all | list }}' + +- name: Wait for resources to get to {{ state }} k8s: definition: '{{ item }}' state: '{{ state }}' diff --git a/testpmd-lb-operator/molecule/default/molecule.yml b/testpmd-lb-operator/molecule/default/molecule.yml index ea58004d..91fcfcaf 100644 --- a/testpmd-lb-operator/molecule/default/molecule.yml +++ b/testpmd-lb-operator/molecule/default/molecule.yml @@ -3,18 +3,12 @@ dependency: name: galaxy driver: name: delegated -lint: | - set -e - yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . platforms: - name: cluster groups: - k8s provisioner: name: ansible - lint: | - set -e - ansible-lint inventory: group_vars: all: @@ -31,6 +25,3 @@ provisioner: K8S_AUTH_KUBECONFIG: ${KUBECONFIG:-"~/.kube/config"} verifier: name: ansible - lint: | - set -e - ansible-lint diff --git a/testpmd-lb-operator/molecule/default/prepare.yml b/testpmd-lb-operator/molecule/default/prepare.yml index 7d9f3f1b..ed40370c 100644 --- a/testpmd-lb-operator/molecule/default/prepare.yml +++ b/testpmd-lb-operator/molecule/default/prepare.yml @@ -18,7 +18,7 @@ chdir: '{{ config_dir }}/testing' - name: Set pull policy - command: '{{ kustomize }} edit add patch pull_policy/{{ operator_pull_policy }}.yaml' + command: '{{ kustomize }} edit add patch --path pull_policy/{{ operator_pull_policy }}.yaml' args: chdir: '{{ config_dir }}/testing' diff --git a/testpmd-lb-operator/molecule/default/tasks/loadbalancer_test.yml b/testpmd-lb-operator/molecule/default/tasks/loadbalancer_test.yml index d2ef4cac..641484f4 100644 --- a/testpmd-lb-operator/molecule/default/tasks/loadbalancer_test.yml +++ b/testpmd-lb-operator/molecule/default/tasks/loadbalancer_test.yml @@ -7,8 +7,7 @@ wait: yes wait_timeout: 300 wait_condition: - type: Running - reason: Successful + type: Successful status: "True" vars: cr_file: 'examplecnf_v1_loadbalancer.yaml' diff --git a/testpmd-lb-operator/molecule/default/verify.yml b/testpmd-lb-operator/molecule/default/verify.yml index cc28aacf..15f3674d 100644 --- a/testpmd-lb-operator/molecule/default/verify.yml +++ b/testpmd-lb-operator/molecule/default/verify.yml @@ -4,7 +4,7 @@ connection: local gather_facts: no collections: - - community.kubernetes + - kubernetes.core vars: ctrl_label: control-plane=controller-manager diff --git a/testpmd-lb-operator/molecule/kind/destroy.yml b/testpmd-lb-operator/molecule/kind/destroy.yml index a1c3eac9..304cca21 100644 --- a/testpmd-lb-operator/molecule/kind/destroy.yml +++ b/testpmd-lb-operator/molecule/kind/destroy.yml @@ -4,7 +4,7 @@ connection: local gather_facts: false collections: - - community.kubernetes + - kubernetes.core tasks: - name: Destroy test kind cluster diff --git a/testpmd-lb-operator/molecule/kind/molecule.yml b/testpmd-lb-operator/molecule/kind/molecule.yml index d4361f32..534c8ce4 100644 --- a/testpmd-lb-operator/molecule/kind/molecule.yml +++ b/testpmd-lb-operator/molecule/kind/molecule.yml @@ -3,9 +3,6 @@ dependency: name: galaxy driver: name: delegated -lint: | - set -e - yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . platforms: - name: cluster groups: @@ -15,9 +12,6 @@ provisioner: playbooks: prepare: ../default/prepare.yml verify: ../default/verify.yml - lint: | - set -e - ansible-lint inventory: group_vars: all: @@ -37,6 +31,3 @@ provisioner: KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig verifier: name: ansible - lint: | - set -e - ansible-lint diff --git a/testpmd-lb-operator/requirements.yml b/testpmd-lb-operator/requirements.yml index 26699a58..8baf9191 100644 --- a/testpmd-lb-operator/requirements.yml +++ b/testpmd-lb-operator/requirements.yml @@ -1,6 +1,10 @@ --- collections: - - name: community.kubernetes - version: "1.2.1" - name: operator_sdk.util version: "0.5.0" + - name: kubernetes.core + version: "2.4.0" + - name: cloud.common + version: "2.1.1" + - name: community.docker + version: "3.4.0" diff --git a/testpmd-lb-operator/roles/loadbalancer/defaults/main.yml.in b/testpmd-lb-operator/roles/loadbalancer/defaults/main.yml.in index 5b690dfd..378f7714 100644 --- a/testpmd-lb-operator/roles/loadbalancer/defaults/main.yml.in +++ b/testpmd-lb-operator/roles/loadbalancer/defaults/main.yml.in @@ -1,4 +1,5 @@ --- +# defaults file for LoadBalancer image_pull_policy: IfNotPresent privileged: false network_defintions: "" diff --git a/testpmd-lb-operator/roles/loadbalancer/files/.placeholder b/testpmd-lb-operator/roles/loadbalancer/files/.placeholder new file mode 100644 index 00000000..e69de29b diff --git a/testpmd-lb-operator/roles/loadbalancer/handlers/main.yml b/testpmd-lb-operator/roles/loadbalancer/handlers/main.yml new file mode 100644 index 00000000..7077d735 --- /dev/null +++ b/testpmd-lb-operator/roles/loadbalancer/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for LoadBalancer diff --git a/testpmd-lb-operator/roles/loadbalancer/meta/main.yml b/testpmd-lb-operator/roles/loadbalancer/meta/main.yml index be34ca4f..dfab20d3 100644 --- a/testpmd-lb-operator/roles/loadbalancer/meta/main.yml +++ b/testpmd-lb-operator/roles/loadbalancer/meta/main.yml @@ -61,4 +61,4 @@ dependencies: [] # if you add dependencies to this list. collections: - operator_sdk.util -- community.kubernetes +- kubernetes.core diff --git a/testpmd-lb-operator/roles/loadbalancer/tasks/main.yml b/testpmd-lb-operator/roles/loadbalancer/tasks/main.yml index b4bbead1..1e06a070 100644 --- a/testpmd-lb-operator/roles/loadbalancer/tasks/main.yml +++ b/testpmd-lb-operator/roles/loadbalancer/tasks/main.yml @@ -1,4 +1,5 @@ --- +# tasks file for LoadBalancer - set_fact: network_resources: {} network_name_list: [] diff --git a/testpmd-lb-operator/roles/loadbalancer/templates/role.yml b/testpmd-lb-operator/roles/loadbalancer/templates/role.yml index d8f4c800..b22415ec 100644 --- a/testpmd-lb-operator/roles/loadbalancer/templates/role.yml +++ b/testpmd-lb-operator/roles/loadbalancer/templates/role.yml @@ -79,4 +79,4 @@ rules: - privileged verbs: - use -# +kubebuilder:scaffold:rules +#+kubebuilder:scaffold:rules diff --git a/testpmd-lb-operator/roles/loadbalancer/vars/main.yml b/testpmd-lb-operator/roles/loadbalancer/vars/main.yml new file mode 100644 index 00000000..a0e8827c --- /dev/null +++ b/testpmd-lb-operator/roles/loadbalancer/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for LoadBalancer diff --git a/testpmd-lb-operator/watches.yaml b/testpmd-lb-operator/watches.yaml index 92ced40c..4216e041 100644 --- a/testpmd-lb-operator/watches.yaml +++ b/testpmd-lb-operator/watches.yaml @@ -4,4 +4,4 @@ group: examplecnf.openshift.io kind: LoadBalancer role: loadbalancer -# +kubebuilder:scaffold:watch +#+kubebuilder:scaffold:watch