-
Notifications
You must be signed in to change notification settings - Fork 32
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cert manager api as dependency #680
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #680 +/- ##
==========================================
+ Coverage 80.20% 82.83% +2.62%
==========================================
Files 64 73 +9
Lines 4492 5737 +1245
==========================================
+ Hits 3603 4752 +1149
- Misses 600 651 +51
- Partials 289 334 +45
Flags with carried forward coverage won't be shown. Click here to find out more.
|
@@ -6,4 +6,6 @@ spec: | |||
sourceType: grpc | |||
image: quay.io/kuadrant/kuadrant-operator-catalog:latest | |||
displayName: Kuadrant Operators | |||
grpcPodConfig: | |||
securityContextConfig: restricted |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this something we need to override in OLM for cert manager to work? What does the securityContextConfig
adds to the grpc Pod?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This something we need for the current k8s release version we are using. Try removing those, the catalogsource would not be deployed.
OPM="${1?:Error \$OPM not set. Bye}" | ||
YQ="${2?:Error \$YQ not set. Bye}" | ||
BUNDLE_IMG="${3?:Error \$BUNDLE_IMG not set. Bye}" | ||
REPLACES_VERSION="${4?:Error \$REPLACES_VERSION not set. Bye}" | ||
LIMITADOR_OPERATOR_BUNDLE_IMG="${5?:Error \$LIMITADOR_OPERATOR_BUNDLE_IMG not set. Bye}" | ||
AUTHORINO_OPERATOR_BUNDLE_IMG="${6?:Error \$AUTHORINO_OPERATOR_BUNDLE_IMG not set. Bye}" | ||
DNS_OPERATOR_BUNDLE_IMG="${7?:Error \$DNS_OPERATOR_BUNDLE_IMG not set. Bye}" | ||
CHANNELS="${8:-$DEFAULT_CHANNEL}" | ||
CHANNELS="${8?:Error \$CHANNELS not set. Bye}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No channels, no catalog. We might need to review the release process of setting channel(s) and default channel
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the default channel is set at the makefile level. The script only requires one. I have moved the default from the script to the makefile. The script needs one channel value and fails if not provided. The default value is meaningful outside the script only.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Considering that we are ignoring CertificateRequest, Order and Challenge GVKs since are not being used... LGTM! 🥇
* cert manager api as dependency * bundle/metadata/dependencies.yaml: removing unused GVK deps
What
Remove cert-manager operator as dependency and, instead, add cert-manager API as dep.
On openshift, the upstream cert-manager operator can conflict with RH build of the cert manager operator.
Verification steps
The subscription status eventually reports
constraints not satisfiable
Condition type
CatalogSourcesUnhealthy
should eventually report thatall available catalogsources are healthy
. It takes up to few minutes.OLM should have resolved the dependency by installing the cert-manager operator.