From 1b63f767fcf64cda2696048333121b18d85c1acc Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Wed, 21 Aug 2024 11:50:29 +0200 Subject: [PATCH 01/14] get oauth proxy image from image streams Signed-off-by: Coleen Iona Quadros --- ...bility-operator.clusterserviceversion.yaml | 8 ++++ .../multiclusterobservability_controller.go | 24 ++++++++---- .../predicate_func.go | 17 +++++++++ operators/multiclusterobservability/main.go | 36 ++++++++++++++---- .../pkg/config/config.go | 38 ++++++++++++++++--- .../pkg/rendering/renderer.go | 11 ++++-- .../pkg/rendering/renderer_alertmanager.go | 6 +-- .../rendering/renderer_alertmanager_test.go | 2 +- .../pkg/rendering/renderer_grafana.go | 3 +- .../pkg/rendering/renderer_proxy.go | 5 +-- .../pkg/rendering/renderer_test.go | 2 +- 11 files changed, 115 insertions(+), 37 deletions(-) diff --git a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml index beb79f096..16b99d9c0 100644 --- a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml +++ b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml @@ -454,6 +454,14 @@ spec: - get - list - watch + - apiGroups: + - image.openshift.io + resources: + - imagestreams + verbs: + - get + - list + - watch - serviceAccountName: multicluster-observability-operator deployments: - label: diff --git a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go index 04648beea..25837e4f0 100644 --- a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go +++ b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go @@ -8,6 +8,8 @@ import ( "context" cerr "errors" "fmt" + imagev1 "github.com/openshift/api/image/v1" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" "os" "reflect" "strings" @@ -79,13 +81,14 @@ var ( // MultiClusterObservabilityReconciler reconciles a MultiClusterObservability object type MultiClusterObservabilityReconciler struct { - Manager manager.Manager - Client client.Client - Log logr.Logger - Scheme *runtime.Scheme - CRDMap map[string]bool - APIReader client.Reader - RESTMapper meta.RESTMapper + Manager manager.Manager + Client client.Client + Log logr.Logger + Scheme *runtime.Scheme + CRDMap map[string]bool + APIReader client.Reader + RESTMapper meta.RESTMapper + ImageClient *imagev1client.ImageV1Client } // +kubebuilder:rbac:groups=observability.open-cluster-management.io,resources=multiclusterobservabilities,verbs=get;list;watch;create;update;patch;delete @@ -249,8 +252,9 @@ func (r *MultiClusterObservabilityReconciler) Reconcile(ctx context.Context, req return ctrl.Result{}, err } instance.Spec.StorageConfig.StorageClass = storageClassSelected + // Render the templates with a specified CR - renderer := rendering.NewMCORenderer(instance, r.Client) + renderer := rendering.NewMCORenderer(instance, r.Client, r.ImageClient) toDeploy, err := renderer.Render() if err != nil { reqLogger.Error(err, "Failed to render multiClusterMonitoring templates") @@ -446,6 +450,7 @@ func (r *MultiClusterObservabilityReconciler) SetupWithManager(mgr ctrl.Manager) cmPred := GetConfigMapPredicateFunc() secretPred := GetAlertManagerSecretPredicateFunc() namespacePred := GetNamespacePredicateFunc() + imageStreamPred := GetImageStreamPredicateFunc() ctrBuilder := ctrl.NewControllerManagedBy(mgr). // Watch for changes to primary resource MultiClusterObservability with predicate @@ -469,6 +474,9 @@ func (r *MultiClusterObservabilityReconciler) SetupWithManager(mgr ctrl.Manager) // Watch the namespace for changes Watches(&corev1.Namespace{}, &handler.EnqueueRequestForObject{}, builder.WithPredicates(namespacePred)). + // Watch the imagestream for changes + Watches(&imagev1.ImageStream{}, &handler.EnqueueRequestForObject{}, + builder.WithPredicates(imageStreamPred)). // Watch the kube-system extension-apiserver-authentication ConfigMap for changes Watches(&corev1.ConfigMap{}, handler.EnqueueRequestsFromMapFunc( func(ctx context.Context, a client.Object) []reconcile.Request { diff --git a/operators/multiclusterobservability/controllers/multiclusterobservability/predicate_func.go b/operators/multiclusterobservability/controllers/multiclusterobservability/predicate_func.go index 9f195f228..bd2f27f10 100644 --- a/operators/multiclusterobservability/controllers/multiclusterobservability/predicate_func.go +++ b/operators/multiclusterobservability/controllers/multiclusterobservability/predicate_func.go @@ -189,3 +189,20 @@ func GetNamespacePredicateFunc() predicate.Funcs { }, } } + +func GetImageStreamPredicateFunc() predicate.Funcs { + return predicate.Funcs{ + CreateFunc: func(e event.CreateEvent) bool { + return e.Object.GetName() == config.OauthProxyImageStreamName + }, + UpdateFunc: func(e event.UpdateEvent) bool { + if e.ObjectNew.GetName() != config.OauthProxyImageStreamName { + return false + } + return e.ObjectOld.GetGeneration() != e.ObjectNew.GetGeneration() + }, + DeleteFunc: func(e event.DeleteEvent) bool { + return false + }, + } +} diff --git a/operators/multiclusterobservability/main.go b/operators/multiclusterobservability/main.go index c1ac8b7d1..165c4917a 100644 --- a/operators/multiclusterobservability/main.go +++ b/operators/multiclusterobservability/main.go @@ -8,6 +8,8 @@ import ( "crypto/tls" "flag" "fmt" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" + "k8s.io/apimachinery/pkg/api/meta" "os" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) @@ -281,14 +283,34 @@ func main() { config.MCGHCrdName: mcghCrdExists, } + if _, err := mgr.GetRESTMapper().KindFor(schema.GroupVersionResource{ + Group: "image.openshift.io", + Version: "v1", + Resource: "imagestreams", + }); err != nil { + if meta.IsNoMatchError(err) { + setupLog.Info("image.openshift.io/v1/imagestreams is not available") + } else { + setupLog.Error(err, "failed to get kind for image.openshift.io/v1/imagestreams") + os.Exit(1) + } + } + + imageClient, err := imagev1client.NewForConfig(ctrl.GetConfigOrDie()) + if err != nil { + setupLog.Error(err, "failed to create openshift image client") + os.Exit(1) + } + if err = (&mcoctrl.MultiClusterObservabilityReconciler{ - Manager: mgr, - Client: mgr.GetClient(), - Log: ctrl.Log.WithName("controllers").WithName("MultiClusterObservability"), - Scheme: mgr.GetScheme(), - CRDMap: crdMaps, - APIReader: mgr.GetAPIReader(), - RESTMapper: mgr.GetRESTMapper(), + Manager: mgr, + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("MultiClusterObservability"), + Scheme: mgr.GetScheme(), + CRDMap: crdMaps, + APIReader: mgr.GetAPIReader(), + RESTMapper: mgr.GetRESTMapper(), + ImageClient: imageClient, }).SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "MultiClusterObservability") os.Exit(1) diff --git a/operators/multiclusterobservability/pkg/config/config.go b/operators/multiclusterobservability/pkg/config/config.go index 7e41d8ccb..d4591057a 100644 --- a/operators/multiclusterobservability/pkg/config/config.go +++ b/operators/multiclusterobservability/pkg/config/config.go @@ -7,8 +7,10 @@ package config import ( "context" "fmt" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" "net/url" "os" + "reflect" "strings" "time" @@ -148,11 +150,6 @@ const ( KubeRBACProxyKey = "kube_rbac_proxy" KubeRBACProxyImgName = "kube-rbac-proxy" - OauthProxyImgRepo = "quay.io/stolostron" - OauthProxyImgName = "origin-oauth-proxy" - OauthProxyImgTagSuffix = "2.0.12-SNAPSHOT-2021-06-11-19-40-10" - OauthProxyKey = "oauth_proxy" - EndpointControllerImgName = "endpoint-monitoring-operator" EndpointControllerKey = "endpoint_monitoring_operator" @@ -162,7 +159,7 @@ const ( ObservatoriumAPI = "observatorium-api" ThanosCompact = "thanos-compact" ThanosQuery = "thanos-query" - ThanosQueryFrontend = "thanos-query-frontend" + ThanosQueryFrontend = "THANOS-QUERY-FRONTEND" ThanosQueryFrontendMemcached = "thanos-query-frontend-memcached" ThanosRule = "thanos-rule" ThanosReceive = "thanos-receive-default" @@ -213,6 +210,11 @@ const ( HubEndpointSaName = "endpoint-observability-operator-sa" ) +const ( + OauthProxyImageStreamName = "oauth-proxy" + OauthProxyImageStreamNamespace = "openshift" +) + // ObjectStorgeConf is used to Unmarshal from bytes to do validation. type ObjectStorgeConf struct { Type string `yaml:"type"` @@ -819,3 +821,27 @@ func IsAlertingDisabledInSpec(mco *observabilityv1beta2.MultiClusterObservabilit annotations := mco.GetAnnotations() return annotations != nil && annotations[AnnotationDisableMCOAlerting] == "true" } + +func GetOauthProxyImage(imageClient imagev1client.ImageV1Interface) (bool, string) { + if imageClient != nil && !reflect.ValueOf(imageClient).IsNil() { + // set oauth-proxy from imagestream.image.openshift.io + oauthImageStream, err := imageClient.ImageStreams(OauthProxyImageStreamNamespace). + Get(context.TODO(), OauthProxyImageStreamName, v1.GetOptions{}) + if err != nil { + if !errors.IsNotFound(err) { + return false, "" + } + // do not expect error = IsNotFound in OCP environment. + // But for e2e test, it can be. for this case, just ignore + } else { + if oauthImageStream.Spec.Tags != nil { + tag := oauthImageStream.Spec.Tags[0] + if tag.From != nil && tag.From.Kind == "DockerImage" && len(tag.From.Name) > 0 { + return true, tag.From.Name + } + } + } + } + return false, "" + +} diff --git a/operators/multiclusterobservability/pkg/rendering/renderer.go b/operators/multiclusterobservability/pkg/rendering/renderer.go index 7771fa6dc..0b06bca2a 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer.go @@ -5,6 +5,7 @@ package rendering import ( + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" v1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -24,6 +25,7 @@ var log = logf.Log.WithName("renderer") type MCORenderer struct { kubeClient client.Client + imageClient *imagev1client.ImageV1Client renderer *rendererutil.Renderer cr *obv1beta2.MultiClusterObservability renderGrafanaFns map[string]rendererutil.RenderFn @@ -32,11 +34,12 @@ type MCORenderer struct { renderProxyFns map[string]rendererutil.RenderFn } -func NewMCORenderer(multipleClusterMonitoring *obv1beta2.MultiClusterObservability, kubeClient client.Client) *MCORenderer { +func NewMCORenderer(multipleClusterMonitoring *obv1beta2.MultiClusterObservability, kubeClient client.Client, imageClient *imagev1client.ImageV1Client) *MCORenderer { mcoRenderer := &MCORenderer{ - renderer: rendererutil.NewRenderer(), - cr: multipleClusterMonitoring, - kubeClient: kubeClient, + renderer: rendererutil.NewRenderer(), + cr: multipleClusterMonitoring, + kubeClient: kubeClient, + imageClient: imageClient, } mcoRenderer.newGranfanaRenderer() mcoRenderer.newAlertManagerRenderer() diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager.go b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager.go index 188396eaa..d490488de 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager.go @@ -100,10 +100,8 @@ func (r *MCORenderer) renderAlertManagerStatefulSet(res *resource.Resource, if found { spec.Containers[1].Image = image } - // the oauth-proxy image only exists in mch-image-manifest configmap - // pass nil annotation to make sure oauth-proxy overrided from mch-image-manifest - found, image = mcoconfig.ReplaceImage(nil, mcoconfig.OauthProxyImgRepo, - mcoconfig.OauthProxyKey) + + found, image = mcoconfig.GetOauthProxyImage(r.imageClient) if found { spec.Containers[2].Image = image } diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go index c04c4de91..26e7abc10 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go @@ -237,7 +237,7 @@ func renderTemplates(t *testing.T, kubeClient client.Client, mco *mcov1beta2.Mul defer os.Unsetenv(templatesutil.TemplatesPathEnvVar) config.ReadImageManifestConfigMap(kubeClient, "v1") - renderer := NewMCORenderer(mco, kubeClient) + renderer := NewMCORenderer(mco, kubeClient, nil) //load and render alertmanager templates alertTemplates, err := templates.GetOrLoadAlertManagerTemplates(templatesutil.GetTemplateRenderer()) diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_grafana.go b/operators/multiclusterobservability/pkg/rendering/renderer_grafana.go index 36962fea5..d60e8af23 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_grafana.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_grafana.go @@ -68,8 +68,7 @@ func (r *MCORenderer) renderGrafanaDeployments(res *resource.Resource, } spec.Containers[1].ImagePullPolicy = imagePullPolicy - found, image = config.ReplaceImage(nil, config.OauthProxyImgRepo, - config.OauthProxyKey) + found, image = config.GetOauthProxyImage(r.imageClient) if found { spec.Containers[2].Image = image } diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_proxy.go b/operators/multiclusterobservability/pkg/rendering/renderer_proxy.go index 3416639c1..4c9ddf3e5 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_proxy.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_proxy.go @@ -93,10 +93,7 @@ func (r *MCORenderer) renderProxyDeployment(res *resource.Resource, spec.Containers[0].Image = image } - // the oauth-proxy image only exists in mch-image-manifest configmap - // pass nil annotation to make sure oauth-proxy overrided from mch-image-manifest - found, image = mcoconfig.ReplaceImage(nil, mcoconfig.OauthProxyImgRepo, - mcoconfig.OauthProxyKey) + found, image = mcoconfig.GetOauthProxyImage(r.imageClient) if found { spec.Containers[1].Image = image } diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_test.go index 50acac4f1..41eb3811d 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_test.go @@ -59,7 +59,7 @@ func TestRender(t *testing.T) { } kubeClient := fake.NewClientBuilder().WithObjects(clientCa).Build() - renderer := NewMCORenderer(mchcr, kubeClient) + renderer := NewMCORenderer(mchcr, kubeClient, nil) _, err = renderer.Render() if err != nil { t.Fatalf("failed to render MultiClusterObservability: %v", err) From 35dfabee768433899a52c3f731536c06e63241d3 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 22 Aug 2024 13:24:00 +0200 Subject: [PATCH 02/14] update test Signed-off-by: Coleen Iona Quadros --- .../rendering/renderer_alertmanager_test.go | 2 +- .../pkg/rendering/renderer_test.go | 36 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go index 26e7abc10..05e864ba1 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go @@ -57,12 +57,12 @@ func TestAlertManagerRenderer(t *testing.T) { Data: map[string]string{ "prometheus_alertmanager": "quay.io/rhacm2/alertmanager:latest", "configmap_reloader": "quay.io/rhacm2/configmap-reloader:latest", - "oauth_proxy": "quay.io/rhacm2/oauth_proxy:latest", "kube_rbac_proxy": "quay.io/rhacm2/kube-rbac-proxy:latest", }, } kubeClient := fake.NewClientBuilder().WithObjects(clientCa, mchImageManifest).Build() + alertResources := renderTemplates(t, kubeClient, makeBaseMco()) // clientCa configmap must be filled with the client-ca-file data diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_test.go index 41eb3811d..48b7fcdfa 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_test.go @@ -5,6 +5,12 @@ package rendering import ( + "context" + imagev1 "github.com/openshift/api/image/v1" + fakeimageclient "github.com/openshift/client-go/image/clientset/versioned/fake" + fakeimagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/fake" + "github.com/stolostron/multicluster-observability-operator/operators/multiclusterobservability/pkg/config" + "github.com/stretchr/testify/assert" "os" "path" "testing" @@ -65,3 +71,33 @@ func TestRender(t *testing.T) { t.Fatalf("failed to render MultiClusterObservability: %v", err) } } + +func TestGetOauthProxyFromImageStreams(t *testing.T) { + imageClient := &fakeimagev1client.FakeImageV1{Fake: &(fakeimageclient.NewSimpleClientset().Fake)} + _, err := imageClient.ImageStreams(config.OauthProxyImageStreamNamespace).Create(context.Background(), + &imagev1.ImageStream{ + ObjectMeta: metav1.ObjectMeta{ + Name: config.OauthProxyImageStreamName, + Namespace: config.OauthProxyImageStreamNamespace, + }, + Spec: imagev1.ImageStreamSpec{ + Tags: []imagev1.TagReference{ + { + Name: "v4.4", + From: &corev1.ObjectReference{ + Kind: "DockerImage", + Name: "quay.io/openshift-release-dev/ocp-v4.0-art-dev", + }, + }, + }, + }, + }, metav1.CreateOptions{}) + if err != nil { + t.Fatal(err) + } + found, oauth_proxy_image := config.GetOauthProxyImage(imageClient) + if !found { + t.Fatal("Failed to get oauth proxy image") + } + assert.Equal(t, "quay.io/openshift-release-dev/ocp-v4.0-art-dev:v4.4", oauth_proxy_image) +} From e780ce04a51f3bde26e8f32a08296f45bbe48476 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 22 Aug 2024 13:26:07 +0200 Subject: [PATCH 03/14] lint Signed-off-by: Coleen Iona Quadros --- .../multiclusterobservability_controller.go | 5 +++-- operators/multiclusterobservability/main.go | 3 ++- operators/multiclusterobservability/pkg/config/config.go | 3 ++- .../pkg/rendering/renderer_test.go | 7 ++++--- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go index 13fb49aca..e548a11cf 100644 --- a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go +++ b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go @@ -8,13 +8,14 @@ import ( "context" cerr "errors" "fmt" - imagev1 "github.com/openshift/api/image/v1" - imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" "os" "reflect" "strings" "time" + imagev1 "github.com/openshift/api/image/v1" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" + operatorconfig "github.com/stolostron/multicluster-observability-operator/operators/pkg/config" addonv1alpha1 "open-cluster-management.io/api/addon/v1alpha1" diff --git a/operators/multiclusterobservability/main.go b/operators/multiclusterobservability/main.go index f3a01d820..01baeffcd 100644 --- a/operators/multiclusterobservability/main.go +++ b/operators/multiclusterobservability/main.go @@ -8,9 +8,10 @@ import ( "crypto/tls" "flag" "fmt" + "os" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" "k8s.io/apimachinery/pkg/api/meta" - "os" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. diff --git a/operators/multiclusterobservability/pkg/config/config.go b/operators/multiclusterobservability/pkg/config/config.go index c4faeffc3..fd89878c2 100644 --- a/operators/multiclusterobservability/pkg/config/config.go +++ b/operators/multiclusterobservability/pkg/config/config.go @@ -7,13 +7,14 @@ package config import ( "context" "fmt" - imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" "net/url" "os" "reflect" "strings" "time" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" + ocinfrav1 "github.com/openshift/api/config/v1" operatorv1 "github.com/openshift/api/operator/v1" routev1 "github.com/openshift/api/route/v1" diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_test.go index 48b7fcdfa..0a0c2362c 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_test.go @@ -6,14 +6,15 @@ package rendering import ( "context" + "os" + "path" + "testing" + imagev1 "github.com/openshift/api/image/v1" fakeimageclient "github.com/openshift/client-go/image/clientset/versioned/fake" fakeimagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1/fake" "github.com/stolostron/multicluster-observability-operator/operators/multiclusterobservability/pkg/config" "github.com/stretchr/testify/assert" - "os" - "path" - "testing" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" From 8220f715a7614c7eb6c30532c591b4631d403de9 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 22 Aug 2024 13:54:35 +0200 Subject: [PATCH 04/14] lint Signed-off-by: Coleen Iona Quadros --- .../multiclusterobservability/pkg/rendering/renderer_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_test.go index 0a0c2362c..313091832 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_test.go @@ -96,9 +96,9 @@ func TestGetOauthProxyFromImageStreams(t *testing.T) { if err != nil { t.Fatal(err) } - found, oauth_proxy_image := config.GetOauthProxyImage(imageClient) + found, oauthProxyImage := config.GetOauthProxyImage(imageClient) if !found { t.Fatal("Failed to get oauth proxy image") } - assert.Equal(t, "quay.io/openshift-release-dev/ocp-v4.0-art-dev:v4.4", oauth_proxy_image) + assert.Equal(t, "quay.io/openshift-release-dev/ocp-v4.0-art-dev", oauthProxyImage) } From 858e141a1c100480a1edd5f14ee8378fbff38dd3 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 22 Aug 2024 14:10:54 +0200 Subject: [PATCH 05/14] lint Signed-off-by: Coleen Iona Quadros --- .../multiclusterobservability/config/rbac/mco_role.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/operators/multiclusterobservability/config/rbac/mco_role.yaml b/operators/multiclusterobservability/config/rbac/mco_role.yaml index af37cd06b..e95636115 100644 --- a/operators/multiclusterobservability/config/rbac/mco_role.yaml +++ b/operators/multiclusterobservability/config/rbac/mco_role.yaml @@ -373,3 +373,11 @@ rules: - create - patch - delete +- apiGroups: + - image.openshift.io + resources: + - imagestreams + verbs: + - get + - list + - watch From d3940c241611fdc8ba8eebabbd010536ba09f886 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 22 Aug 2024 14:33:44 +0200 Subject: [PATCH 06/14] Update Konflux to run on main branch (#1590) * Update registry.access.redhat.com/ubi9/go-toolset Docker digest to 5049a9d (#1546) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Red Hat Konflux update endpoint-monitoring-operator-acm-212 (#1541) * Red Hat Konflux update endpoint-monitoring-operator-acm-212 Signed-off-by: red-hat-konflux * update builder Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux Co-authored-by: Coleen Iona Quadros * Red Hat Konflux update grafana-dashboard-loader-acm-212 (#1542) * Red Hat Konflux update grafana-dashboard-loader-acm-212 Signed-off-by: red-hat-konflux * update Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux Co-authored-by: Coleen Iona Quadros * Red Hat Konflux update metrics-collector-acm-212 (#1543) * Red Hat Konflux update metrics-collector-acm-212 Signed-off-by: red-hat-konflux * update build Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux Co-authored-by: Coleen Iona Quadros * Red Hat Konflux update rbac-query-proxy-acm-212 (#1545) * Red Hat Konflux update rbac-query-proxy-acm-212 Signed-off-by: red-hat-konflux * update Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux Co-authored-by: Coleen Iona Quadros * Red Hat Konflux update multicluster-observability-operator-acm-212 (#1544) * Red Hat Konflux update multicluster-observability-operator-acm-212 Signed-off-by: red-hat-konflux * Update Dockerfile Signed-off-by: Coleen Iona Quadros * update Signed-off-by: Coleen Iona Quadros * update build Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux Co-authored-by: Coleen Iona Quadros * Update Konflux references Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> * make target branch main for pull request Signed-off-by: Coleen Iona Quadros --------- Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Signed-off-by: Coleen Iona Quadros Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux lint Signed-off-by: Coleen Iona Quadros lint Signed-off-by: Coleen Iona Quadros ACM-12794: forward auth header to datasource (#1589) * ACM-12794: forward auth header to datasource This allows rbac-query-proxy to authentication against obs-api. This is needed as Grafana no longer automatically forwards the header (and for now only does so in our patched Grafana version). Signed-off-by: Jacob Baungard Hansen * Just forward access token We can infer the username, so I think just forwarding what we actually need might make this slightly more resiliant to future Grafana changes. Signed-off-by: Jacob Baungard Hansen --------- Signed-off-by: Jacob Baungard Hansen update Signed-off-by: Coleen Iona Quadros update Signed-off-by: Coleen Iona Quadros Revert "Avoid Concurrent writes to ManagedClusterList (#1516)" This reverts commit d642b5f3266bb0a471e49ccda2e374c4755071ff. update Signed-off-by: Coleen Iona Quadros --- ...itoring-operator-acm-212-pull-request.yaml | 2 +- ...dashboard-loader-acm-212-pull-request.yaml | 2 +- ...etrics-collector-acm-212-pull-request.yaml | 2 +- ...ability-operator-acm-212-pull-request.yaml | 2 +- ...rbac-query-proxy-acm-212-pull-request.yaml | 2 +- loaders/dashboards/Dockerfile | 4 ++-- ...bility-operator.clusterserviceversion.yaml | 10 ++++----- .../multiclusterobservability/grafana.go | 11 ++++++---- .../multiclusterobservability_controller.go | 22 ++++++++++++++----- .../placementrule/customize_img.go | 1 + .../controllers/placementrule/manifestwork.go | 1 + operators/multiclusterobservability/main.go | 18 +++------------ .../rendering/renderer_alertmanager_test.go | 12 ++++++---- proxy/Dockerfile | 2 +- 14 files changed, 50 insertions(+), 41 deletions(-) diff --git a/.tekton/endpoint-monitoring-operator-acm-212-pull-request.yaml b/.tekton/endpoint-monitoring-operator-acm-212-pull-request.yaml index 1b253d1d5..6ba1b923f 100644 --- a/.tekton/endpoint-monitoring-operator-acm-212-pull-request.yaml +++ b/.tekton/endpoint-monitoring-operator-acm-212-pull-request.yaml @@ -8,7 +8,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch - == "release-2.12" + == "main" creationTimestamp: null labels: appstudio.openshift.io/application: release-acm-212 diff --git a/.tekton/grafana-dashboard-loader-acm-212-pull-request.yaml b/.tekton/grafana-dashboard-loader-acm-212-pull-request.yaml index 91ba426b8..1c6fa8c01 100644 --- a/.tekton/grafana-dashboard-loader-acm-212-pull-request.yaml +++ b/.tekton/grafana-dashboard-loader-acm-212-pull-request.yaml @@ -8,7 +8,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch - == "release-2.12" + == "main" creationTimestamp: null labels: appstudio.openshift.io/application: release-acm-212 diff --git a/.tekton/metrics-collector-acm-212-pull-request.yaml b/.tekton/metrics-collector-acm-212-pull-request.yaml index b04bc2fc0..57991d827 100644 --- a/.tekton/metrics-collector-acm-212-pull-request.yaml +++ b/.tekton/metrics-collector-acm-212-pull-request.yaml @@ -8,7 +8,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch - == "release-2.12" + == "main" creationTimestamp: null labels: appstudio.openshift.io/application: release-acm-212 diff --git a/.tekton/multicluster-observability-operator-acm-212-pull-request.yaml b/.tekton/multicluster-observability-operator-acm-212-pull-request.yaml index 030eb5143..bec2fac00 100644 --- a/.tekton/multicluster-observability-operator-acm-212-pull-request.yaml +++ b/.tekton/multicluster-observability-operator-acm-212-pull-request.yaml @@ -8,7 +8,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch - == "release-2.12" + == "main" creationTimestamp: null labels: appstudio.openshift.io/application: release-acm-212 diff --git a/.tekton/rbac-query-proxy-acm-212-pull-request.yaml b/.tekton/rbac-query-proxy-acm-212-pull-request.yaml index 42ac9627a..bc3d9ce7e 100644 --- a/.tekton/rbac-query-proxy-acm-212-pull-request.yaml +++ b/.tekton/rbac-query-proxy-acm-212-pull-request.yaml @@ -8,7 +8,7 @@ metadata: build.appstudio.redhat.com/target_branch: '{{target_branch}}' pipelinesascode.tekton.dev/max-keep-runs: "3" pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch - == "release-2.12" + == "main" creationTimestamp: null labels: appstudio.openshift.io/application: release-acm-212 diff --git a/loaders/dashboards/Dockerfile b/loaders/dashboards/Dockerfile index 590722f3c..0d6bf777c 100644 --- a/loaders/dashboards/Dockerfile +++ b/loaders/dashboards/Dockerfile @@ -1,12 +1,12 @@ # Copyright Contributors to the Open Cluster Management project -FROM registry.ci.openshift.org/stolostron/builder:go1.21-linux AS builder +FROM registry.ci.openshift.org/stolostron/builder:go1.22-linux AS builder WORKDIR /workspace COPY go.sum go.mod ./loaders/dashboards ./ COPY ./loaders/dashboards ./loaders/dashboards -RUN CGO_ENABLED=1 go build -a -installsuffix cgo -v -o main loaders/dashboards/cmd/main.go +RUN CGO_ENABLED=1 GOFLAGS="" go build -a -installsuffix cgo -v -o main loaders/dashboards/cmd/main.go FROM registry.access.redhat.com/ubi9/ubi-minimal:latest diff --git a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml index 581bc6916..cdeeba71b 100644 --- a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml +++ b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml @@ -458,13 +458,13 @@ spec: - patch - delete - apiGroups: - - image.openshift.io + - image.openshift.io resources: - - imagestreams + - imagestreams verbs: - - get - - list - - watch + - get + - list + - watch serviceAccountName: multicluster-observability-operator deployments: - label: diff --git a/operators/multiclusterobservability/controllers/multiclusterobservability/grafana.go b/operators/multiclusterobservability/controllers/multiclusterobservability/grafana.go index c50107253..75eb768cf 100644 --- a/operators/multiclusterobservability/controllers/multiclusterobservability/grafana.go +++ b/operators/multiclusterobservability/controllers/multiclusterobservability/grafana.go @@ -62,10 +62,11 @@ type JsonData struct { TLSAuth bool `yaml:"tlsAuth,omitempty"` TLSAuthCA bool `yaml:"tlsAuthWithCACert,omitempty"` // Timeout is the request timeout in seconds for an HTTP datasource. - Timeout string `yaml:"timeout,omitempty"` - HttpMethod string `yaml:"httpMethod,omitempty"` - TimeInterval string `yaml:"timeInterval,omitempty"` - CustomQueryParameters string `yaml:"customQueryParameters,omitempty"` + Timeout string `yaml:"timeout,omitempty"` + HttpMethod string `yaml:"httpMethod,omitempty"` + TimeInterval string `yaml:"timeInterval,omitempty"` + CustomQueryParameters string `yaml:"customQueryParameters,omitempty"` + ForwardHeaders []string `yaml:"forwardHeaders,omitempty"` } type SecureJsonData struct { @@ -104,6 +105,7 @@ func GenerateGrafanaDataSource( Timeout: "300", CustomQueryParameters: "max_source_resolution=auto", TimeInterval: fmt.Sprintf("%ds", mco.Spec.ObservabilityAddonSpec.Interval), + ForwardHeaders: []string{"X-Forwarded-Access-Token"}, }, }, { @@ -120,6 +122,7 @@ func GenerateGrafanaDataSource( Timeout: "300", CustomQueryParameters: "max_source_resolution=auto", TimeInterval: fmt.Sprintf("%ds", DynamicTimeInterval), + ForwardHeaders: []string{"X-Forwarded-Access-Token"}, }, }, }, diff --git a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go index e548a11cf..ab621998e 100644 --- a/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go +++ b/operators/multiclusterobservability/controllers/multiclusterobservability/multiclusterobservability_controller.go @@ -453,8 +453,6 @@ func (r *MultiClusterObservabilityReconciler) SetupWithManager(mgr ctrl.Manager) cmPred := GetConfigMapPredicateFunc() secretPred := GetAlertManagerSecretPredicateFunc() namespacePred := GetNamespacePredicateFunc() - imageStreamPred := GetImageStreamPredicateFunc() - ctrBuilder := ctrl.NewControllerManagedBy(mgr). // Watch for changes to primary resource MultiClusterObservability with predicate For(&mcov1beta2.MultiClusterObservability{}, builder.WithPredicates(mcoPred)). @@ -481,9 +479,6 @@ func (r *MultiClusterObservabilityReconciler) SetupWithManager(mgr ctrl.Manager) // Watch the namespace for changes Watches(&corev1.Namespace{}, &handler.EnqueueRequestForObject{}, builder.WithPredicates(namespacePred)). - // Watch the imagestream for changes - Watches(&imagev1.ImageStream{}, &handler.EnqueueRequestForObject{}, - builder.WithPredicates(imageStreamPred)). // Watch the kube-system extension-apiserver-authentication ConfigMap for changes Watches(&corev1.ConfigMap{}, handler.EnqueueRequestsFromMapFunc( func(ctx context.Context, a client.Object) []reconcile.Request { @@ -498,6 +493,23 @@ func (r *MultiClusterObservabilityReconciler) SetupWithManager(mgr ctrl.Manager) return nil }), builder.WithPredicates(predicate.ResourceVersionChangedPredicate{})) + if _, err := mgr.GetRESTMapper().KindFor(schema.GroupVersionResource{ + Group: "image.openshift.io", + Version: "v1", + Resource: "imagestreams", + }); err != nil { + if meta.IsNoMatchError(err) { + log.Info("image.openshift.io/v1/imagestreams is not available") + } else { + log.Error(err, "failed to get kind for image.openshift.io/v1/imagestreams") + os.Exit(1) + } + } else { + // Images stream is only available in OpenShift + imageStreamPred := GetImageStreamPredicateFunc() + ctrBuilder = ctrBuilder.Watches(&imagev1.ImageStream{}, &handler.EnqueueRequestForObject{}, builder.WithPredicates(imageStreamPred)) + } + mchGroupKind := schema.GroupKind{Group: mchv1.GroupVersion.Group, Kind: "MultiClusterHub"} if _, err := r.RESTMapper.RESTMapping(mchGroupKind, mchv1.GroupVersion.Version); err == nil { mchPred := GetMCHPredicateFunc(c) diff --git a/operators/multiclusterobservability/controllers/placementrule/customize_img.go b/operators/multiclusterobservability/controllers/placementrule/customize_img.go index 88698f1ed..708000f66 100644 --- a/operators/multiclusterobservability/controllers/placementrule/customize_img.go +++ b/operators/multiclusterobservability/controllers/placementrule/customize_img.go @@ -45,6 +45,7 @@ var ( func updateManagedClusterImageRegistry(obj client.Object) { if imageReg, ok := obj.GetAnnotations()[ClusterImageRegistriesAnnotation]; ok { + log.Info("Coleen: updateManagedClusterImageRegistry") managedClusterImageRegistryMutex.Lock() managedClusterImageRegistry[obj.GetName()] = imageReg managedClusterImageRegistryMutex.Unlock() diff --git a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go index eb4ecadee..84317b3c5 100644 --- a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go +++ b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go @@ -438,6 +438,7 @@ func createManifestWorks( } if pullSecret != nil && !hasCustomRegistry { + log.Info("Coleen debug: inject pull secret into work") manifests = injectIntoWork(manifests, pullSecret) } diff --git a/operators/multiclusterobservability/main.go b/operators/multiclusterobservability/main.go index 01baeffcd..58defaa3d 100644 --- a/operators/multiclusterobservability/main.go +++ b/operators/multiclusterobservability/main.go @@ -10,9 +10,9 @@ import ( "fmt" "os" - imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" - "k8s.io/apimachinery/pkg/api/meta" + imagev1 "github.com/openshift/api/image/v1" + imagev1client "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. @@ -72,6 +72,7 @@ func init() { utilruntime.Must(observatoriumAPIs.AddToScheme(scheme)) utilruntime.Must(prometheusv1.AddToScheme(scheme)) utilruntime.Must(addonv1alpha1.AddToScheme(scheme)) + utilruntime.Must(imagev1.AddToScheme(scheme)) // +kubebuilder:scaffold:scheme } @@ -285,19 +286,6 @@ func main() { config.MCGHCrdName: mcghCrdExists, } - if _, err := mgr.GetRESTMapper().KindFor(schema.GroupVersionResource{ - Group: "image.openshift.io", - Version: "v1", - Resource: "imagestreams", - }); err != nil { - if meta.IsNoMatchError(err) { - setupLog.Info("image.openshift.io/v1/imagestreams is not available") - } else { - setupLog.Error(err, "failed to get kind for image.openshift.io/v1/imagestreams") - os.Exit(1) - } - } - imageClient, err := imagev1client.NewForConfig(ctrl.GetConfigOrDie()) if err != nil { setupLog.Error(err, "failed to create openshift image client") diff --git a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go index 05e864ba1..959517a6b 100644 --- a/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go +++ b/operators/multiclusterobservability/pkg/rendering/renderer_alertmanager_test.go @@ -40,10 +40,9 @@ func TestAlertManagerRenderer(t *testing.T) { } containerNameToMchKey := map[string]string{ - "alertmanager": "prometheus_alertmanager", - "config-reloader": "configmap_reloader", - "alertmanager-proxy": "oauth_proxy", - "kube-rbac-proxy": "kube_rbac_proxy", + "alertmanager": "prometheus_alertmanager", + "config-reloader": "configmap_reloader", + "kube-rbac-proxy": "kube_rbac_proxy", } mchImageManifest := &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ @@ -75,6 +74,11 @@ func TestAlertManagerRenderer(t *testing.T) { sts := &appsv1.StatefulSet{} runtime.DefaultUnstructuredConverter.FromUnstructured(obj.Object, sts) for _, container := range sts.Spec.Template.Spec.Containers { + // oauth-proxy container is not in the mch-image-manifest configmap + // we use image-streams to get image for oauth-proxy + if container.Name == "alertmanager-proxy" { + continue + } assert.Equal(t, mchImageManifest.Data[containerNameToMchKey[container.Name]], container.Image) } } diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 767cfc1f9..9ded59749 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /workspace COPY go.sum go.mod ./ COPY ./proxy ./proxy -RUN CGO_ENABLED=1 go build -a -installsuffix cgo -v -o main proxy/cmd/main.go +RUN CGO_ENABLED=1 GOFLAGS="" go build -a -installsuffix cgo -v -o main proxy/cmd/main.go FROM registry.access.redhat.com/ubi9/ubi-minimal:latest From f8748dbb455a64f078e2af702b36097affd41d6f Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 29 Aug 2024 09:45:28 +0200 Subject: [PATCH 07/14] remove logs Signed-off-by: Coleen Iona Quadros --- .../controllers/placementrule/customize_img.go | 1 - .../controllers/placementrule/manifestwork.go | 1 - 2 files changed, 2 deletions(-) diff --git a/operators/multiclusterobservability/controllers/placementrule/customize_img.go b/operators/multiclusterobservability/controllers/placementrule/customize_img.go index 708000f66..88698f1ed 100644 --- a/operators/multiclusterobservability/controllers/placementrule/customize_img.go +++ b/operators/multiclusterobservability/controllers/placementrule/customize_img.go @@ -45,7 +45,6 @@ var ( func updateManagedClusterImageRegistry(obj client.Object) { if imageReg, ok := obj.GetAnnotations()[ClusterImageRegistriesAnnotation]; ok { - log.Info("Coleen: updateManagedClusterImageRegistry") managedClusterImageRegistryMutex.Lock() managedClusterImageRegistry[obj.GetName()] = imageReg managedClusterImageRegistryMutex.Unlock() diff --git a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go index 84317b3c5..eb4ecadee 100644 --- a/operators/multiclusterobservability/controllers/placementrule/manifestwork.go +++ b/operators/multiclusterobservability/controllers/placementrule/manifestwork.go @@ -438,7 +438,6 @@ func createManifestWorks( } if pullSecret != nil && !hasCustomRegistry { - log.Info("Coleen debug: inject pull secret into work") manifests = injectIntoWork(manifests, pullSecret) } From 79d16a0929814cceb11f723358d6bed83cf73dbe Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Thu, 29 Aug 2024 10:51:26 +0200 Subject: [PATCH 08/14] update Signed-off-by: Coleen Iona Quadros --- ...lticluster-observability-operator.clusterserviceversion.yaml | 2 +- tests/pkg/tests/observability_install_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml index cdeeba71b..815986804 100644 --- a/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml +++ b/operators/multiclusterobservability/bundle/manifests/multicluster-observability-operator.clusterserviceversion.yaml @@ -49,7 +49,7 @@ metadata: } ] capabilities: Basic Install - createdAt: "2024-08-01T12:07:10Z" + createdAt: "2024-08-29T07:59:21Z" operators.operatorframework.io/builder: operator-sdk-v1.34.2 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 name: multicluster-observability-operator.v0.1.0 diff --git a/tests/pkg/tests/observability_install_test.go b/tests/pkg/tests/observability_install_test.go index 485196ba3..5dce1567d 100644 --- a/tests/pkg/tests/observability_install_test.go +++ b/tests/pkg/tests/observability_install_test.go @@ -104,7 +104,7 @@ func installMCO() { By("Waiting for MCO ready status") allPodsIsReady := false Eventually(func() error { - instance, err := dynClient.Resource(utils.NewMCOGVRV1BETA1()). + instance, err := dynClient.Resource(utils.NewMCOGVRV1BETA2()). Get(context.TODO(), MCO_CR_NAME, metav1.GetOptions{}) if err == nil { allPodsIsReady = utils.StatusContainsTypeEqualTo(instance, "Ready") From 0694cf948078a62df13772e3c23f8830aed5e78f Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Fri, 30 Aug 2024 11:42:19 +0200 Subject: [PATCH 09/14] update Signed-off-by: Coleen Iona Quadros --- .../multiclusterobservability/controllers/placementrule/role.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operators/multiclusterobservability/controllers/placementrule/role.go b/operators/multiclusterobservability/controllers/placementrule/role.go index a506df5dd..f7aff7183 100644 --- a/operators/multiclusterobservability/controllers/placementrule/role.go +++ b/operators/multiclusterobservability/controllers/placementrule/role.go @@ -222,7 +222,7 @@ func createResourceRole(c client.Client) error { found := &rbacv1.ClusterRole{} err := c.Get(context.TODO(), types.NamespacedName{Name: resRoleName}, found) if err != nil && errors.IsNotFound(err) { - log.Info("Creating endpoint-observability-res-role clusterrole") + log.Info("Creating endpoint-observability-res-role clusterrole test") err = c.Create(context.TODO(), role) if err != nil { log.Error(err, "Failed to create endpoint-observability-res-role clusterrole") From 2c48b906944b4e985660553d0dfcb7ab94a9a76d Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Fri, 30 Aug 2024 11:43:41 +0200 Subject: [PATCH 10/14] update Signed-off-by: Coleen Iona Quadros --- proxy/cmd/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy/cmd/main.go b/proxy/cmd/main.go index 9e3e2bb8f..0960c7f78 100644 --- a/proxy/cmd/main.go +++ b/proxy/cmd/main.go @@ -82,7 +82,7 @@ func main() { } if err := util.InitAccessReviewer(kubeConfig); err != nil { - klog.Fatalf("failed to Initialize Access Reviewer: %v", err) + klog.Fatalf("failed to Initialize Access Reviewer: %v test", err) } // watch all managed clusters From 8d51034bd1f0efa24cdea88ae288fe91323e1a36 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Fri, 30 Aug 2024 11:46:48 +0200 Subject: [PATCH 11/14] update Signed-off-by: Coleen Iona Quadros --- proxy/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 9ded59749..2122c99e4 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -1,6 +1,6 @@ # Copyright Contributors to the Open Cluster Management project -FROM registry.ci.openshift.org/stolostron/builder:go1.21-linux AS builder +FROM registry.ci.openshift.org/stolostron/builder:go1.22-linux AS builder WORKDIR /workspace COPY go.sum go.mod ./ From 2c24e5e660d4ac9c79f7d82a185c9d60fd761eb8 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Fri, 30 Aug 2024 12:12:21 +0200 Subject: [PATCH 12/14] update Signed-off-by: Coleen Iona Quadros --- tests/pkg/tests/observability_install_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/pkg/tests/observability_install_test.go b/tests/pkg/tests/observability_install_test.go index 5dce1567d..485196ba3 100644 --- a/tests/pkg/tests/observability_install_test.go +++ b/tests/pkg/tests/observability_install_test.go @@ -104,7 +104,7 @@ func installMCO() { By("Waiting for MCO ready status") allPodsIsReady := false Eventually(func() error { - instance, err := dynClient.Resource(utils.NewMCOGVRV1BETA2()). + instance, err := dynClient.Resource(utils.NewMCOGVRV1BETA1()). Get(context.TODO(), MCO_CR_NAME, metav1.GetOptions{}) if err == nil { allPodsIsReady = utils.StatusContainsTypeEqualTo(instance, "Ready") From a9fa0e3f7b00658efec84fd9aba60762b91a6ab4 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Fri, 30 Aug 2024 16:39:44 +0200 Subject: [PATCH 13/14] update Signed-off-by: Coleen Iona Quadros --- cicd-scripts/setup-e2e-tests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cicd-scripts/setup-e2e-tests.sh b/cicd-scripts/setup-e2e-tests.sh index 6e002da29..0d7b215db 100755 --- a/cicd-scripts/setup-e2e-tests.sh +++ b/cicd-scripts/setup-e2e-tests.sh @@ -152,7 +152,7 @@ deploy_mco_operator() { cd ${ROOTDIR}/operators/multiclusterobservability/config/manager && kustomize edit set image quay.io/stolostron/multicluster-observability-operator="${IMAGE_REPO}/multicluster-observability-operator:${LATEST_SNAPSHOT}" fi cd ${ROOTDIR} - kustomize build ${ROOTDIR}/operators/multiclusterobservability/config/default | kubectl apply -n ${OCM_DEFAULT_NS} --server-side=true -f - + kustomize build ${ROOTDIR}/operators/multiclusterobservability/config/default | kubectl apply -n ${OCM_DEFAULT_NS} --server-side=true --force-conflicts -f - # wait until mco is ready wait_for_deployment_ready 10 60s ${OCM_DEFAULT_NS} multicluster-observability-operator From 4e16a6d7c46c63113bbc361faca1765da994b414 Mon Sep 17 00:00:00 2001 From: Coleen Iona Quadros Date: Mon, 2 Sep 2024 09:44:30 +0200 Subject: [PATCH 14/14] remove log Signed-off-by: Coleen Iona Quadros --- .../multiclusterobservability/controllers/placementrule/role.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operators/multiclusterobservability/controllers/placementrule/role.go b/operators/multiclusterobservability/controllers/placementrule/role.go index f7aff7183..a506df5dd 100644 --- a/operators/multiclusterobservability/controllers/placementrule/role.go +++ b/operators/multiclusterobservability/controllers/placementrule/role.go @@ -222,7 +222,7 @@ func createResourceRole(c client.Client) error { found := &rbacv1.ClusterRole{} err := c.Get(context.TODO(), types.NamespacedName{Name: resRoleName}, found) if err != nil && errors.IsNotFound(err) { - log.Info("Creating endpoint-observability-res-role clusterrole test") + log.Info("Creating endpoint-observability-res-role clusterrole") err = c.Create(context.TODO(), role) if err != nil { log.Error(err, "Failed to create endpoint-observability-res-role clusterrole")