Skip to content

Commit

Permalink
feat(operatorgroup): create role bindings for operator service accoun…
Browse files Browse the repository at this point in the history
…ts in target namespaces

if target namespaces == all namespaces, generate cluster role bindings instead
  • Loading branch information
ecordell committed Nov 13, 2018
1 parent 14aff97 commit eaef874
Showing 135 changed files with 9,239 additions and 9,265 deletions.
1 change: 0 additions & 1 deletion deploy/chart/templates/0000_30_14-operatorgroup.crd.yaml
Original file line number Diff line number Diff line change
@@ -46,4 +46,3 @@ spec:
required:
- metadata
- spec
version: v1alpha2
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -66,7 +66,7 @@ require (
google.golang.org/grpc v1.16.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.0.0-20170531160350-a96e63847dc3 // indirect
k8s.io/api v0.0.0-20181108095152-eee84a6322ca
k8s.io/api v0.0.0-20180904230853-4e7be11eab3f
k8s.io/apiextensions-apiserver v0.0.0-20180905004947-16750353bf97
k8s.io/apimachinery v0.0.0-20181026144827-8ee1a638bafa
k8s.io/apiserver v0.0.0-20181026151315-13cfe3978170
8 changes: 4 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
@@ -210,16 +210,16 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
k8s.io/api v0.0.0-20181108095152-eee84a6322ca h1:0gIeW03B5m7yni69Y95oPgDXv7ow7puUMt2WqhJIKY8=
k8s.io/api v0.0.0-20181108095152-eee84a6322ca/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
k8s.io/api v0.0.0-20180904230853-4e7be11eab3f h1:DLRkv8Ps4Sdx8Srj+UtGisj4whV7v/HezlHx6QqiZqE=
k8s.io/api v0.0.0-20180904230853-4e7be11eab3f/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
k8s.io/apiextensions-apiserver v0.0.0-20180905004947-16750353bf97 h1:s4lWWs6JN5kWVzk5bztddkr5kgO/cGIbqTDP+QttUeQ=
k8s.io/apiextensions-apiserver v0.0.0-20180905004947-16750353bf97/go.mod h1:IxkesAMoaCRoLrPJdZNZUQp9NfZnzqaVzLhb2VEQzXE=
k8s.io/apiextensions-apiserver v0.0.0-20181110192823-2c43ee60e25b h1:O3KqnOdhludLAAHs7bvV7UpPYow3gqLqF5Junc5hbw8=
k8s.io/apimachinery v0.0.0-20181026144827-8ee1a638bafa h1:i0EOpPFWExNx7efINILpw8LJeah7gakRl1zjvwVfjiI=
k8s.io/apimachinery v0.0.0-20181026144827-8ee1a638bafa/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0=
k8s.io/apiserver v0.0.0-20181026151315-13cfe3978170 h1:CqI85nZvPaV+7JFono0nAOGOx2brocqefcOhDPVhHKI=
k8s.io/apiserver v0.0.0-20181026151315-13cfe3978170/go.mod h1:6bqaTSOSJavUIXUtfaR9Os9JtTCm8ZqH2SUl2S60C4w=
k8s.io/client-go v8.0.0+incompatible h1:tTI4hRmb1DRMl4fG6Vclfdi6nTM82oIrTT7HfitmxC4=
k8s.io/client-go v8.0.0+incompatible h1:2pUaSg2x6iEHr8cia6zmWhoCXG1EDG9TCx9s//Aq7HY=
k8s.io/client-go v8.0.0+incompatible/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s=
k8s.io/client-go v9.0.0+incompatible h1:2kqW3X2xQ9SbFvWZjGEHBLlWc1LG9JIJNXWkuqwdZ3A=
k8s.io/code-generator v0.0.0-20180904193909-8c97d6ab64da h1:L6YB6ObZIbZlYikTQcCjzZGilwS3OVyQBA2esULs8VM=
@@ -233,5 +233,5 @@ k8s.io/kube-aggregator v0.0.0-20180905000155-efa32eb095fe/go.mod h1:8sbzT4QQKDEm
k8s.io/kube-aggregator v0.0.0-20181110192014-6f96af33cb59 h1:8VFjmCurXo3sMW0ASrUvoE4aT8FCzsIz55uic1EyUIc=
k8s.io/kube-openapi v0.0.0-20181031203759-72693cb1fadd h1:ggv/Vfza0i5xuhUZyYyxcc25AmQvHY8Zi1C2m8WgBvA=
k8s.io/kube-openapi v0.0.0-20181031203759-72693cb1fadd/go.mod h1:BXM9ceUBTj2QnfH2MK1odQs778ajze1RxcmP6S8RVVc=
k8s.io/kubernetes v1.11.5-beta.0.0.20181108064615-3290824d1c7b h1:i9PV0cnNZrleFj2YjDYDAUku1qg/SlKfdm4LdTJzAFo=
k8s.io/kubernetes v1.11.5-beta.0.0.20181108064615-3290824d1c7b h1:Ej2VgtycDFPfQunFFfAsWvdjT+dhte1CcwnPNId+V1k=
k8s.io/kubernetes v1.11.5-beta.0.0.20181108064615-3290824d1c7b/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
2 changes: 1 addition & 1 deletion pkg/api/apis/operators/v1alpha2/operatorgroup_types.go
Original file line number Diff line number Diff line change
@@ -11,7 +11,7 @@ type OperatorGroupSpec struct {
}

type OperatorGroupStatus struct {
Namespaces []*corev1.Namespace `json:"namespaces"`
Namespaces []string `json:"namespaces,omitempty"`
LastUpdated metav1.Time `json:"lastUpdated"`
}

11 changes: 2 additions & 9 deletions pkg/api/apis/operators/v1alpha2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

63 changes: 41 additions & 22 deletions pkg/controller/operators/olm/operator_test.go
Original file line number Diff line number Diff line change
@@ -2124,7 +2124,10 @@ func TestSyncOperatorGroups(t *testing.T) {
},
},
},
expectedStatus: v1alpha2.OperatorGroupStatus{},
expectedStatus: v1alpha2.OperatorGroupStatus{
Namespaces: []string{testNS},
LastUpdated: timeNow(),
},
},
{
name: "operator group with matching namespace, no CSVs",
@@ -2155,15 +2158,7 @@ func TestSyncOperatorGroups(t *testing.T) {
},
},
expectedStatus: v1alpha2.OperatorGroupStatus{
Namespaces: []*corev1.Namespace{
{
ObjectMeta: metav1.ObjectMeta{
Name: testNS,
Labels: aLabel,
Annotations: map[string]string{"test": "annotation"},
},
},
},
Namespaces: []string{testNS},
LastUpdated: timeNow(),
},
},
@@ -2206,15 +2201,7 @@ func TestSyncOperatorGroups(t *testing.T) {
},
},
expectedStatus: v1alpha2.OperatorGroupStatus{
Namespaces: []*corev1.Namespace{
{
ObjectMeta: metav1.ObjectMeta{
Name: testNS,
Labels: aLabel,
Annotations: map[string]string{"test": "annotation"},
},
},
},
Namespaces: []string{testNS},
LastUpdated: timeNow(),
},
expectedAnnotation: map[string]string{"NOTFOUND": testNS},
@@ -2257,18 +2244,50 @@ func TestSyncOperatorGroups(t *testing.T) {
},
},
expectedStatus: v1alpha2.OperatorGroupStatus{
Namespaces: []*corev1.Namespace{
{
Namespaces: []string{testNS},
LastUpdated: timeNow(),
},
expectedAnnotation: map[string]string{"olm.targetNamespaces": testNS, "olm.operatorGroup": "operator-group-1", "olm.operatorNamespace": testNS},
},
{
name: "operator group all namespaces, CSV present, found",
expectedEqual: true,
initial: initial{
operatorGroup: &v1alpha2.OperatorGroup{
ObjectMeta: metav1.ObjectMeta{
Name: "operator-group-1",
Namespace: testNS,
Labels: aLabel,
},
Spec: v1alpha2.OperatorGroupSpec{
},
},
clientObjs: []runtime.Object{
csv("csv1",
testNS,
"",
installStrategy("csv1-dep1", nil, nil),
[]*v1beta1.CustomResourceDefinition{crd("c1", "v1")},
[]*v1beta1.CustomResourceDefinition{},
v1alpha1.CSVPhaseSucceeded,
),
},
k8sObjs: []runtime.Object{
&corev1.Namespace{
ObjectMeta: metav1.ObjectMeta{
Name: testNS,
Labels: aLabel,
Annotations: map[string]string{"test": "annotation"},
},
},
ownedDeployment,
},
},
expectedStatus: v1alpha2.OperatorGroupStatus{
Namespaces: []string{corev1.NamespaceAll},
LastUpdated: timeNow(),
},
expectedAnnotation: map[string]string{"olm.targetNamespaces": testNS, "olm.operatorGroup": "operator-group-1", "olm.operatorNamespace": testNS},
expectedAnnotation: map[string]string{"olm.targetNamespaces": "", "olm.operatorGroup": "operator-group-1", "olm.operatorNamespace": testNS},
},
}

Loading

0 comments on commit eaef874

Please sign in to comment.