redhat-cop · sabre1041 · Feb 13, 2022 · Feb 9, 2022 · Feb 9, 2022 · Feb 11, 2022
diff --git a/.gitignore b/.gitignore
@@ -26,3 +26,4 @@ bundle
 bundle.Dockerfile
 charts
 maybash.sh
+config/local-development/tilt/replace-image.yaml
diff --git a/Makefile b/Makefile
@@ -127,7 +127,7 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi
 
 CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
 controller-gen: ## Download controller-gen locally if necessary.
-	$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1)
+	$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.6.1)
 
 KUSTOMIZE = $(shell pwd)/bin/kustomize
 kustomize: ## Download kustomize locally if necessary.
@@ -207,14 +207,16 @@ catalog-push: ## Push a catalog image.
 helmchart: kustomize
 	mkdir -p ./charts/${OPERATOR_NAME}/templates
 	mkdir -p ./charts/${OPERATOR_NAME}/crds
+	repo=${OPERATOR_NAME} envsubst < ./config/local-development/tilt/env-replace-image.yaml > ./config/local-development/tilt/replace-image.yaml
+	$(KUSTOMIZE) build ./config/helmchart -o ./charts/${OPERATOR_NAME}/templates
+	sed -i 's/release-namespace/{{.Release.Namespace}}/' ./charts/${OPERATOR_NAME}/templates/*.yaml
+	rm ./charts/${OPERATOR_NAME}/templates/v1_namespace_release-namespace.yaml ./charts/${OPERATOR_NAME}/templates/apps_v1_deployment_${OPERATOR_NAME}-controller-manager.yaml
 	cp ./config/helmchart/templates/* ./charts/${OPERATOR_NAME}/templates
-	$(KUSTOMIZE) build ./config/helmchart | sed 's/namespace: system/namespace: {{ .Release.Namespace }}/' > ./charts/${OPERATOR_NAME}/templates/rbac.yaml
-	if [ -d "./config/crd" ]; then $(KUSTOMIZE) build ./config/crd > ./charts/${OPERATOR_NAME}/crds/crds.yaml; fi
 	version=${VERSION} envsubst < ./config/helmchart/Chart.yaml.tpl  > ./charts/${OPERATOR_NAME}/Chart.yaml
 	version=${VERSION} image_repo=$${IMG%:*} envsubst < ./config/helmchart/values.yaml.tpl  > ./charts/${OPERATOR_NAME}/values.yaml
-	sed -i '/^apiVersion: monitoring.coreos.com/i {{ if .Values.enableMonitoring }}' ./charts/${OPERATOR_NAME}/templates/rbac.yaml
-	echo {{ end }} >> ./charts/${OPERATOR_NAME}/templates/rbac.yaml
-	helm lint ./charts/${OPERATOR_NAME}	
+	sed -i '1s/^/{{ if .Values.enableMonitoring }}/' ./charts/${OPERATOR_NAME}/templates/monitoring.coreos.com_v1_servicemonitor_${OPERATOR_NAME}-controller-manager-metrics-monitor.yaml
+	echo {{ end }} >> ./charts/${OPERATOR_NAME}/templates/monitoring.coreos.com_v1_servicemonitor_${OPERATOR_NAME}-controller-manager-metrics-monitor.yaml
+	helm lint ./charts/${OPERATOR_NAME}
 
 helmchart-repo: helmchart
 	mkdir -p ${HELM_REPO_DEST}/${OPERATOR_NAME}

diff --git a/README.md b/README.md
@@ -108,14 +108,14 @@ exit
 
 ### Running the operator locally
 
+> Note: this operator build process is tested with [podman](https://podman.io/), but some of the build files (Makefile specifically) use docker because they are generated automatically by operator-sdk. It is recommended [remap the docker command to the podman command](https://developers.redhat.com/blog/2020/11/19/transitioning-from-docker-to-podman#transition_to_the_podman_cli).
+
 ```shell
-oc new-project volume-expander-operator-local
-kustomize build ./config/local-development | oc apply -f - -n volume-expander-operator-local
-export token=export token=$(oc serviceaccounts get-token 'volume-expander-operator-controller-manager' -n volume-expander-operator-local)
-export base_domain=$(oc get dns cluster -o jsonpath='{.spec.baseDomain}')
-export prometheus_route=https://prometheus-k8s-openshift-monitoring.apps.${base_domain}
-oc login --token ${token}
-make run ENABLE_WEBHOOKS=false PROMETHEUS_URL=${prometheus_route} TOKEN=${token}
+export repo=raffaelespazzoli
+docker login quay.io/$repo
+oc new-project volume-expander-operator
+oc project volume-expander-operator
+tilt up
 ```
 
 ### Test helm chart locally

diff --git a/Tiltfile b/Tiltfile
@@ -0,0 +1,40 @@
+# -*- mode: Python -*-
+
+compile_cmd = 'CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/manager main.go'
+image = 'quay.io/' + os.environ['repo'] + '/volume-expander-operator'
+
+# Go Build
+local_resource(
+  'volume-expander-operator-compile',
+  compile_cmd,
+  deps=['./main.go','./api','./controllers']
+)
+
+# Container Build
+custom_build(
+  image,
+  'podman build -t $EXPECTED_REF --ignorefile ci.Dockerfile.dockerignore -f ./ci.Dockerfile .  && podman push $EXPECTED_REF $EXPECTED_REF',
+  entrypoint=['/manager'],
+  deps=['./bin'],
+  live_update=[
+    sync('./bin/manager',"/manager"),
+  ],
+  skips_local_docker=True,
+)
+
+# Manifest Generation
+local_resource(
+  'volume-expander-operator-manifests',
+  'make manifests',
+  deps=['./bin']
+)
+
+allow_k8s_contexts(k8s_context())
+
+# Local Dev
+watch_settings(ignore="./config/local-development/tilt/*")
+local('envsubst < ./config/local-development/tilt/env-replace-image.yaml > ./config/local-development/tilt/replace-image.yaml', echo_off=True)
+
+k8s_yaml(kustomize('./config/local-development/tilt'))
+k8s_resource('volume-expander-operator-controller-manager',
+  resource_deps=['volume-expander-operator-compile', 'volume-expander-operator-manifests'])
diff --git a/config/helmchart/cert-manager-ca-injection.yaml b/config/helmchart/cert-manager-ca-injection.yaml
@@ -0,0 +1,4 @@
+- op: add
+  path: /metadata/annotations
+  value:
+    cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/webhook-server-cert"
diff --git a/config/helmchart/kustomization.yaml b/config/helmchart/kustomization.yaml
@@ -1,38 +1,18 @@
-# Adds namespace to all resources.
-
-# Value of this field is prepended to the
-# names of all resources, e.g. a deployment named
-# "wordpress" becomes "alices-wordpress".
-# Note that it should also match with the prefix (text before '-') of the namespace
-# field above.
-namePrefix: volume-expander-operator-
-
-# Labels to add to all resources and selectors.
-#commonLabels:
-#  someName: someValue
-
-resources: 
-- service-account.yaml
+namespace: release-namespace
 
 bases:
-- ../rbac
-- ../prometheus
+- ../local-development/tilt
 
-vars:
-- name: METRICS_SERVICE_NAME
-  objref:
-    kind: Service
+patchesJson6902:
+- target:
+    group: admissionregistration.k8s.io
     version: v1
-    name: controller-manager-metrics
-- name: METRICS_SERVICE_NAMESPACE
-  objref:
-    kind: Service
+    kind: MutatingWebhookConfiguration
+    name: vault-config-operator-mutating-webhook-configuration
+  path: ./cert-manager-ca-injection.yaml
+- target:
+    group: admissionregistration.k8s.io
     version: v1
-    name: controller-manager-metrics
-  fieldref:
-    fieldpath: metadata.namespace
-- name: ROLE_NAME
-  objref:
-    kind: Role
-    apiVersion: rbac.authorization.k8s.io/v1
-    name: prometheus-k8s
+    kind: ValidatingWebhookConfiguration
+    name: vault-config-operator-validating-webhook-configuration
+  path: ./cert-manager-ca-injection.yaml
diff --git a/config/local-development/tilt/ca-injection.yaml b/config/local-development/tilt/ca-injection.yaml
@@ -0,0 +1,4 @@
+- op: add
+  path: /metadata/annotations
+  value:
+    service.beta.openshift.io/inject-cabundle: "true"
diff --git a/config/local-development/tilt/env-replace-image.yaml b/config/local-development/tilt/env-replace-image.yaml
@@ -0,0 +1,8 @@
+- op: replace
+  path: /spec/template/spec/containers/1/image
+  value:
+    quay.io/$repo/patch-operator:latest
+- op: add
+  path: /spec/template/spec/containers/1/args/-
+  value:
+    --zap-devel=true
diff --git a/config/local-development/tilt/kustomization.yaml b/config/local-development/tilt/kustomization.yaml
@@ -0,0 +1,37 @@
+# Adds namespace to all resources.
+namespace: volume-expander-operator
+
+# Labels to add to all resources and selectors.
+#commonLabels:
+#  someName: someValue
+
+bases:
+- ../../default
+- ./service-account.yaml
+
+
+patchesJson6902:
+- target:
+    group: admissionregistration.k8s.io
+    version: v1
+    kind: MutatingWebhookConfiguration
+    name: patch-operator-mutating-webhook-configuration
+  path: ./ca-injection.yaml
+- target:
+    group: admissionregistration.k8s.io
+    version: v1
+    kind: ValidatingWebhookConfiguration
+    name: patch-operator-validating-webhook-configuration
+  path: ./ca-injection.yaml
+- target:
+    group: ""
+    version: v1
+    kind: Service
+    name: patch-operator-webhook-service
+  path: ./secret-injection.yaml
+- target:
+    group: apps
+    version: v1
+    kind: Deployment
+    name: patch-operator-controller-manager
+  path: ./replace-image.yaml       
diff --git a/config/local-development/tilt/readme.md b/config/local-development/tilt/readme.md
@@ -0,0 +1,4 @@
+remove namespace
+
+annotation in webhook service -> webhook-server-cert
+annotation in mutating and validating webhooks
diff --git a/config/local-development/tilt/secret-injection.yaml b/config/local-development/tilt/secret-injection.yaml
@@ -0,0 +1,4 @@
+- op: add
+  path: /metadata/annotations
+  value:
+    service.alpha.openshift.io/serving-cert-secret-name: webhook-server-cert
diff --git a/config/helmchart/service-account.yaml → ...cal-development/tilt/service-account.yaml b/config/helmchart/service-account.yaml → ...cal-development/tilt/service-account.yaml
@@ -2,4 +2,4 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: controller-manager
-  namespace: system
+  namespace: system
diff --git a/main.go b/main.go
@@ -54,9 +54,15 @@ func main() {
 	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
 		"Enable leader election for controller manager. "+
 			"Enabling this will ensure there is only one active controller manager.")
+
+	opts := zap.Options{
+		Development: true,
+	}
+	opts.BindFlags(flag.CommandLine)
+
 	flag.Parse()
 
-	ctrl.SetLogger(zap.New(zap.UseDevMode(true)))
+	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
 
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
 		Scheme:                 scheme,