Enable webhook conversion patch in kustomization

[RafalKorepta]

b4809a1

Enable webhook conversion patch in kustomization

Kustomization is not recommented in our official documentation, but those
kustomization patch are neccessery for Redpanda conversion

605ec3a

Fix ApiVersion overwrite during conversion

During conversion webhook handler controller-runtime sets desire meta api version of the
destination resource from the Kubernetes API server request. Round trip marshall and unmarshall
is overwriting metadata.

Reference

https://github.com/kubernetes-sigs/controller-runtime/blob/f4ca78ebc00a4717ecd1c2daea1874d69ddd0137/pkg/webhook/conversion/conversion.go#L101

[chrisseto]

LGTM!

[chrisseto]

I think we might need to make some changes to the rbac kustomization.yaml as well?

[chrisseto]

Oh wait, I think I missed something.

So we don't need to register a Mutating or Validating webhook? We just need there to exist a webhook service?

[chrisseto]

Dang and we'll need to rush out an update to the docs as installing the CRDs through kustomize isn't going to work any more .

The helm chart will need to override the webhook settings to ensure everything is configured appropriately. What a headache.

[RafalKorepta]

Yes, but webhook would register handlers for validating and mutating requests. Currently there is no logic around that in Tedpanda custom resource.

[RafalKorepta]

I don't understand why CRD installation will not work anymore. I can only imagine that there is dependency on certificate. Our operator helm chart could create the self sign cert and eventually cert manager injector would include ca bundle.

[chrisseto]

The service name and namespace need to be configured in order for the CRD's to work.

For example, for the helm chart the conversion strategy gets set to:

  conversion:
    strategy: Webhook
    webhook:
      clientConfig:
        service:
          name: '{{ include "redpanda-operator.fullname" $ }}-webhook-service'
          namespace: '{{ $.Release.Namespace }}'
          path: /convert
      conversionReviewVersions:
      - v1

[RafalKorepta]

You are right. To not break users we should move to operator helm chart for consistency. I wouldn't recommend kustomization (addidiontal layer) that would take inputs to correctly render CRD.

[chrisseto]

Want to jump on a slack huddle so we can try to tie this up and let you get to sleep?

I think kustomize is actually fine but we'd have to support kustomize for installing the entire operator which isn't happening before the weekend.

[RafalKorepta]

I moved PR to draft as #144 should fix our current broken deployment.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}