From fbd7b5e71ca001c4c20875a844af1fe2e0d8ee34 Mon Sep 17 00:00:00 2001 From: Per Goncalves da Silva Date: Fri, 4 Apr 2025 14:06:17 +0200 Subject: [PATCH 1/2] update deployment resource and fix AllNamespaces cluster permissions Signed-off-by: Per Goncalves da Silva --- internal/operator-controller/rukpak/convert/registryv1.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/internal/operator-controller/rukpak/convert/registryv1.go b/internal/operator-controller/rukpak/convert/registryv1.go index ce599d46f..cf12ebe42 100644 --- a/internal/operator-controller/rukpak/convert/registryv1.go +++ b/internal/operator-controller/rukpak/convert/registryv1.go @@ -19,6 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/cli-runtime/pkg/resource" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" @@ -277,6 +278,11 @@ func (c Converter) Convert(rv1 RegistryV1, installNamespace string, targetNamesp annotations := util.MergeMaps(rv1.CSV.Annotations, depSpec.Spec.Template.Annotations) annotations["olm.targetNamespaces"] = strings.Join(targetNamespaces, ",") depSpec.Spec.Template.Annotations = annotations + + // Hardcode the deployment with RevisionHistoryLimit=1 to replicate OLMv0 behavior + // https://github.com/operator-framework/operator-lifecycle-manager/blob/dfd0b2bea85038d3c0d65348bc812d297f16b8d2/pkg/controller/install/deployment.go#L181 + depSpec.Spec.RevisionHistoryLimit = ptr.To(int32(1)) + deployments = append(deployments, appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ Kind: "Deployment", @@ -328,8 +334,8 @@ func (c Converter) Convert(rv1 RegistryV1, installNamespace string, targetNamesp APIGroups: []string{corev1.GroupName}, Resources: []string{"namespaces"}, }) + clusterPermissions = append(clusterPermissions, p) } - clusterPermissions = append(clusterPermissions, permissions...) permissions = nil } From 5e5b6497a669e4f58c6d0e52692aba5e0f464378 Mon Sep 17 00:00:00 2001 From: Per Goncalves da Silva Date: Fri, 4 Apr 2025 14:06:47 +0200 Subject: [PATCH 2/2] update generated bundle manifests Signed-off-by: Per Goncalves da Silva --- ....-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml} | 10 +++++++++- ....-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml} | 4 ++-- ..._deployment_argocd-operator-controller-manager.yaml | 1 + ..._deployment_argocd-operator-controller-manager.yaml | 1 + ..._deployment_argocd-operator-controller-manager.yaml | 1 + 5 files changed, 14 insertions(+), 3 deletions(-) rename test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/{02_clusterrole_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml => 02_clusterrole_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml} (73%) rename test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/{04_clusterrolebinding_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml => 04_clusterrolebinding_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml} (65%) diff --git a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml similarity index 73% rename from test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml rename to test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml index ca6b1f162..26b847f63 100644 --- a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml +++ b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/02_clusterrole_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3 + name: argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p rules: - apiGroups: - "" @@ -35,3 +35,11 @@ rules: verbs: - create - patch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch diff --git a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml similarity index 65% rename from test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml rename to test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml index cb5fc3b04..486dc11da 100644 --- a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3.yaml +++ b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/04_clusterrolebinding_argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p.yaml @@ -2,11 +2,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: creationTimestamp: null - name: argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3 + name: argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: argocd-operator.v0-22gmilmgp91wu25is5i2ec598hni8owq3l71bbkl7iz3 + name: argocd-operator.v0.-3gkm3u8zfarktdile5wekso69zs9bgzb988mhjm0y6p subjects: - kind: ServiceAccount name: argocd-operator-controller-manager diff --git a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/11_deployment_argocd-operator-controller-manager.yaml b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/11_deployment_argocd-operator-controller-manager.yaml index c6d152fc4..81b3e78db 100644 --- a/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/11_deployment_argocd-operator-controller-manager.yaml +++ b/test/convert/expected-manifests/argocd-operator.v0.6.0/all-namespaces/11_deployment_argocd-operator-controller-manager.yaml @@ -6,6 +6,7 @@ metadata: namespace: argocd-system spec: replicas: 1 + revisionHistoryLimit: 1 selector: matchLabels: control-plane: controller-manager diff --git a/test/convert/expected-manifests/argocd-operator.v0.6.0/own-namespace/09_deployment_argocd-operator-controller-manager.yaml b/test/convert/expected-manifests/argocd-operator.v0.6.0/own-namespace/09_deployment_argocd-operator-controller-manager.yaml index 2451e2596..cbde50aa9 100644 --- a/test/convert/expected-manifests/argocd-operator.v0.6.0/own-namespace/09_deployment_argocd-operator-controller-manager.yaml +++ b/test/convert/expected-manifests/argocd-operator.v0.6.0/own-namespace/09_deployment_argocd-operator-controller-manager.yaml @@ -6,6 +6,7 @@ metadata: namespace: argocd-system spec: replicas: 1 + revisionHistoryLimit: 1 selector: matchLabels: control-plane: controller-manager diff --git a/test/convert/expected-manifests/argocd-operator.v0.6.0/single-namespace/09_deployment_argocd-operator-controller-manager.yaml b/test/convert/expected-manifests/argocd-operator.v0.6.0/single-namespace/09_deployment_argocd-operator-controller-manager.yaml index a4d6c2352..dac9e7b74 100644 --- a/test/convert/expected-manifests/argocd-operator.v0.6.0/single-namespace/09_deployment_argocd-operator-controller-manager.yaml +++ b/test/convert/expected-manifests/argocd-operator.v0.6.0/single-namespace/09_deployment_argocd-operator-controller-manager.yaml @@ -6,6 +6,7 @@ metadata: namespace: argocd-system spec: replicas: 1 + revisionHistoryLimit: 1 selector: matchLabels: control-plane: controller-manager