Helm PoC latest rebase - DO NOT MERGE

.github/workflows/tilt.yaml

@@ -22,10 +22,6 @@ jobs:
     - uses: actions/checkout@v4
       with:
         path: operator-controller
-    - uses: actions/checkout@v4
-      with:
-        repository: operator-framework/rukpak
-        path: rukpak
     - uses: actions/checkout@v4
       with:
         repository: operator-framework/catalogd

CONTRIBUTING.md

@@ -19,9 +19,8 @@ The user experience captured in the OLM V1 PRD introduces many requirements that
 - [The Operator-Controller project](https://github.com/operator-framework/operator-controller/), which is the top level component allowing users to specify operators they'd like to install.
 - [The Catalogd project](https://github.com/operator-framework/catalogd/), which hosts operator content and helps users discover installable content.
 - [The Deppy project](https://github.com/operator-framework/deppy/), which enables the operator-controller to identify valid installs and upgrades from the list of installable content provided via the Catalogd project.
-- [The RukPak project](https://github.com/operator-framework/rukpak/), which facilitates the installation of operators.
 
-Each of the projects listed above have their own governance, release milestones, and release cadence. However, from a technical perspective, the "OLM V1 experience" matches the experienced offered by the operator-controller project, the top level component which introduces dependencies on RukPak, Deppy, and the Catalogd projects.
+Each of the projects listed above have their own governance, release milestones, and release cadence. However, from a technical perspective, the "OLM V1 experience" matches the experienced offered by the operator-controller project, the top level component which introduces dependencies on Deppy and the Catalogd projects.
 
 ## How do we collaborate
 
@@ -62,7 +61,7 @@ Ongoing or previous Operator-Controller milestones can always be found in the [m
 
 ### How are Subproject Issues Tracked?
 
-As discussed earlier, the operator-controller adheres to a microservice architecture, where multiple projects contribute to the overall experience. As such, when designing an operator-controller milestone, the community may need to file an issue against RukPak, Deppy, or Catalogd. Unfortunately, the operator-controller milestone cannot contain issues from one of its subprojects. As such, we've introduced the concept of a "Dependency Issue", described below:
+As discussed earlier, the operator-controller adheres to a microservice architecture, where multiple projects contribute to the overall experience. As such, when designing an operator-controller milestone, the community may need to file an issue against Deppy or Catalogd. Unfortunately, the operator-controller milestone cannot contain issues from one of its subprojects. As such, we've introduced the concept of a "Dependency Issue", described below:
 
 > Dependency Issues: An issue tracked in a milestone that "points" to an issue in another project with a URL.
 
@@ -72,7 +71,6 @@ Unsure where to submit an issue?
 - [The Operator-Controller project](https://github.com/operator-framework/operator-controller/), which is the top level component allowing users to specify operators they'd like to install.
 - [The Catalogd project](https://github.com/operator-framework/catalogd/), which hosts operator content and helps users discover installable content.
 - [The Deppy project](https://github.com/operator-framework/deppy/), which enables the operator-controller to identify valid installs and upgrades from the list of installable content provided via the Catalogd project.
-- [The RukPak project](https://github.com/operator-framework/rukpak/), which facilitates the installation of operators.
 
 Don't worry if you accidentally submit an issue against the wrong project, if we notice that an issue would fit better with a separate project we'll move it to the correct repository and mention it in the #olm-dev slack channel.
 

Makefile

@@ -19,7 +19,6 @@ IMG := $(IMAGE_REPO):$(IMAGE_TAG)
 export CERT_MGR_VERSION := v1.9.0
 export CATALOGD_VERSION := $(shell go list -mod=mod -m -f "{{.Version}}" github.com/operator-framework/catalogd)
 export KAPP_VERSION := $(shell go list -mod=mod -m -f "{{.Version}}" github.com/vmware-tanzu/carvel-kapp-controller)
-export RUKPAK_VERSION := $(shell go list -mod=mod -m -f "{{.Version}}" github.com/operator-framework/rukpak)
 export WAIT_TIMEOUT := 60s
 
 # By default setup-envtest will write to $XDG_DATA_HOME, or $HOME/.local/share if that is not defined.
@@ -164,10 +163,15 @@ e2e-coverage:
 kind-load: $(KIND) #EXHELP Loads the currently constructed image onto the cluster.
 	$(CONTAINER_RUNTIME) save $(IMG) | $(KIND) load image-archive /dev/stdin --name $(KIND_CLUSTER_NAME)
 
-kind-deploy: export MANIFEST := ./operator-controller.yaml
+.PHONY: kind-deploy
+kind-deploy: export MANIFEST="./operator-controller.yaml"
 kind-deploy: manifests $(KUSTOMIZE) #EXHELP Install controller and dependencies onto the kind cluster.
 	$(KUSTOMIZE) build $(KUSTOMIZE_BUILD_DIR) > operator-controller.yaml
-	envsubst '$$CATALOGD_VERSION,$$CERT_MGR_VERSION,$$KAPP_VERSION,$$RUKPAK_VERSION,$$MANIFEST' < scripts/install.tpl.sh | bash -s
+	envsubst '$$CATALOGD_VERSION,$$CERT_MGR_VERSION,$$KAPP_VERSION,$$MANIFEST' < scripts/install.tpl.sh | bash -s
+
+.PHONY: kind-redeploy
+kind-redeploy: generate docker-build kind-load kind-deploy #EXHELP Redeploy newly built executables
+	kubectl delete pod -l control-plane=controller-manager -n $(OPERATOR_CONTROLLER_NAMESPACE)
 
 .PHONY: kind-cluster
 kind-cluster: $(KIND) #EXHELP Standup a kind cluster.
@@ -252,7 +256,7 @@ release: $(GORELEASER) #EXHELP Runs goreleaser for the operator-controller. By d
 quickstart: export MANIFEST := https://github.com/operator-framework/operator-controller/releases/download/$(VERSION)/operator-controller.yaml
 quickstart: $(KUSTOMIZE) manifests #EXHELP Generate the installation release manifests and scripts.
 	$(KUSTOMIZE) build $(KUSTOMIZE_BUILD_DIR) | sed "s/:devel/:$(VERSION)/g" > operator-controller.yaml
-	envsubst '$$CATALOGD_VERSION,$$CERT_MGR_VERSION,$$KAPP_VERSION,$$RUKPAK_VERSION,$$MANIFEST' < scripts/install.tpl.sh > install.sh
+	envsubst '$$CATALOGD_VERSION,$$CERT_MGR_VERSION,$$KAPP_VERSION,$$MANIFEST' < scripts/install.tpl.sh > install.sh
 
 ##@ Docs
 

README.md

@@ -17,7 +17,6 @@ OLM v1 is the follow-up to OLM v0, located [here](https://github.com/operator-fr
 OLM v1 consists of four different components:
 * operator-controller (this repository)
 * [deppy](https://github.com/operator-framework/deppy)
-* [rukpak](https://github.com/operator-framework/rukpak)
 * [catalogd](https://github.com/operator-framework/catalogd)
 
 For a more complete overview of OLM v1 and how it differs from OLM v0, see our [overview](./docs/olmv1_overview.md).
@@ -76,7 +75,7 @@ Install the CRDs and the operator-controller into a new [KIND cluster](https://k
 make run
 ```
 This will build a local container image of the operator-controller, create a new KIND cluster and then deploy onto that cluster.
-This will also deploy the catalogd, rukpak and cert-manager dependencies.
+This will also deploy the catalogd and cert-manager dependencies.
 
 ### Modifying the API definitions
 If you are editing the API definitions, generate the manifests such as CRs or CRDs using:

Tiltfile

@@ -5,7 +5,7 @@ load('../tilt-support/Tiltfile', 'deploy_repo')
 
 config.define_string_list('repos', args=True)
 cfg = config.parse()
-repos = cfg.get('repos', ['operator-controller', 'rukpak', 'catalogd'])
+repos = cfg.get('repos', ['operator-controller', 'catalogd'])
 
 repo = {
     'image': 'quay.io/operator-framework/operator-controller',

api/v1alpha1/clusterextension_types.go

@@ -22,6 +22,11 @@ import (
 	"github.com/operator-framework/operator-controller/internal/conditionsets"
 )
 
+var (
+	ClusterExtensionGVK  = SchemeBuilder.GroupVersion.WithKind("ClusterExtension")
+	ClusterExtensionKind = ClusterExtensionGVK.Kind
+)
+
 type UpgradeConstraintPolicy string
 
 const (
@@ -77,15 +82,20 @@ type ClusterExtensionSpec struct {
 
 const (
 	// TODO(user): add more Types, here and into init()
-	TypeInstalled = "Installed"
-	TypeResolved  = "Resolved"
+	TypeInstalled      = "Installed"
+	TypeResolved       = "Resolved"
+	TypeHasValidBundle = "HasValidBundle"
+	TypeHealthy        = "Healthy"
+
 	// TypeDeprecated is a rollup condition that is present when
 	// any of the deprecated conditions are present.
 	TypeDeprecated        = "Deprecated"
 	TypePackageDeprecated = "PackageDeprecated"
 	TypeChannelDeprecated = "ChannelDeprecated"
 	TypeBundleDeprecated  = "BundleDeprecated"
 
+	ReasonErrorGettingClient        = "ErrorGettingClient"
+	ReasonBundleLoadFailed          = "BundleLoadFailed"
 	ReasonBundleLookupFailed        = "BundleLookupFailed"
 	ReasonInstallationFailed        = "InstallationFailed"
 	ReasonInstallationStatusUnknown = "InstallationStatusUnknown"
@@ -95,13 +105,18 @@ const (
 	ReasonResolutionUnknown         = "ResolutionUnknown"
 	ReasonSuccess                   = "Success"
 	ReasonDeprecated                = "Deprecated"
+	ReasonErrorGettingReleaseState  = "ErrorGettingReleaseState"
+	ReasonUpgradeFailed             = "UpgradeFailed"
+	ReasonCreateDynamicWatchFailed  = "CreateDynamicWatchFailed"
 )
 
 func init() {
 	// TODO(user): add Types from above
 	conditionsets.ConditionTypes = append(conditionsets.ConditionTypes,
 		TypeInstalled,
 		TypeResolved,
+		TypeHasValidBundle,
+		TypeHealthy,
 		TypeDeprecated,
 		TypePackageDeprecated,
 		TypeChannelDeprecated,
@@ -118,6 +133,11 @@ func init() {
 		ReasonInvalidSpec,
 		ReasonSuccess,
 		ReasonDeprecated,
+		ReasonErrorGettingReleaseState,
+		ReasonUpgradeFailed,
+		ReasonCreateDynamicWatchFailed,
+		ReasonBundleLoadFailed,
+		ReasonErrorGettingClient,
 	)
 }
 
@@ -127,7 +147,6 @@ type ClusterExtensionStatus struct {
 	InstalledBundle *BundleMetadata `json:"installedBundle,omitempty"`
 	// +optional
 	ResolvedBundle *BundleMetadata `json:"resolvedBundle,omitempty"`
-
 	// +patchMergeKey=type
 	// +patchStrategy=merge
 	// +listType=map

cmd/manager/main.go

@@ -17,22 +17,37 @@ limitations under the License.
 package main
 
 import (
+	"crypto/x509"
 	"flag"
+	"fmt"
 	"net/http"
+	"net/url"
 	"os"
 	"time"
 
 	"github.com/spf13/pflag"
 	"go.uber.org/zap/zapcore"
+	k8slabels "k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/selection"
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 	ctrl "sigs.k8s.io/controller-runtime"
+	crcache "sigs.k8s.io/controller-runtime/pkg/cache"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
+	helmclient "github.com/operator-framework/helm-operator-plugins/pkg/client"
+	"github.com/operator-framework/rukpak/pkg/source"
+	"github.com/operator-framework/rukpak/pkg/storage"
+	"github.com/operator-framework/rukpak/pkg/util"
+
+	"github.com/operator-framework/operator-controller/api/v1alpha1"
 	"github.com/operator-framework/operator-controller/internal/catalogmetadata/cache"
 	catalogclient "github.com/operator-framework/operator-controller/internal/catalogmetadata/client"
 	"github.com/operator-framework/operator-controller/internal/controllers"
+	"github.com/operator-framework/operator-controller/internal/handler"
+	"github.com/operator-framework/operator-controller/internal/labels"
 	"github.com/operator-framework/operator-controller/pkg/features"
 	"github.com/operator-framework/operator-controller/pkg/scheme"
 )
@@ -43,17 +58,25 @@ var (
 
 func main() {
 	var (
-		metricsAddr          string
-		enableLeaderElection bool
-		probeAddr            string
-		cachePath            string
+		metricsAddr                 string
+		enableLeaderElection        bool
+		probeAddr                   string
+		cachePath                   string
+		httpExternalAddr            string
+		systemNamespace             string
+		unpackImage                 string
+		provisionerStorageDirectory string
 	)
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
+	flag.StringVar(&httpExternalAddr, "http-external-address", "http://localhost:8080", "The external address at which the http server is reachable.")
 	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
 		"Enable leader election for controller manager. "+
 			"Enabling this will ensure there is only one active controller manager.")
 	flag.StringVar(&cachePath, "cache-path", "/var/cache", "The local directory path used for filesystem based caching")
+	flag.StringVar(&systemNamespace, "system-namespace", "", "Configures the namespace that gets used to deploy system resources.")
+	flag.StringVar(&unpackImage, "unpack-image", util.DefaultUnpackImage, "Configures the container image that gets used to unpack Bundle contents.")
+	flag.StringVar(&provisionerStorageDirectory, "provisioner-storage-dir", storage.DefaultBundleCacheDir, "The directory that is used to store bundle contents.")
 	opts := zap.Options{
 		Development: true,
 	}
@@ -65,12 +88,33 @@ func main() {
 
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts), zap.StacktraceLevel(zapcore.DPanicLevel)))
 
+	if systemNamespace == "" {
+		systemNamespace = util.PodNamespace()
+	}
+
+	dependentRequirement, err := k8slabels.NewRequirement(labels.OwnerKindKey, selection.In, []string{v1alpha1.ClusterExtensionKind})
+	if err != nil {
+		setupLog.Error(err, "unable to create dependent label selector for cache")
+		os.Exit(1)
+	}
+	dependentSelector := k8slabels.NewSelector().Add(*dependentRequirement)
+
+	fmt.Println("set up manager")
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
 		Scheme:                 scheme.Scheme,
 		Metrics:                server.Options{BindAddress: metricsAddr},
 		HealthProbeBindAddress: probeAddr,
 		LeaderElection:         enableLeaderElection,
 		LeaderElectionID:       "9c4404e7.operatorframework.io",
+		Cache: crcache.Options{
+			ByObject: map[client.Object]crcache.ByObject{
+				&v1alpha1.ClusterExtension{}: {},
+			},
+			DefaultNamespaces: map[string]crcache.Config{
+				systemNamespace:       {},
+				crcache.AllNamespaces: {LabelSelector: dependentSelector},
+			},
+		},
 		// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
 		// when the Manager ends. This requires the binary to immediately end when the
 		// Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
@@ -91,21 +135,58 @@ func main() {
 	cl := mgr.GetClient()
 	catalogClient := catalogclient.New(cl, cache.NewFilesystemCache(cachePath, &http.Client{Timeout: 10 * time.Second}))
 
-	if err = (&controllers.ClusterExtensionReconciler{
-		Client:         cl,
-		BundleProvider: catalogClient,
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "ClusterExtension")
+	cfgGetter, err := helmclient.NewActionConfigGetter(mgr.GetConfig(), mgr.GetRESTMapper(), helmclient.StorageNamespaceMapper(func(o client.Object) (string, error) {
+		return systemNamespace, nil
+	}))
+	if err != nil {
+		setupLog.Error(err, "unable to config for creating helm client")
+		os.Exit(1)
+	}
+
+	acg, err := helmclient.NewActionClientGetter(cfgGetter)
+	if err != nil {
+		setupLog.Error(err, "unable to create helm client")
+		os.Exit(1)
+	}
+
+	unpacker, err := source.NewDefaultUnpacker(mgr, systemNamespace, unpackImage, (*x509.CertPool)(nil))
+	if err != nil {
+		setupLog.Error(err, "unable to create unpacker")
+		os.Exit(1)
+	}
+
+	storageURL, err := url.Parse(fmt.Sprintf("%s/bundles/", httpExternalAddr))
+	if err != nil {
+		setupLog.Error(err, "unable to parse bundle content server URL")
 		os.Exit(1)
 	}
 
-	if err = (&controllers.ExtensionReconciler{
-		Client:         cl,
-		BundleProvider: catalogClient,
+	localStorage := &storage.LocalDirectory{
+		RootDirectory: provisionerStorageDirectory,
+		URL:           *storageURL,
+	}
+
+	if err = (&controllers.ClusterExtensionReconciler{
+		Client:             cl,
+		ReleaseNamespace:   systemNamespace,
+		BundleProvider:     catalogClient,
+		Scheme:             mgr.GetScheme(),
+		ActionClientGetter: acg,
+		Unpacker:           unpacker,
+		Storage:            localStorage,
+		Handler:            handler.HandlerFunc(handler.HandleClusterExtension),
 	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "Extension")
+		setupLog.Error(err, "unable to create controller", "controller", "ClusterExtension")
 		os.Exit(1)
 	}
+
+	// if err = (&controllers.ExtensionReconciler{
+	// 	Client:         cl,
+	// 	BundleProvider: catalogClient,
+	// }).SetupWithManager(mgr); err != nil {
+	// 	setupLog.Error(err, "unable to create controller", "controller", "Extension")
+	// 	os.Exit(1)
+	// }
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

config/manager/manager.yaml

@@ -61,6 +61,8 @@ spec:
         volumeMounts:
           - name: cache
             mountPath: /var/cache
+          - name: bundle-cache
+            mountPath: /var/cache/bundles
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -111,3 +113,5 @@ spec:
       volumes:
         - name: cache
           emptyDir: {}
+        - name: bundle-cache
+          emptyDir: {}