Use quarkus-operator-sdk-bundle-generator for OLM YAMLs

Closes #10911
This commit is contained in:
Alex Szczuczko 2023-05-30 15:01:12 -06:00 committed by Bruno Oliveira da Silva
parent a5bb300570
commit 3246a15442
11 changed files with 255 additions and 189 deletions

26
operator/olm-assembly.xml Normal file
View file

@ -0,0 +1,26 @@
<assembly>
<id>olm</id>
<formats>
<format>zip</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory>${project.build.directory}/bundle/keycloak-operator</directory>
<outputDirectory></outputDirectory>
<includes>
<include>**/**</include>
</includes>
<excludes>
</excludes>
</fileSet>
</fileSets>
<files>
</files>
</assembly>

View file

@ -1,14 +0,0 @@
FROM scratch
# Core bundle labels.
LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
LABEL operators.operatorframework.io.bundle.package.v1=keycloak-operator
LABEL operators.operatorframework.io.bundle.channels.v1=fast
LABEL operators.operatorframework.io.bundle.channel.default.v1=fast
LABEL com.redhat.openshift.versions=v4.6
# Copy files to locations specified by labels.
COPY manifests /manifests/
COPY metadata /metadata/

File diff suppressed because one or more lines are too long

View file

@ -1,9 +0,0 @@
annotations:
# Core bundle annotations.
operators.operatorframework.io.bundle.mediatype.v1: registry+v1
operators.operatorframework.io.bundle.manifests.v1: manifests/
operators.operatorframework.io.bundle.metadata.v1: metadata/
operators.operatorframework.io.bundle.package.v1: keycloak-operator
operators.operatorframework.io.bundle.channels.v1: fast
operators.operatorframework.io.bundle.channel.default.v1: fast
com.redhat.openshift.versions: "v4.6"

View file

@ -67,6 +67,10 @@
<groupId>io.quarkiverse.operatorsdk</groupId>
<artifactId>quarkus-operator-sdk</artifactId>
</dependency>
<dependency>
<groupId>io.quarkiverse.operatorsdk</groupId>
<artifactId>quarkus-operator-sdk-bundle-generator</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-resteasy-jackson</artifactId>
@ -277,7 +281,7 @@
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<id>assemble-quarkus</id>
<phase>package</phase>
<goals>
<goal>single</goal>
@ -290,6 +294,20 @@
<workDirectory>${project.build.directory}/assembly/work</workDirectory>
</configuration>
</execution>
<execution>
<id>assemble-bundle</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>olm-assembly.xml</descriptor>
</descriptors>
<appendAssemblyId>true</appendAssemblyId>
<workDirectory>${project.build.directory}/bundle-assembly/work</workDirectory>
</configuration>
</execution>
</executions>
</plugin>
</plugins>

View file

@ -1,40 +1,76 @@
#!/bin/bash
set -euxo pipefail
# Ex: 21.0.0
VERSION=$1
# Ex: 20.0.0
# Ex: NONE [if no replaces]
REPLACES_VERSION=$2
# Ex: keycloak/keycloak-operator:999.0.0-SNAPSHOT
OPERATOR_DOCKER_IMAGE=$3
CREATED_AT=$(date "+%D %T")
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
{ set +x; } 2>/dev/null
echo ""
echo "Creating OLM bundle for version $VERSION replacing version $REPLACES_VERSION"
echo ""
set -x
rm -rf $SCRIPT_DIR/../olm/$VERSION
mkdir -p $SCRIPT_DIR/../olm/$VERSION
cd "$SCRIPT_DIR"
cp -r $SCRIPT_DIR/../olm-base/* $SCRIPT_DIR/../olm/$VERSION
rm -rf ../olm/$VERSION
mkdir -p ../olm/$VERSION
# Inject RBAC rules
yq ea '.rules as $item ireduce ({}; .rules += $item)' $SCRIPT_DIR/../target/kubernetes/kubernetes.yml | \
yq ea -i 'select(fileIndex==0).spec.install.spec.permissions[0] = select(fileIndex==1) | select(fileIndex==0)' $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml - && \
yq ea -i '.spec.install.spec.permissions[0].serviceAccountName = "keycloak-operator"' $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml && \
yq ea -i ".metadata.annotations.containerImage = \"$OPERATOR_DOCKER_IMAGE:$VERSION\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml && \
yq ea -i ".metadata.annotations.createdAt = \"$CREATED_AT\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml && \
yq ea -i ".metadata.name = \"keycloak-operator.v$VERSION\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml && \
yq ea -i ".spec.install.spec.deployments[0].spec.template.spec.containers[0].image = \"$OPERATOR_DOCKER_IMAGE:$VERSION\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml && \
yq ea 'select(.spec.template.spec.containers[0].env) | .spec.template.spec.containers[0].env[-1]' $SCRIPT_DIR/../target/kubernetes/kubernetes.yml | \
yq ea -i 'select(fileIndex==0).spec.install.spec.deployments[0].spec.template.spec.containers[0].env += select(fileIndex==1) | select(fileIndex==0)' $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml - && \
yq ea -i ".spec.version = \"$VERSION\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml
# Extract the files generated by Quarkus during the maven build
unzip -q -d ../olm/$VERSION ../target/keycloak-operator-*-olm.zip
# Find the CSV YAML
CSV_PATH="$(find "../olm/$VERSION" -type f -name '*.clusterserviceversion.yaml')"
# Insert operator image coordinate
yq ea -i ".metadata.annotations.containerImage = \"$OPERATOR_DOCKER_IMAGE:$VERSION\"" "$CSV_PATH"
yq ea -i ".spec.install.spec.deployments[0].spec.template.spec.containers[0].image = \"$OPERATOR_DOCKER_IMAGE:$VERSION\"" "$CSV_PATH"
# Edit the CSV version, replaces, etc.
yq ea -i ".metadata.annotations.createdAt = \"$(date "+%D %T")\"" "$CSV_PATH"
yq ea -i ".spec.version = \"$VERSION\"" "$CSV_PATH"
yq ea -i ".metadata.name = \"keycloak-operator.v$VERSION\"" "$CSV_PATH"
yq ea -i '.metadata.namespace = "placeholder"' "$CSV_PATH"
if [[ $REPLACES_VERSION = "NONE" ]]
then
yq ea -i "del(.spec.replaces)" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml
yq ea -i "del(.spec.replaces)" "$CSV_PATH"
else
yq ea -i ".spec.replaces = \"keycloak-operator.v$REPLACES_VERSION\"" $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml
yq ea -i ".spec.replaces = \"keycloak-operator.v$REPLACES_VERSION\"" "$CSV_PATH"
fi
mv $SCRIPT_DIR/../olm/$VERSION/manifests/clusterserviceversion.yaml "$SCRIPT_DIR/../olm/$VERSION/manifests/keycloak-operator.v$VERSION.clusterserviceversion.yaml"
# Mangle the YAML to make it look more like it did before. The bundle extension
# isn't configurable enough to do this itself. No one seems to have the
# expertise to say if the changes it makes are ok or not.
yq ea -i "del(.spec.install.spec.deployments[0].spec.selector.matchLabels)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.metadata.labels)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.metadata.annotations)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.metadata.namespace)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.namespace)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.spec.containers[0].ports)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.spec.containers[0].livenessProbe)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.spec.containers[0].readinessProbe)" "$CSV_PATH"
yq ea -i "del(.spec.install.spec.deployments[0].spec.template.spec.containers[0].startupProbe)" "$CSV_PATH"
yq ea -i 'del(.spec.install.spec.deployments[0].spec.template.spec.containers[0].env[] | select(.name == "KUBERNETES_NAMESPACE"))' "$CSV_PATH"
cp target/kubernetes/*.keycloak.org-v1.yml olm/$VERSION/manifests
yq ea -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].resources = {}' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.strategy = {}' "$CSV_PATH"
yq ea -i '.spec.apiservicedefinitions = {}' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.selector.matchLabels.name = "keycloak-operator"' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.template.metadata.labels.name = "keycloak-operator"' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].env += [{"name": "QUARKUS_OPERATOR_SDK_NAMESPACES", "valueFrom": {"fieldRef": {"fieldPath": "metadata.annotations['"'"'olm.targetNamespaces'"'"']"}}}]' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].env += [{"name": "POD_NAME", "valueFrom": {"fieldRef": {"fieldPath": "metadata.name"}}}]' "$CSV_PATH"
yq ea -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].env += [{"name": "OPERATOR_NAME", "value": "keycloak-operator"}]' "$CSV_PATH"
{ set +x; } 2>/dev/null
echo ""
echo "Created OLM bundle ok!"

View file

@ -0,0 +1,139 @@
/*
* Copyright 2021 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.operator.controllers;
import io.quarkiverse.operatorsdk.bundle.runtime.CSVMetadata;
import io.quarkiverse.operatorsdk.bundle.runtime.SharedCSVMetadata;
@CSVMetadata(
version = "KCOP_NEXT",
name = "keycloak-operator",
replaces = "keycloak-operator.KCOP_PREVIOUS",
displayName = "Keycloak Operator",
provider = @CSVMetadata.Provider(
name = "Red Hat"
),
maturity = "stable",
keywords = {
"Keycloak",
"Identity",
"Access"
},
maintainers = {
@CSVMetadata.Maintainer(
email = "keycloak-dev@googlegroups.com",
name = "Keycloak DEV mailing list"
)
},
links = {
@CSVMetadata.Link(
url = "https://www.keycloak.org/docs/latest/server_installation/index.html#_operator",
name = "Documentation"
),
@CSVMetadata.Link(
url = "https://www.keycloak.org/",
name = "Keycloak"
),
@CSVMetadata.Link(
url = "https://keycloak.discourse.group/",
name = "Keycloak Discourse"
)
},
installModes = {
@CSVMetadata.InstallMode(
type = "OwnNamespace",
supported = true
),
@CSVMetadata.InstallMode(
type = "SingleNamespace",
supported = true
),
@CSVMetadata.InstallMode(
type = "MultiNamespace",
supported = false
),
@CSVMetadata.InstallMode(
type = "AllNamespaces",
supported = false
)
},
annotations = @CSVMetadata.Annotations(
containerImage = "KCOP_IMAGE_PULL_URL:KCOP_NEXT",
repository = "https://github.com/keycloak/keycloak",
capabilities = "Deep Insights",
categories = "Security",
certified = false,
almExamples =
"[\n" +
" {\n" +
" \"apiVersion\": \"k8s.keycloak.org/v2alpha1\",\n" +
" \"kind\": \"Keycloak\",\n" +
" \"metadata\": {\n" +
" \"name\": \"example-keycloak\",\n" +
" \"labels\": {\n" +
" \"app\": \"sso\"\n" +
" }\n" +
" },\n" +
" \"spec\": {\n" +
" \"instances\": 1,\n" +
" \"hostname\": \"example.org\",\n" +
" \"tlsSecret\": \"my-tls-secret\"\n" +
" }\n" +
" },\n" +
" {\n" +
" \"apiVersion\": \"k8s.keycloak.org/v2alpha1\",\n" +
" \"kind\": \"KeycloakRealmImport\",\n" +
" \"metadata\": {\n" +
" \"name\": \"example-keycloak-realm-import\",\n" +
" \"labels\": {\n" +
" \"app\": \"sso\"\n" +
" }\n" +
" },\n" +
" \"spec\": {\n" +
" \"keycloakCRName\": \"example-keycloak\",\n" +
" \"realm\": {}\n" +
" }\n" +
" }\n" +
"]",
others = {
@CSVMetadata.Annotations.Annotation(
name = "support",
value = "Red Hat"
),
@CSVMetadata.Annotations.Annotation(
name = "description",
value = "An Operator for installing and managing Keycloak"
)
}
),
description =
"A Kubernetes Operator based on the Operator SDK for installing and managing Keycloak.\n" +
"\n" +
"Keycloak lets you add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.\n" +
"\n" +
"The operator can deploy and manage Keycloak instances on Kubernetes and OpenShift.\n" +
"The following features are supported:\n" +
"\n" +
"* Install Keycloak to a namespace\n" +
"* Import Keycloak Realms\n",
icon = @CSVMetadata.Icon(
fileName = "KeycloakController.icon.png",
mediatype = "image/png"
)
)
public class KeycloakSharedCsvMetadata implements SharedCSVMetadata {
}

View file

@ -22,10 +22,15 @@ import io.fabric8.kubernetes.model.annotation.Group;
import io.fabric8.kubernetes.model.annotation.Plural;
import io.fabric8.kubernetes.model.annotation.ShortNames;
import io.fabric8.kubernetes.model.annotation.Version;
import io.quarkiverse.operatorsdk.bundle.runtime.CSVMetadata;
import io.sundr.builder.annotations.Buildable;
import io.sundr.builder.annotations.BuildableReference;
import org.keycloak.operator.Constants;
@CSVMetadata(
description="Represents a Keycloak Instance",
displayName="Keycloak"
)
@Group(Constants.CRDS_GROUP)
@Version(Constants.CRDS_VERSION)
@ShortNames(Constants.SHORT_NAME)

View file

@ -23,7 +23,7 @@ import io.fabric8.kubernetes.model.annotation.Group;
import io.fabric8.kubernetes.model.annotation.Version;
import io.sundr.builder.annotations.Buildable;
import io.sundr.builder.annotations.BuildableReference;
import io.quarkiverse.operatorsdk.bundle.runtime.CSVMetadata;
import org.keycloak.operator.Constants;
import org.keycloak.representations.idm.ComponentExportRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
@ -31,6 +31,10 @@ import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
@CSVMetadata(
description="Represents a Keycloak Realm Import",
displayName="KeycloakRealmImport"
)
@Group(Constants.CRDS_GROUP)
@Version(Constants.CRDS_VERSION)
@Buildable(editableEnabled = false, builderPackage = "io.fabric8.kubernetes.api.builder",

Binary file not shown.

After

Width:  |  Height:  |  Size: 22 KiB

View file

@ -10,3 +10,7 @@ operator.keycloak.image-pull-policy=Always
# https://quarkus.io/guides/deploying-to-kubernetes#environment-variables-from-keyvalue-pairs
quarkus.kubernetes.env.vars.operator-keycloak-image=${operator.keycloak.image}
quarkus.openshift.env.vars.operator-keycloak-image=${operator.keycloak.image}
# Bundle config
quarkus.operator-sdk.bundle.package-name=keycloak-operator
quarkus.operator-sdk.bundle.channels=fast