ensures support for cluster-wide monitoring (#22821)

Partially addresses #15888
This commit is contained in:
Steven Hawkins 2023-09-19 13:46:37 -04:00 committed by GitHub
parent ed443a962e
commit b343f87c60
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 72 additions and 31 deletions

View file

@ -190,15 +190,42 @@ jobs:
- name: Deploy an example Keycloak and wait for it to be ready - name: Deploy an example Keycloak and wait for it to be ready
working-directory: operator working-directory: operator
run: | run: |
kubectl apply -f src/main/resources/example-postgres.yaml kubectl apply -f src/test/resources/example-postgres.yaml
./scripts/check-crds-installed.sh ./scripts/check-crds-installed.sh
kubectl apply -f src/main/resources/example-db-secret.yaml kubectl apply -f src/test/resources/example-db-secret.yaml
kubectl apply -f src/main/resources/example-tls-secret.yaml kubectl apply -f src/test/resources/example-tls-secret.yaml
kubectl apply -f src/main/resources/example-keycloak.yaml kubectl apply -f src/test/resources/example-keycloak.yaml
kubectl apply -f src/main/resources/example-realm.yaml kubectl apply -f src/test/resources/example-realm.yaml
# Wait for the CRs to be ready # Wait for the CRs to be ready
./scripts/check-examples-installed.sh ./scripts/check-examples-installed.sh
- name: Single namespace cleanup
working-directory: operator
run: |
kubectl delete -f src/test/resources/example-postgres.yaml
kubectl delete -f src/test/resources/example-db-secret.yaml
kubectl delete -f src/test/resources/example-tls-secret.yaml
kubectl delete -f src/test/resources/example-keycloak.yaml
kubectl delete -f src/test/resources/example-realm.yaml
- name: Arrange OLM test installation for all namespaces
working-directory: operator
run: |
kubectl patch csv keycloak-operator.v86400000.0.0 --type merge --patch '{"spec": {"installModes": [{"type": "AllNamespaces","supported": true}]}}'
kubectl patch operatorgroup og --type json --patch '[{"op":"remove","path":"/spec/targetNamespaces"}]'
- name: Deploy an example Keycloak in a different namespace and wait for it to be ready
working-directory: operator
run: |
kubectl create ns keycloak
kubectl apply -f src/test/resources/example-postgres.yaml -n keycloak
kubectl apply -f src/test/resources/example-db-secret.yaml -n keycloak
kubectl apply -f src/test/resources/example-tls-secret.yaml -n keycloak
kubectl apply -f src/test/resources/example-keycloak.yaml -n keycloak
kubectl apply -f src/test/resources/example-realm.yaml -n keycloak
# Wait for the CRs to be ready
./scripts/check-examples-installed.sh keycloak
check: check:
name: Status Check - Keycloak Operator CI name: Status Check - Keycloak Operator CI
if: always() if: always()

View file

@ -1,9 +1,11 @@
#! /bin/bash #! /bin/bash
set -euxo pipefail set -euxo pipefail
NAMESPACE=${1:-default}
max_retries=500 max_retries=500
c=0 c=0
while [[ $(kubectl get keycloaks/example-kc -o jsonpath="{.status.conditions[?(@.type == 'Ready')].status}") != "True" ]] while [[ $(kubectl -n $NAMESPACE get keycloaks/example-kc -o jsonpath="{.status.conditions[?(@.type == 'Ready')].status}") != "True" ]]
do do
echo "waiting for Keycloak example-kc status" echo "waiting for Keycloak example-kc status"
((c++)) && ((c==max_retries)) && exit -1 ((c++)) && ((c==max_retries)) && exit -1
@ -11,7 +13,7 @@ do
done done
c=0 c=0
while [[ $(kubectl get keycloakrealmimports/example-count0-kc -o jsonpath="{.status.conditions[?(@.type == 'Done')].status}") != "True" ]] while [[ $(kubectl -n $NAMESPACE get keycloakrealmimports/example-count0-kc -o jsonpath="{.status.conditions[?(@.type == 'Done')].status}") != "True" ]]
do do
echo "waiting for Keycloak Realm Import example-count0-kc status" echo "waiting for Keycloak Realm Import example-count0-kc status"
((c++)) && ((c==max_retries)) && exit -1 ((c++)) && ((c==max_retries)) && exit -1

View file

@ -6,6 +6,8 @@ DOCKER_REGISTRY=$2
UUID=${3:-""} UUID=${3:-""}
TARGET_NAMESPACES=${4-default}
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
rm -rf $SCRIPT_DIR/../olm/testing-resources rm -rf $SCRIPT_DIR/../olm/testing-resources
@ -27,23 +29,28 @@ spec:
interval: 10m interval: 10m
EOF EOF
cat << EOF >> $SCRIPT_DIR/../olm/testing-resources/operatorgroup.yaml
OPERATOR_GROUP_FILE=$SCRIPT_DIR/../olm/testing-resources/operatorgroup.yaml
cat << EOF >> $OPERATOR_GROUP_FILE
kind: OperatorGroup kind: OperatorGroup
apiVersion: operators.coreos.com/v1 apiVersion: operators.coreos.com/v1
metadata: metadata:
name: og-single name: og
namespace: default
spec: spec:
targetNamespaces:
- default
EOF EOF
IFS=', ' read -r -a array <<< "$TARGET_NAMESPACES"
for element in "${array[@]}"
do
yq ea -i ".spec.targetNamespaces += [\"$element\"]" $OPERATOR_GROUP_FILE
done
cat << EOF >> $SCRIPT_DIR/../olm/testing-resources/subscription.yaml cat << EOF >> $SCRIPT_DIR/../olm/testing-resources/subscription.yaml
apiVersion: operators.coreos.com/v1alpha1 apiVersion: operators.coreos.com/v1alpha1
kind: Subscription kind: Subscription
metadata: metadata:
name: keycloak-operator name: keycloak-operator
namespace: default
spec: spec:
installPlanApproval: Automatic installPlanApproval: Automatic
name: keycloak-operator name: keycloak-operator

View file

@ -3,6 +3,8 @@ set -euxo pipefail
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
INSTALL_NAMESPACE=${1:-default}
# Delete the default catalog if it exists # Delete the default catalog if it exists
sh -c "kubectl delete catalogsources operatorhubio-catalog -n olm | true" sh -c "kubectl delete catalogsources operatorhubio-catalog -n olm | true"
@ -18,5 +20,5 @@ do
sleep 1 sleep 1
done done
kubectl apply -f $SCRIPT_DIR/../olm/testing-resources/operatorgroup.yaml kubectl apply -f $SCRIPT_DIR/../olm/testing-resources/operatorgroup.yaml -n $INSTALL_NAMESPACE
kubectl apply -f $SCRIPT_DIR/../olm/testing-resources/subscription.yaml kubectl apply -f $SCRIPT_DIR/../olm/testing-resources/subscription.yaml -n $INSTALL_NAMESPACE

View file

@ -3,6 +3,10 @@ set -euxo pipefail
UUID=${1:-$(git rev-parse --short HEAD)} UUID=${1:-$(git rev-parse --short HEAD)}
INSTALL_NAMESPACE=${2:-default}
TARGET_NAMESPACES=${3-$INSTALL_NAMESPACE}
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# This version translates to one day for ttl.sh # This version translates to one day for ttl.sh
@ -28,6 +32,6 @@ VERSION="86400000.0.0"
docker push "ttl.sh/${UUID}keycloak-operator:${VERSION}" docker push "ttl.sh/${UUID}keycloak-operator:${VERSION}"
) )
$SCRIPT_DIR/prepare-olm-test.sh ttl.sh ${VERSION} NONE ${UUID} $SCRIPT_DIR/prepare-olm-test.sh ttl.sh ${VERSION} NONE ${UUID} $TARGET_NAMESPACES
$SCRIPT_DIR/install-keycloak-operator.sh $SCRIPT_DIR/install-keycloak-operator.sh $INSTALL_NAMESPACE

View file

@ -10,6 +10,8 @@ PREV_VERSION="$3"
UUID=${4:-""} UUID=${4:-""}
TARGET_NAMESPACES=${5-default}
OPERATOR_IMAGE_NAME="keycloak-operator" OPERATOR_IMAGE_NAME="keycloak-operator"
OPERATOR_DOCKER_IMAGE="$DOCKER_REGISTRY/${UUID}$OPERATOR_IMAGE_NAME" OPERATOR_DOCKER_IMAGE="$DOCKER_REGISTRY/${UUID}$OPERATOR_IMAGE_NAME"
@ -31,4 +33,4 @@ $SCRIPT_DIR/create-olm-test-catalog.sh $VERSION $DOCKER_REGISTRY/${UUID}keycloak
docker push $DOCKER_REGISTRY/${UUID}keycloak-test-catalog:$VERSION) docker push $DOCKER_REGISTRY/${UUID}keycloak-test-catalog:$VERSION)
# Create testing resources # Create testing resources
$SCRIPT_DIR/create-olm-test-resources.sh $VERSION $DOCKER_REGISTRY ${UUID} $SCRIPT_DIR/create-olm-test-resources.sh $VERSION $DOCKER_REGISTRY ${UUID} $TARGET_NAMESPACES

View file

@ -46,9 +46,7 @@ import java.util.concurrent.TimeUnit;
import jakarta.inject.Inject; import jakarta.inject.Inject;
import static io.javaoperatorsdk.operator.api.reconciler.Constants.WATCH_CURRENT_NAMESPACE; @ControllerConfiguration(
@ControllerConfiguration(namespaces = WATCH_CURRENT_NAMESPACE,
dependents = { dependents = {
@Dependent(type = KeycloakAdminSecretDependentResource.class), @Dependent(type = KeycloakAdminSecretDependentResource.class),
@Dependent(type = KeycloakIngressDependentResource.class, reconcilePrecondition = KeycloakIngressDependentResource.EnabledCondition.class), @Dependent(type = KeycloakIngressDependentResource.class, reconcilePrecondition = KeycloakIngressDependentResource.EnabledCondition.class),
@ -68,12 +66,12 @@ public class KeycloakController implements Reconciler<Keycloak>, EventSourceInit
@Override @Override
public Map<String, EventSource> prepareEventSources(EventSourceContext<Keycloak> context) { public Map<String, EventSource> prepareEventSources(EventSourceContext<Keycloak> context) {
String namespace = context.getControllerConfiguration().getConfigurationService().getKubernetesClient().getNamespace(); var namespaces = context.getControllerConfiguration().getNamespaces();
InformerConfiguration<StatefulSet> statefulSetIC = InformerConfiguration InformerConfiguration<StatefulSet> statefulSetIC = InformerConfiguration
.from(StatefulSet.class) .from(StatefulSet.class)
.withLabelSelector(Constants.DEFAULT_LABELS_AS_STRING) .withLabelSelector(Constants.DEFAULT_LABELS_AS_STRING)
.withNamespaces(namespace) .withNamespaces(namespaces)
.withSecondaryToPrimaryMapper(Mappers.fromOwnerReference()) .withSecondaryToPrimaryMapper(Mappers.fromOwnerReference())
.withOnUpdateFilter(new MetadataAwareOnUpdateFilter<>()) .withOnUpdateFilter(new MetadataAwareOnUpdateFilter<>())
.build(); .build();
@ -81,7 +79,7 @@ public class KeycloakController implements Reconciler<Keycloak>, EventSourceInit
InformerConfiguration<Service> servicesIC = InformerConfiguration InformerConfiguration<Service> servicesIC = InformerConfiguration
.from(Service.class) .from(Service.class)
.withLabelSelector(Constants.DEFAULT_LABELS_AS_STRING) .withLabelSelector(Constants.DEFAULT_LABELS_AS_STRING)
.withNamespaces(namespace) .withNamespaces(namespaces)
.withSecondaryToPrimaryMapper(Mappers.fromOwnerReference()) .withSecondaryToPrimaryMapper(Mappers.fromOwnerReference())
.withOnUpdateFilter(new MetadataAwareOnUpdateFilter<>()) .withOnUpdateFilter(new MetadataAwareOnUpdateFilter<>())
.build(); .build();

View file

@ -41,9 +41,7 @@ import java.util.concurrent.TimeUnit;
import jakarta.inject.Inject; import jakarta.inject.Inject;
import static io.javaoperatorsdk.operator.api.reconciler.Constants.WATCH_CURRENT_NAMESPACE; @ControllerConfiguration(
@ControllerConfiguration(namespaces = WATCH_CURRENT_NAMESPACE,
dependents = { dependents = {
@Dependent(type = KeycloakRealmImportSecretDependentResource.class) @Dependent(type = KeycloakRealmImportSecretDependentResource.class)
}) })

View file

@ -51,10 +51,8 @@ import java.util.stream.Collectors;
import jakarta.enterprise.context.ApplicationScoped; import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject; import jakarta.inject.Inject;
import static io.javaoperatorsdk.operator.api.reconciler.Constants.WATCH_CURRENT_NAMESPACE;
@ApplicationScoped @ApplicationScoped
@ControllerConfiguration(namespaces = WATCH_CURRENT_NAMESPACE, labelSelector = Constants.KEYCLOAK_COMPONENT_LABEL + "=" + WatchedSecrets.WATCHED_SECRETS_LABEL_VALUE) @ControllerConfiguration(labelSelector = Constants.KEYCLOAK_COMPONENT_LABEL + "=" + WatchedSecrets.WATCHED_SECRETS_LABEL_VALUE)
public class WatchedSecretsController implements Reconciler<Secret>, EventSourceInitializer<Secret>, WatchedSecrets { public class WatchedSecretsController implements Reconciler<Secret>, EventSourceInitializer<Secret>, WatchedSecrets {
@Inject @Inject

View file

@ -13,3 +13,6 @@ quarkus.kubernetes.env.vars.operator-keycloak-image=${operator.keycloak.image}
# Bundle config # Bundle config
quarkus.operator-sdk.bundle.package-name=keycloak-operator quarkus.operator-sdk.bundle.package-name=keycloak-operator
quarkus.operator-sdk.bundle.channels=fast quarkus.operator-sdk.bundle.channels=fast
quarkus.operator-sdk.namespaces=JOSDK_WATCH_CURRENT
quarkus.operator-sdk.generate-with-watched-namespaces=JOSDK_WATCH_CURRENT

View file

@ -172,7 +172,7 @@ public class BaseOperatorTest implements QuarkusTestAfterEachCallback {
for (Reconciler<?> reconciler : reconcilers) { for (Reconciler<?> reconciler : reconcilers) {
Log.info("Register and apply : " + reconciler.getClass().getName()); Log.info("Register and apply : " + reconciler.getClass().getName());
operator.register(reconciler); operator.register(reconciler, overrider -> overrider.settingNamespace(namespace));
} }
} }