From 587e4a7c5adb6aae691f8e1e87f3ca14c0c38c65 Mon Sep 17 00:00:00 2001 From: Thomas Jungblut Date: Tue, 7 Jan 2025 10:47:04 +0100 Subject: [PATCH] NO-JIRA: disable image registry for testing --- .../hostedcontrolplane/cvo/reconcile.go | 66 +++++++++++++----- .../hostedcontrolplane_controller.go | 6 +- .../cluster-version-operator/deployment.yaml | 25 +------ .../hostedcontrolplane/v2/cvo/deployment.go | 69 +++++++++++++++++-- 4 files changed, 117 insertions(+), 49 deletions(-) diff --git a/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go b/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go index 09adb0055e..79b57154d6 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go +++ b/control-plane-operator/controllers/hostedcontrolplane/cvo/reconcile.go @@ -2,9 +2,12 @@ package cvo import ( "fmt" + "k8s.io/apimachinery/pkg/util/json" + "k8s.io/apimachinery/pkg/util/sets" "path" "strings" + configv1 "github.com/openshift/api/config/v1" hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/support/api" prometheusoperatorv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" @@ -19,7 +22,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/apiutil" - configv1 "github.com/openshift/api/config/v1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/kas" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/manifests" "github.com/openshift/hypershift/hypershift-operator/controllers/manifests/controlplaneoperator" @@ -206,7 +208,7 @@ func buildCVOContainerBootstrap(image, clusterID string) func(*corev1.Container) c.Command = []string{"/bin/bash"} c.Args = []string{ "-c", - cvoBootrapScript(clusterID), + cvoBootstrapScript(clusterID), } c.Resources.Requests = corev1.ResourceList{ corev1.ResourceCPU: resource.MustParse("10m"), @@ -254,9 +256,10 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, var stmts []string stmts = append(stmts, + fmt.Sprintf("ls -la /manifests"), fmt.Sprintf("cp -R /manifests %s/", payloadDir), - fmt.Sprintf("rm %s/manifests/*_deployment.yaml", payloadDir), - fmt.Sprintf("rm %s/manifests/*_servicemonitor.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*_deployment.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*_servicemonitor.yaml", payloadDir), fmt.Sprintf("cp -R /release-manifests %s/", payloadDir), ) @@ -296,10 +299,10 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, continue } } - stmts = append(stmts, fmt.Sprintf("rm %s", path.Join(payloadDir, "release-manifests", manifest))) + stmts = append(stmts, fmt.Sprintf("rm -f %s", path.Join(payloadDir, "release-manifests", manifest))) } if !oauthEnabled { - stmts = append(stmts, fmt.Sprintf("rm %s", path.Join(payloadDir, "release-manifests", "0000_50_console-operator_01-oauth.yaml"))) + stmts = append(stmts, fmt.Sprintf("rm -f %s", path.Join(payloadDir, "release-manifests", "0000_50_console-operator_01-oauth.yaml"))) } toRemove := ResourcesToRemove(platformType) if len(toRemove) > 0 { @@ -335,31 +338,58 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, return strings.Join(stmts, "\n") } -func cvoBootrapScript(clusterID string) string { +func cvoBootstrapScript(clusterID string) string { + enabledCaps := sets.New[configv1.ClusterVersionCapability]( + configv1.ClusterVersionCapabilitySets[configv1.ClusterVersionCapabilitySetCurrent]...) + enabledCaps = enabledCaps.Delete(configv1.ClusterVersionCapabilityImageRegistry) + payloadDir := volumeMounts.Path(cvoContainerBootstrap().Name, cvoVolumePayload().Name) + cv := &configv1.ClusterVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterVersion", + APIVersion: "config.openshift.io/v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Spec: configv1.ClusterVersionSpec{ + ClusterID: configv1.ClusterID(clusterID), + Capabilities: &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: enabledCaps.UnsortedList(), + }, + }, + } + + // TODO(thomas): ignore the error for simplicity sake today + cvJson, _ := json.Marshal(cv) + var scriptTemplate = `#!/bin/bash set -euo pipefail -cat > /tmp/clusterversion.yaml < /tmp/clusterversion.json <<-EOF +%s EOF + oc get ns openshift-config &> /dev/null || oc create ns openshift-config oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed + +oc apply -f ${MANIFEST_DIR}/0000_00_cluster-version-operator_01_clusterversions* +oc apply -f /tmp/clusterversion.json +oc get clusterversion.config.openshift.io/version -oyaml + while true; do - echo "Applying CVO bootstrap manifests" - if oc apply -f %s/manifests; then + echo "Applying CVO bootstrap manifests..." + if oc apply -f ${MANIFEST_DIR}; then echo "Bootstrap manifests applied successfully." break fi sleep 1 done -oc get clusterversion/version &> /dev/null || oc create -f /tmp/clusterversion.yaml ` - return fmt.Sprintf(scriptTemplate, clusterID, payloadDir) + return fmt.Sprintf(scriptTemplate, payloadDir, string(cvJson)) } func buildCVOContainerMain(controlPlaneReleaseImage, dataPlaneReleaseImage, namespace string, updateService configv1.URL, enableCVOManagementClusterMetricsAccess bool) func(c *corev1.Container) { diff --git a/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go b/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go index dd76b70691..e4346153ca 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go +++ b/control-plane-operator/controllers/hostedcontrolplane/hostedcontrolplane_controller.go @@ -1296,10 +1296,10 @@ func (r *HostedControlPlaneReconciler) reconcile(ctx context.Context, hostedCont } // Reconcile image registry operator - r.Log.Info("Reconciling Image Registry Operator") - if err := r.reconcileImageRegistryOperator(ctx, hostedControlPlane, releaseImageProvider, userReleaseImageProvider, createOrUpdate); err != nil { + /*r.Log.Info("Reconciling Image Registry Operator") + if err := r.reconcileImageRegistryOperator(ctx, hostedControlPlane, releaseImageProvider, userReleaseImageProvider, createOrUpdate); err != nil { return fmt.Errorf("failed to reconcile image registry operator: %w", err) - } + }*/ if IsStorageAndCSIManaged(hostedControlPlane) { // Reconcile cluster storage operator diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml b/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml index 9be66607e1..43ecc9c26d 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-version-operator/deployment.yaml @@ -84,29 +84,8 @@ spec: - mountPath: /var/payload name: payload - args: - - -c - - | - #!/bin/bash - set -euo pipefail - cat > /tmp/clusterversion.yaml < /dev/null || oc create ns openshift-config - oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed - while true; do - echo "Applying CVO bootstrap manifests" - if oc apply -f /var/payload/manifests; then - echo "Bootstrap manifests applied successfully." - break - fi - sleep 1 - done - oc get clusterversion/version &> /dev/null || oc create -f /tmp/clusterversion.yaml + - -c + - "" command: - /bin/bash env: diff --git a/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go b/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go index a7ec5b879c..8d7c07924f 100644 --- a/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go +++ b/control-plane-operator/controllers/hostedcontrolplane/v2/cvo/deployment.go @@ -1,12 +1,12 @@ package cvo import ( + "encoding/json" "fmt" "path" "strings" configv1 "github.com/openshift/api/config/v1" - hyperv1 "github.com/openshift/hypershift/api/hypershift/v1beta1" "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/common" hyperapi "github.com/openshift/hypershift/support/api" @@ -20,6 +20,7 @@ import ( rbacv1 "k8s.io/api/rbac/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/sets" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/apiutil" @@ -53,6 +54,10 @@ func (cvo *clusterVersionOperator) adaptDeployment(cpContext component.WorkloadC c.Image = controlPlaneReleaseImage }) util.UpdateContainer("bootstrap", deployment.Spec.Template.Spec.InitContainers, func(c *corev1.Container) { + c.Args = []string{ + "-c", + cvoBootstrapScript(cpContext.HCP.Spec.ClusterID), + } c.Env = append(c.Env, corev1.EnvVar{ Name: "CLUSTER_ID", Value: cpContext.HCP.Spec.ClusterID, @@ -143,8 +148,8 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, stmts = append(stmts, fmt.Sprintf("cp -R /manifests %s/", payloadDir), - fmt.Sprintf("rm %s/manifests/*_deployment.yaml", payloadDir), - fmt.Sprintf("rm %s/manifests/*_servicemonitor.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*_deployment.yaml", payloadDir), + fmt.Sprintf("rm -f %s/manifests/*_servicemonitor.yaml", payloadDir), fmt.Sprintf("cp -R /release-manifests %s/", payloadDir), ) @@ -184,10 +189,10 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, continue } } - stmts = append(stmts, fmt.Sprintf("rm %s", path.Join(payloadDir, "release-manifests", manifest))) + stmts = append(stmts, fmt.Sprintf("rm -f %s", path.Join(payloadDir, "release-manifests", manifest))) } if !oauthEnabled { - stmts = append(stmts, fmt.Sprintf("rm %s", path.Join(payloadDir, "release-manifests", "0000_50_console-operator_01-oauth.yaml"))) + stmts = append(stmts, fmt.Sprintf("rm -f %s", path.Join(payloadDir, "release-manifests", "0000_50_console-operator_01-oauth.yaml"))) } toRemove := resourcesToRemove(platformType) if len(toRemove) > 0 { @@ -223,6 +228,60 @@ func preparePayloadScript(platformType hyperv1.PlatformType, oauthEnabled bool, return strings.Join(stmts, "\n") } +func cvoBootstrapScript(clusterID string) string { + payloadDir := "/var/payload" + enabledCaps := sets.New[configv1.ClusterVersionCapability]( + configv1.ClusterVersionCapabilitySets[configv1.ClusterVersionCapabilitySetCurrent]...) + enabledCaps = enabledCaps.Delete(configv1.ClusterVersionCapabilityImageRegistry) + + cv := &configv1.ClusterVersion{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterVersion", + APIVersion: "config.openshift.io/v1", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "version", + }, + Spec: configv1.ClusterVersionSpec{ + ClusterID: configv1.ClusterID(clusterID), + Capabilities: &configv1.ClusterVersionCapabilitiesSpec{ + BaselineCapabilitySet: configv1.ClusterVersionCapabilitySetNone, + AdditionalEnabledCapabilities: enabledCaps.UnsortedList(), + }, + }, + } + + // TODO(thomas): ignore the error for simplicity sake today + cvJson, _ := json.Marshal(cv) + + var scriptTemplate = `#!/bin/bash +set -euo pipefail +MANIFEST_DIR=%s/manifests +ls -la ${MANIFEST_DIR} + +cat > /tmp/clusterversion.json <<-EOF +%s +EOF + +oc get ns openshift-config &> /dev/null || oc create ns openshift-config +oc get ns openshift-config-managed &> /dev/null || oc create ns openshift-config-managed + +oc apply -f ${MANIFEST_DIR}/0000_00_cluster-version-operator_01_clusterversions* +oc apply -f /tmp/clusterversion.json +oc get clusterversion.config.openshift.io/version -oyaml + +while true; do + echo "Applying CVO bootstrap manifests..." + if oc apply -f ${MANIFEST_DIR}; then + echo "Bootstrap manifests applied successfully." + break + fi + sleep 1 +done +` + return fmt.Sprintf(scriptTemplate, payloadDir, string(cvJson)) +} + func resourcesToRemove(platformType hyperv1.PlatformType) []client.Object { switch platformType { case hyperv1.IBMCloudPlatform, hyperv1.PowerVSPlatform: