Skip to content

Fix for Namespace customizing #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 4 commits into
base: develop
Choose a base branch
from
Draft

Fix for Namespace customizing #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4df9e9f
fix(Chart): Allow ns customizing
hypery2k Oct 5, 2024
770fbfe
fix(Chart): Automate ns customizing
hypery2k Oct 5, 2024
23c4000
chore: bump chart
hypery2k Oct 5, 2024
71d9e7e
chore: Adjust README
hypery2k Oct 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .bin/update-chart.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,7 @@ mv ci.values.yaml.bak ../chart/ci.values.yaml.yaml
cd ..
sed -i.bak "s/operator-framework\/olm:master$/operator-framework\/olm:v${OLM_VERSION}/" chart/values.yaml
rm chart/values.yaml.bak
# Correcting namespace ref
git apply .etc/patches/correct-release-ns.patch
rm -rf tmp
helm-docs chart/
205 changes: 205 additions & 0 deletions .etc/patches/correct-release-ns.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,205 @@
diff --git a/chart/templates/0000_50_olm_00-namespace.yaml b/chart/templates/0000_50_olm_00-namespace.yaml
index 69fca9f..de322b5 100644
--- a/chart/templates/0000_50_olm_00-namespace.yaml
+++ b/chart/templates/0000_50_olm_00-namespace.yaml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Namespace
metadata:
- name: {{ .Values.namespace }}
+ name: {{ .Release.Namespace }}
labels:
{{- if .Values.namespace_psa }}
pod-security.kubernetes.io/enforce: {{ .Values.namespace_psa.enforceLevel }}
diff --git a/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml b/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml
index fceffd0..013b914 100644
--- a/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml
+++ b/chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml
@@ -13,12 +13,12 @@ kind: ServiceAccount
apiVersion: v1
metadata:
name: olm-operator-serviceaccount
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
---
apiVersion: {{ .Values.rbacApiVersion }}/v1
kind: ClusterRoleBinding
metadata:
- name: olm-operator-binding-{{ .Values.namespace }}
+ name: olm-operator-binding-{{ .Release.Namespace }}
roleRef:
apiGroup: {{ .Values.rbacApiVersion }}
kind: ClusterRole
@@ -26,4 +26,4 @@ roleRef:
subjects:
- kind: ServiceAccount
name: olm-operator-serviceaccount
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
diff --git a/chart/templates/0000_50_olm_02-services.yaml b/chart/templates/0000_50_olm_02-services.yaml
index 51fb8df..8edf73c 100644
--- a/chart/templates/0000_50_olm_02-services.yaml
+++ b/chart/templates/0000_50_olm_02-services.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
kind: Service
metadata:
name: olm-operator-metrics
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
annotations:
service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert
labels:
@@ -22,7 +22,7 @@ apiVersion: v1
kind: Service
metadata:
name: catalog-operator-metrics
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
annotations:
service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert
labels:
diff --git a/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml b/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml
index f2c7bd8..13ae913 100644
--- a/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml
+++ b/chart/templates/0000_50_olm_07-olm-operator.deployment.yaml
@@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: olm-operator
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
app: olm-operator
spec:
diff --git a/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml b/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml
index eea8046..dc8629c 100644
--- a/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml
+++ b/chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml
@@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: catalog-operator
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
app: catalog-operator
spec:
diff --git a/chart/templates/0000_50_olm_13-operatorgroup-default.yaml b/chart/templates/0000_50_olm_13-operatorgroup-default.yaml
index 079d49f..59a1ba0 100644
--- a/chart/templates/0000_50_olm_13-operatorgroup-default.yaml
+++ b/chart/templates/0000_50_olm_13-operatorgroup-default.yaml
@@ -8,7 +8,7 @@ apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: olm-operators
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
spec:
targetNamespaces:
- - {{ .Values.namespace }}
+ - {{ .Release.Namespace }}
diff --git a/chart/templates/0000_90_olm_00-service-monitor.yaml b/chart/templates/0000_90_olm_00-service-monitor.yaml
index 6585bd6..33aa6e8 100644
--- a/chart/templates/0000_90_olm_00-service-monitor.yaml
+++ b/chart/templates/0000_90_olm_00-service-monitor.yaml
@@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: olm-operator
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
app: olm-operator
spec:
@@ -19,11 +19,11 @@ spec:
scheme: https
tlsConfig:
caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt
- serverName: olm-operator-metrics.{{ .Values.namespace }}.svc
+ serverName: olm-operator-metrics.{{ .Release.Namespace }}.svc
jobLabel: component
namespaceSelector:
matchNames:
- - {{ .Values.namespace }}
+ - {{ .Release.Namespace }}
selector:
matchLabels:
app: olm-operator
@@ -32,7 +32,7 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: catalog-operator
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
app: catalog-operator
spec:
@@ -48,11 +48,11 @@ spec:
scheme: https
tlsConfig:
caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt
- serverName: catalog-operator-metrics.{{ .Values.namespace }}.svc
+ serverName: catalog-operator-metrics.{{ .Release.Namespace }}.svc
jobLabel: component
namespaceSelector:
matchNames:
- - {{ .Values.namespace }}
+ - {{ .Release.Namespace }}
selector:
matchLabels:
app: catalog-operator
@@ -61,7 +61,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: operator-lifecycle-manager-metrics
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -75,7 +75,7 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: operator-lifecycle-manager-metrics
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
rules:
- apiGroups:
- ""
diff --git a/chart/templates/0000_90_olm_01-prometheus-rule.yaml b/chart/templates/0000_90_olm_01-prometheus-rule.yaml
index 64bd3c7..a9d0a4d 100644
--- a/chart/templates/0000_90_olm_01-prometheus-rule.yaml
+++ b/chart/templates/0000_90_olm_01-prometheus-rule.yaml
@@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: olm-alert-rules
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
prometheus: alert-rules
role: alert-rules
diff --git a/chart/templates/_packageserver.clusterserviceversion.yaml b/chart/templates/_packageserver.clusterserviceversion.yaml
index 5739dff..a6440f6 100644
--- a/chart/templates/_packageserver.clusterserviceversion.yaml
+++ b/chart/templates/_packageserver.clusterserviceversion.yaml
@@ -3,7 +3,7 @@ apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
name: packageserver
- namespace: {{ .Values.namespace }}
+ namespace: {{ .Release.Namespace }}
labels:
olm.version: {{ .Chart.Version }}
{{- if .Values.writePackageServerStatusName }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 31bc9a0..31dcf9e 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1,5 +1,5 @@
rbacApiVersion: rbac.authorization.k8s.io
-namespace: operator-lifecycle-manager
+
# see https://kubernetes.io/docs/concepts/security/pod-security-admission/ for more details
namespace_psa:
enforceLevel: baseline
31 changes: 30 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,34 @@ Credits to [kubitus for the idea](https://gitlab.com/kubitus-project/external-he
To install the Helm Chart use the [OCI Package Registry](https://github.com/orgs/CloudTooling/packages):

```
helm install olm oci://ghcr.io/cloudtooling/helm-charts
export HELM_EXPERIMENTAL_OCI=1
helm install olm oci://ghcr.io/cloudtooling/helm-charts/olm -n operator-lifecycle-manager --create-namespace
```
First run will fail, due to this [issue](https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm/issues/221):
```
Error: INSTALLATION FAILED: 1 error occurred:
* namespaces "operator-lifecycle-manager" already exists
```
But running it again will work:
```
$ helm upgrade --install olm oci://ghcr.io/cloudtooling/helm-charts/olm --version=0.28.1-dev -n operator-lifecycle-manager --create-namespace
Pulled: ghcr.io/cloudtooling/helm-charts/olm:0.28.1-dev
Digest: sha256:61a163ab5fabc36f1d742b75474a641570fcfe2d581f34f08587b0c7a33b23d5
Release "olm" has been upgraded. Happy Helming!
NAME: olm
LAST DEPLOYED: Sat Oct 5 07:30:18 2024
NAMESPACE: operator-lifecycle-manager
STATUS: deployed
REVISION: 2
TEST SUITE: None
```

If you're using terraform you have have to do the second run manual and then import it into your state:
```
terraform import helm_release.<name> operator-lifecycle-manager/olm
```

You can also adjust the namespaces:
```
helm -n olm upgrade --install olm oci://ghcr.io/cloudtooling/helm-charts/olm --create-namespace --set catalog_namespace=olm
```
2 changes: 1 addition & 1 deletion chart/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
description: Kubernetes Chart for Operator Lifecycle Manager
name: olm
version: 0.28.0
version: 0.28.1
annotations:
artifacthub.io/links: |
- name: Helm Chart
Expand Down
3 changes: 1 addition & 2 deletions chart/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# olm

![Version: 0.28.0](https://img.shields.io/badge/Version-0.28.0-informational?style=flat-square)
![Version: 0.28.1](https://img.shields.io/badge/Version-0.28.1-informational?style=flat-square)

Kubernetes Chart for Operator Lifecycle Manager

Expand All @@ -25,7 +25,6 @@ Kubernetes Chart for Operator Lifecycle Manager
| minKubeVersion | string | `"1.11.0"` | |
| monitoring.enabled | bool | `false` | |
| monitoring.namespace | string | `"monitoring"` | |
| namespace | string | `"operator-lifecycle-manager"` | |
| namespace_psa.auditLevel | string | `"restricted"` | |
| namespace_psa.auditVersion | string | `"latest"` | |
| namespace_psa.enforceLevel | string | `"baseline"` | |
Expand Down
2 changes: 1 addition & 1 deletion chart/templates/0000_50_olm_00-namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.namespace }}
name: {{ .Release.Namespace }}
labels:
{{- if .Values.namespace_psa }}
pod-security.kubernetes.io/enforce: {{ .Values.namespace_psa.enforceLevel }}
Expand Down
6 changes: 3 additions & 3 deletions chart/templates/0000_50_olm_01-olm-operator.serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,17 +13,17 @@ kind: ServiceAccount
apiVersion: v1
metadata:
name: olm-operator-serviceaccount
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
---
apiVersion: {{ .Values.rbacApiVersion }}/v1
kind: ClusterRoleBinding
metadata:
name: olm-operator-binding-{{ .Values.namespace }}
name: olm-operator-binding-{{ .Release.Namespace }}
roleRef:
apiGroup: {{ .Values.rbacApiVersion }}
kind: ClusterRole
name: system:controller:operator-lifecycle-manager
subjects:
- kind: ServiceAccount
name: olm-operator-serviceaccount
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
4 changes: 2 additions & 2 deletions chart/templates/0000_50_olm_02-services.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: v1
kind: Service
metadata:
name: olm-operator-metrics
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
annotations:
service.alpha.openshift.io/serving-cert-secret-name: olm-operator-serving-cert
labels:
Expand All @@ -22,7 +22,7 @@ apiVersion: v1
kind: Service
metadata:
name: catalog-operator-metrics
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
annotations:
service.alpha.openshift.io/serving-cert-secret-name: catalog-operator-serving-cert
labels:
Expand Down
2 changes: 1 addition & 1 deletion chart/templates/0000_50_olm_07-olm-operator.deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: olm-operator
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
labels:
app: olm-operator
spec:
Expand Down
2 changes: 1 addition & 1 deletion chart/templates/0000_50_olm_08-catalog-operator.deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: catalog-operator
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
labels:
app: catalog-operator
spec:
Expand Down
4 changes: 2 additions & 2 deletions chart/templates/0000_50_olm_13-operatorgroup-default.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: olm-operators
namespace: {{ .Values.namespace }}
namespace: {{ .Release.Namespace }}
spec:
targetNamespaces:
- {{ .Values.namespace }}
- {{ .Release.Namespace }}
Loading