Open ivandov opened 1 year ago
@ivandov Why would you want/need to manipulate the status of a CR outside of an operator?
We have designed technology that allows native Ansible playbooks to be transformed into Ansible Operators without the need for writing your own Ansible Operator from scratch. However, even when writing an Ansible Operator from scratch, updating a kubernetes CR's status would still require importing both Ansible collections.
It just feels "off" to have one kubernetes collection, kubernetes.core
, for handling most of the interactions you may need to have with Kubernetes from an Ansible Playbook. And then, you need a separate Ansible collection for a simple CR status update.
I would imagine most of the logic that's needed to handle status updates is already present in the kubernetes.core
collection. Why need to import and maintain multiple collections?
We also need this for various purposes. In addition to operators written in Ansible that @ivandov mentioned, cases that we have encountered:
In theory one wouldn't need to manipulate the status outside of the operator, but real world this is not uncommon.
Hi, I have just run into the same problem. Our use-case is that we install and configure OpenShift via Ansible. When signing CSRs it is necessary to update the status of the object. https://kubernetes.io/docs/reference/access-authn-authz/certificate-signing-requests/#approval-rejection-api-client
Which due to the lack of support is currently solved via the shell module with oc/kubectl.
The following tasks would solve the problem if the status update were supported
- name: 'Approve CSRs'
kubernetes.core.k8s:
state: 'patched'
kind: 'CertificateSigningRequest'
name: 'test1'
definition:
status:
conditions:
- lastTransitionTime: '{{ now(fmt="%Y-%m-%dT%H:%M:%SZ") }}'
lastUpdateTime: '{{ now(fmt="%Y-%m-%dT%H:%M:%SZ") }}'
message: "This CSR was approved by Ansible."
reason: "AnsibleApprove"
status: "True"
type: "Approved"
- name: 'Approve pending CSRs'
kubernetes.core.k8s_json_patch:
kind: 'CertificateSigningRequest'
name: 'test1'
patch:
- op: 'add'
path: '/status/conditions'
value:
- lastTransitionTime: '{{ now(fmt="%Y-%m-%dT%H:%M:%SZ") }}'
lastUpdateTime: '{{ now(fmt="%Y-%m-%dT%H:%M:%SZ") }}'
message: "This CSR was approved by Ansible."
reason: "AnsibleApprove"
status: "True"
type: "Approved"
SUMMARY
When working with Kubernetes Custom Resources (CRs), there are times that I'd like to be able to modify the
status
of the CR. Currently, these updates are only possible with theoperator_sdk.utils.k8s_status
module.kubernetes.core
collection directly support CRstatus
updates?status
updates already possible but there is a documentation gap?ISSUE TYPE
COMPONENT NAME
I have attempted to perform status updates with the following modules:
kubernetes.core.k8s
kubernetes.core.k8s_json_patch
ADDITIONAL INFORMATION
Here's an example playbook I created to try these CR status updates: