Open fhielpos opened 3 months ago
stone-z
commented
3 months ago I'm fine with this but I wonder how sure the upgrade path is. How likely is it that a cluster has the CRD already, but won't update KPO again prior to trying to install PolMO? Would this logic work as a pre-install hook on PolMO?
fhielpos
commented
3 months ago How likely is it that a cluster has the CRD already, but won't update KPO again prior to trying to install PolMO?
All clusters will need to update KPO to make it work with policy-meta-operator. The CRD would exist in every cluster that already exists. We can make POLMO depend on KPO for now as a solution to avoid POLMO inconsistencies but I want to see how bad it breaks.
Would this logic work as a pre-install hook on PolMO?
I tried, but no, Helm will template the chart and identify that the CRD is already present before even running the hooks.
In order to install the PolicyException CRD from the policy-meta-operator app, we need to add some labels and annotations to it. Since KPO owned it, this would be the best place to do it.