search

operator-framework / operator-controller

A new and improved management framework for extending Kubernetes with Operators
https://operator-framework.github.io/operator-controller/
Apache License 2.0
61 stars 53 forks source link

⚠️ helm: use chunking release driver in systemNamespace #1057

Closed joelanford closed 2 months ago

joelanford commented 2 months ago

Description

This PR:

  1. uses a new helm release storage driver from helm-operator-plugins that chunks release data into one or more secrets (this also incidentally means that our client and the Helm CLI client won't mistake each other's release storage for their own).
  2. moves release secret storage back to our system namespace so that we don't leak details of our release bookkeeping to users.
  3. Notes that the new helm-operator-plugins commit also makes it possible to use one service account for release storage and a separate service account for deploying bundle contents. This is necessary if we want to avoid leaking our internal release storage mechanism to users (who would otherwise have to configure RBAC for release storage permission)

Fixes: https://github.com/operator-framework/operator-controller/issues/923

Reviewer Checklist

netlify[bot] commented 2 months ago

Deploy Preview for olmv1 ready!

Name Link
Latest commit 30c827a9cd1e191a87bcc520b74000eac3541aa8
Latest deploy log https://app.netlify.com/sites/olmv1/deploys/66ad45d46a16c00008ce39a4
Deploy Preview https://deploy-preview-1057--olmv1.netlify.app
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

codecov[bot] commented 2 months ago

Codecov Report

Attention: Patch coverage is 80.26316% with 15 lines in your changes missing coverage. Please review.

Project coverage is 75.28%. Comparing base (f6a9fad) to head (30c827a).

Files Patch % Lines
internal/action/storagedriver.go 72.22% 10 Missing and 5 partials :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1057 +/- ## ======================================= Coverage 75.28% 75.28% ======================================= Files 33 35 +2 Lines 1861 1914 +53 ======================================= + Hits 1401 1441 +40 - Misses 321 330 +9 - Partials 139 143 +4 ``` | [Flag](https://app.codecov.io/gh/operator-framework/operator-controller/pull/1057/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=operator-framework) | Coverage Δ | | |---|---|---| | [e2e](https://app.codecov.io/gh/operator-framework/operator-controller/pull/1057/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=operator-framework) | `57.36% <80.26%> (+0.40%)` | :arrow_up: | | [unit](https://app.codecov.io/gh/operator-framework/operator-controller/pull/1057/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=operator-framework) | `50.78% <1.31%> (-1.40%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=operator-framework#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

tmshort commented 2 months ago

And... a rebase is needed...

joelanford commented 2 months ago

Ok, rebased and reverted the catalog client timeout change, so it is back to 10s. Looks like e2e still passes in GH CI.

I'm also seeing main fail the same as locally for me as this branch, so let's chalk this up as a "me" problem for now.