feat : Proper operator installation inside tenant namespace #2589
Conversation
bnshr
force-pushed
the
CNFCERT-1088
branch
3 times, most recently
from
98cb58b to
56d4773
Compare
|
from change #2589: |
bnshr
force-pushed
the
CNFCERT-1088
branch
2 times, most recently
from
1f928d0 to
e3fd824
Compare
|
from change #2589: |
bnshr
force-pushed
the
CNFCERT-1088
branch
2 times, most recently
from
33278d6 to
26570f7
Compare
|
from change #2589: |
bnshr
force-pushed
the
CNFCERT-1088
branch
5 times, most recently
from
fad4dfa to
822dfe9
Compare
bnshr
force-pushed
the
CNFCERT-1088
branch
2 times, most recently
from
2ba0ff8 to
475f7b6
Compare
|
from change #2589: |
|
from change #2589: |
|
from change #2589: |
|
from change #2589: |
|
from change #2589: |
| @@ -83,7 +83,7 @@ lint: | |||
| typos | |||
| markdownlint '**/*.md' | |||
| yamllint --no-warnings . | |||
| shellcheck --format=gcc ${BASH_SCRIPTS} | |||
| shellcheck --nocomments --format=gcc ${BASH_SCRIPTS} | |||
There was a problem hiding this comment.
Could this be put into another PR?
There was a problem hiding this comment.
I cannot remember now why this was added. There was some issue, which was solved by adding this.
| @@ -45,3 +52,83 @@ func SplitCsv(csv string) CsvResult { | |||
| } | |||
| return result | |||
| } | |||
|
|
|||
| func hasOperatorInstallModeType(installModes []v1alpha1.InstallMode, installModeType v1alpha1.InstallModeType) bool { | |||
There was a problem hiding this comment.
This could be unit tested in another PR.
| return singleNamespacedOperators | ||
| } | ||
|
|
||
| func getAllPodsBy(namespace string) (podsInNamespace []*provider.Pod) { |
There was a problem hiding this comment.
This could be unit tested in another PR.
|
from change #2589: |
bnshr
changed the title
bnshr
force-pushed
the
CNFCERT-1088
branch
5 times, most recently
from
4edc01f to
1817116
Compare
|
from change #2589: |
|
from change #2589: |
There was a problem hiding this comment.
I am surprised to see so much changes, your previous implementation needed only a simple change, e.g. to go through all operator namespaces instead of all Single operator namespaces. I feel this implementation is more convoluted and seems to miss a test case since now we are testing also application namespaces.
| func checkIfNamespaceContainsOnlyOperatorPods(namespace string) (isOperatorOnlyNamespace bool, singleNamespacedCsvs, allNamespacedCsvs []string, failedPods string, err error) { | ||
| allPods := getAllPodsBy(namespace) | ||
|
|
||
| foundCsvs, failedPodList, err := checkValidOperatorPodsIn(namespace, allPods) |
There was a problem hiding this comment.
failedPodList -> podsBelongingToNoOperators
| nonCompliantObjects = append(nonCompliantObjects, testhelper.NewOperatorReportObject(operatorNamespace, allNamespacedOperators, | ||
| "AllNamespaced Operator has invalid installation in tenant namespace ", false).AddField("failed pods", failedPods)) | ||
| } else { | ||
| nonCompliantObjects = append(nonCompliantObjects, testhelper.NewNamespacedNamedReportObject( |
There was a problem hiding this comment.
If doesNamespaceContainsOnlyOperatorPods is false and if len(allNamespacedCsvs) == 0, it could be that pods are all app pods so it is compliant.
| var compliantObjects []*testhelper.ReportObject | ||
| var nonCompliantObjects []*testhelper.ReportObject | ||
|
|
||
| for _, operatorNamespace := range env.Namespaces { |
There was a problem hiding this comment.
if you go through all namespaces instead of all operator namespaces, you need to consider the compliant case where all pods do not belong to any operator in the namespace.
Refers the issue