From b045570e3f2b35deda549beabbecb1ab6a9b21de Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Thu, 16 Jun 2022 14:07:26 -0400 Subject: [PATCH 1/4] Move cert-manager to common overlay We're going to want this on all our clusters. --- cluster-scope/overlays/common/kustomization.yaml | 1 + cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster-scope/overlays/common/kustomization.yaml b/cluster-scope/overlays/common/kustomization.yaml index c44cbcaf..6acc3a71 100644 --- a/cluster-scope/overlays/common/kustomization.yaml +++ b/cluster-scope/overlays/common/kustomization.yaml @@ -3,4 +3,5 @@ kind: Kustomization resources: - machineconfigs/99-master-ssh.yaml - machineconfigs/99-worker-ssh.yaml +- ../../base/operators.coreos.com/subscriptions/cert-manager - ../../base/operators.coreos.com/subscriptions/external-secrets-operator diff --git a/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml b/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml index 020b0af7..903f52b5 100644 --- a/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml +++ b/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml @@ -4,5 +4,4 @@ resources: - ../common - ../../bundles/openshift-gitops - ../../bundles/acm -- ../../base/operators.coreos.com/subscriptions/cert-manager - clusterversion.yaml From 4e404095c9abe210048d4e9c1668dcbd1f3dc745 Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Thu, 16 Jun 2022 14:30:07 -0400 Subject: [PATCH 2/4] Manage namespace in kustomization for subscriptions Let's be consistent about where we're setting namespaces for operator subscriptions. --- .../operators.coreos.com/subscriptions/acm/kustomization.yaml | 1 + .../operators.coreos.com/subscriptions/acm/subscription.yaml | 1 - .../subscriptions/cert-manager/kustomization.yaml | 1 + .../subscriptions/cert-manager/subscription.yaml | 3 --- .../subscriptions/openshift-gitops-operator/kustomization.yaml | 1 + .../subscriptions/openshift-gitops-operator/subscription.yaml | 3 --- 6 files changed, 3 insertions(+), 7 deletions(-) diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/acm/kustomization.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/acm/kustomization.yaml index b2d134b7..f1b116fe 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/acm/kustomization.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/acm/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: open-cluster-management resources: - subscription.yaml diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/acm/subscription.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/acm/subscription.yaml index 37f2c98f..ab7e4adf 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/acm/subscription.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/acm/subscription.yaml @@ -2,7 +2,6 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: acm - namespace: open-cluster-management spec: channel: release-2.5 installPlanApproval: Automatic diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/kustomization.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/kustomization.yaml index b2d134b7..4b1e1004 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/kustomization.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: openshift-operators resources: - subscription.yaml diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/subscription.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/subscription.yaml index ae7c175c..1d83e2da 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/subscription.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/cert-manager/subscription.yaml @@ -1,10 +1,7 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: - labels: - operators.coreos.com/ocs-operator.cert-manager: "" name: cert-manager - namespace: openshift-operators spec: channel: stable installPlanApproval: Automatic diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/kustomization.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/kustomization.yaml index 9604b066..9819363d 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/kustomization.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +namespace: openshift-operators resources: - subscription.yaml diff --git a/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/subscription.yaml b/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/subscription.yaml index 8e896ca8..f0cbbd59 100644 --- a/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/subscription.yaml +++ b/cluster-scope/base/operators.coreos.com/subscriptions/openshift-gitops-operator/subscription.yaml @@ -1,10 +1,7 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: - labels: - operators.coreos.com/openshift-gitops-operator.openshift-operators: "" name: openshift-gitops-operator - namespace: openshift-operators spec: channel: stable installPlanApproval: Automatic From 784bde221445a3edc63ef9717d7cbc400ea6dead Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Fri, 17 Jun 2022 17:51:54 -0400 Subject: [PATCH 3/4] Ignore overlays with -local suffix If you need an overlay for testing/development but want to ensure that you don't accidentally add it to the repository, name it with a `-local` suffix. --- .gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..9e27903b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +**/overlays/*-local/ From c4085e1bcf76bf3c006470de045b2ec0d6d255e3 Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Fri, 17 Jun 2022 20:20:01 -0400 Subject: [PATCH 4/4] Apply a label to all manifests generated by this repository Add the `nerc.mghpcc.org/kustomized` label to all resources generated by our overlays. This makes it easy to identify things that we have either created or modified (e.g., we can ask `kubectl get clusterrolebindings -l nerc.mghpcc.org/kustomized`). --- cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml b/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml index 903f52b5..ba588e48 100644 --- a/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml +++ b/cluster-scope/overlays/nerc-ocp-infra/kustomization.yaml @@ -1,5 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +commonLabels: + nerc.mghpcc.org/kustomized: "true" resources: - ../common - ../../bundles/openshift-gitops