[release-4.10] OCPBUGS-7904: Cleanup conversion webhooks when an operator is uninstalled#457
Closed
awgreene wants to merge 42 commits intoopenshift:masterfrom
Closed
[release-4.10] OCPBUGS-7904: Cleanup conversion webhooks when an operator is uninstalled#457awgreene wants to merge 42 commits intoopenshift:masterfrom
awgreene wants to merge 42 commits intoopenshift:masterfrom
Conversation
…t (#2606) The condition that checks for an error with the webhook service deletion is based on the wrong variable, and the return statement is never reached, which leads to a continuous error when OLM tries to replace the webhook service on certain conditions Signed-off-by: orenc1 <ocohen@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: e9aef37a1f293bbbf833206f2037a2f36ffe2673
Problem: The collect-profiles job should only take a few seconds to run. There are instances, such as when the pod cannot be scheduled, where the job will not complete in a reasonable amount of time. If enough jobs are scheduled but unable to run, the number of scheduled jobs can exceed pod quota limits. Solution: Given that the collect-profiles job should only take a few seconds to run and that the job is scheduled to run every 15 minutes, set the collect-profiles cronJob's spec.concurrencyPolicy to "Replace" so that only one active collect-profiles pod exists at any time.
Bug 2070131: Fix a bug in deletion of webhook service for replacement
…ry-pick-255-to-release-4.10 [release-4.10] Bug 2071941: Replace collect-profile jobs that haven't completed
Problem: The CheckRegistryServer function used by grpc catalogSources does not confirm that the serviceAccount associated with the catalogSource exists. Solution: Update the GRPC CheckRegistryServer function to check if the serviceAccount exists. Signed-off-by: Alexander Greene <greene.al1991@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 7e8e9f77d08d1bf451ce61b7bb2610473e793ded
Signed-off-by: Alexander Greene <greene.al1991@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 943a726ab1a516bc231e2fe96d13fc2e47bf4448
[release-4.10] Bug 2080609: Fix GRPC CheckRegistryServer function (#2756)
Signed-off-by: perdasilva <perdasilva@redhat.com>
* go.mod,vendor: Bump to Go 1.17 Signed-off-by: timflannagan <timflannagan@gmail.com> * .github/workflow: Bump the actions/setup-go go-version variable Signed-off-by: timflannagan <timflannagan@gmail.com> * pkg/package-server: Re-generate code Signed-off-by: timflannagan <timflannagan@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: ab8bb974ab31bebe66bb62ad8735d31036534633
This commit updates the operator-registry's go version to v1.17. Signed-off-by: Alexander Greene <greene.al1991@gmail.com> Upstream-repository: operator-registry Upstream-commit: c970d617ce2d77c096102e2d881a15ef680bacf9
Signed-off-by: perdasilva <perdasilva@redhat.com>
…-bump Bug 2095329: [release-4.10] Bump go to v1.17 (openshift#922)
Signed-off-by: perdasilva <perdasilva@redhat.com> Upstream-repository: operator-registry Upstream-commit: 79e8f2518d57040e604ef4a68c9edef199d7d653
Signed-off-by: perdasilva <perdasilva@redhat.com> Upstream-repository: operator-registry Upstream-commit: d42dcfa2db71e1d64f3fce74faff713662c94eff
Signed-off-by: perdasilva <perdasilva@redhat.com> Upstream-repository: operator-registry Upstream-commit: b080d080c494e20caecc035ebd14177a2e8e7a58
Bug 2101802: opm bug fix
The thread-safety logic is flawed and can prevent Operator resources from being reconciled when component resources are updated. It also ensures idempotence when enqueuing a resource for reconciliation; In other words, enqueuing no-ops if the given resource is already in the queue. The underlying queue will ensure a reconciler never races itself when processing a given resource event. Signed-off-by: Nick Hale <njohnhale@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 3807cc1a01619ddf857009c72ca1712746e8fc01
[release-4.10] Bug 2106838: remove broken thread-safety (#2697)
Currently, liveness and readiness probes may fail due to grpc is not ready. Adding a startupProbe will ensure grpc is ready before liveness and readiness probes are triggered. Upstream-repository: operator-lifecycle-manager Upstream-commit: 8987522f97ea3726b42ce6fe23ce5aa75efa83ba Signed-off-by: Vu Dinh <vudinh@outlook.com>
….13 (openshift#970) Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.4.11 to 1.5.13. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.4.11...v1.5.13) Upstream-repository: operator-registry Upstream-commit: 0ceeecf14f9a507c4374efa061f2bc92fc30f180 Signed-off-by: perdasilva <perdasilva@redhat.com>
[release-4.10] Bug 2118261: Update containerd version
Bug 2115874: fix(grpc): Add startupProbe to check for grpc health readiness (#2791)
Signed-off-by: Ben Luddy <bluddy@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: f428918
**Problem:** The package-server-manifest (PSM) is a downstream specific component responsible for reconciling the package-server csv, which is defined in code as a yaml file. When the PSM reconciles the package-server csv, it: - Attempts to generate the base of the expected CSV from the yaml mentioned above. - Passes the reconcileCSV function as the mutateFn parameter and the expectedCSV as the `obj` parameter into into controller-runtime's createOrUpdate function. Controller runtime's createOrUpdate function will apply the mutateFn function against: - The `obj` you passed in if it does not already exist. OR - The existing on cluster object. In the case where the mutateFn is applied to the applied to the existing object, changes made to the package-server csv yaml are ignored because the mutateFn (ie the reconcileCSV function) doesn't consider changes to the manifest. **Solution:** Update the reconcileCSV function to: - Ensure that expected annotations and labels are present on the csv. - Ensure that the expected spec is present on the csv.
Get the current OpenShift release version from the RELEASE_VERSION environment variable since the behavior of the original source -- the ClusterVersion desired release status field -- has changed. Signed-off-by: Tyler Slaton <tyslaton@redhat.com> Co-authored-by: Nick Hale <njohnhale@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: ec9903dba891dc5fd4e42bd06b240a7a82f9283c
…oper draining of nodes (#2669) Signed-off-by: Daniel Sover <dsover@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: dbd5b6f0d1dbc6981363c1345fa217629de97709
[release-4.10] OCPBUGS-1087: Stop corrupting resolver cache.
…GS-1323 [release-4.10] OCPBUGS-1323: Add autoscaling eviction annotation to catalog pods to enable proper draining of nodes
…PVersion-bug OCPBUGS-2898: [release-4.10] fix(openshift): use env var instead of clusterversion status (#2817)
* Update catalog source pod creation to not mutate parameters Signed-off-by: perdasilva <perdasilva@redhat.com> * Update pkg/controller/registry/reconciler/reconciler_test.go Co-authored-by: Alexander Greene <agreene@redhat.com> Signed-off-by: perdasilva <perdasilva@redhat.com> Co-authored-by: Alexander Greene <agreene@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 83e3ebf96856643286e2e3e9438352c975923858
Signed-off-by: Per Goncalves da Silva <pegoncal@redhat.com> Co-authored-by: Per Goncalves da Silva <pegoncal@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 1bdf969e6dff317e975de21078d60dd1406235e0
…ry-pick-355-to-release-4.10 [release-4.10] OCPBUGS-4128: concurrent write bug fix
OCPBUGS-4799: Fix label key truncation for subscription annotations (#2731)
Signed-off-by: perdasilva <perdasilva@redhat.com>
…aming (#2715)
* Add importas linting configuration to enforce common package import naming
Signed-off-by: timflannagan <timflannagan@gmail.com>
* cmd,pkg,test: Fix linting violations
Signed-off-by: timflannagan <timflannagan@gmail.com>
Upstream-repository: operator-lifecycle-manager
Upstream-commit: 2194336a87354972a9bc7ea93395571f83147cf6
Signed-off-by: perdasilva <perdasilva@redhat.com>
Signed-off-by: Per Goncalves da Silva <pegoncal@redhat.com> Signed-off-by: perdasilva <perdasilva@redhat.com> Co-authored-by: Per Goncalves da Silva <pegoncal@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: d87319abbd63a0553bd6d37f9125faba7bd40fd5
Signed-off-by: perdasilva <perdasilva@redhat.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 9ced412f3e263b8827680dc0ad3477327cd9a508
…t-cert-rotation-fix OCPBUGS-5294: backport cert rotation fix
[release-4.10] OCPBUGS-1525: Package Server Manager should enforce expected csv values
Problem: The operator CR's status includes a list of componenets owned by the operator. The list of components are ordered by GVK, but the order of objects with the same GVK may change. If an operator owns many components, there is a high likelyhood that OLM will continuously update the status of the operator CR because the order of its components have changed, Solution: Order an operators component references so OLM does not attempt to update the status of the operator CR. Signed-off-by: Alexander Greene <greene.al1991@gmail.com> Upstream-repository: operator-lifecycle-manager Upstream-commit: 793a7cc20d18f4907fc17ce2a0cebbca9a0f00be
…ry-pick-413-to-release-4.10 [release-4.10] OCPBUGS-6498: Order an operator CR's status.Component.Refs array (#2880)
Problem: When uninstalling a CSV, OLM has always avoided deleting the associated CRD as all CRs on cluster are subsequently deleted, possibly resulting in user dataloss. OLM supports defining conversion webhooks within the CSV. On cluster, conversion webhooks are defined with a CRD and point to a service that handles conversion. If the service is unable to fulfill the request, all requests against the CRs associated with the CRD will fail. When uninstalling a CSV, OLM does not remove the conversion webhook from the CRD, meaning that all requests against the CRs associated with the CRD will fail, resulting in at least two concerns: 1. OLM is unable to subsequently reinstall the operator. When installing a CSV, if the CRD already exists and instances of CRs exist as well, OLM performs a series of checks which ensure that none of the CRs are invalidated against the new schema. The existing CRD's conversion webhooks points to a non-existant service, causing the check to fail and preventing installs. 2. Broken conversion webhooks causes kubernete's garbage collection to fail. Solution: When a CSV is deleted, if no CSV exists that is replacing it, set the CRD's conversion strategy to None. Signed-off-by: Alexander Greene <greene.al1991@gmail.com> Upstream-commit: 94374983d448c56d031f0493b84b6dce37b84741 Upstream-repository: operator-lifecycle-manager
openshift-ci-robot
added
jira/severity-moderate
|
@awgreene: This pull request references Jira Issue OCPBUGS-7904, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this: Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-merge-robot
added
the
needs-rebase
Contributor
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Contributor
|
@awgreene: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: awgreene The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
approved
openshift-bot
pushed a commit
to openshift-bot/operator-framework-olm
that referenced
this pull request
Dec 18, 2025
Signed-off-by: grokspawn <jordan@nimblewidget.com> Upstream-repository: api Upstream-commit: 9b9df1ed4c8a67a8c8e49ea18fa40ace76175b45
openshift-bot
pushed a commit
to openshift-bot/operator-framework-olm
that referenced
this pull request
Dec 19, 2025
Signed-off-by: grokspawn <jordan@nimblewidget.com> Upstream-repository: api Upstream-commit: 9b9df1ed4c8a67a8c8e49ea18fa40ace76175b45
openshift-bot
pushed a commit
to openshift-bot/operator-framework-olm
that referenced
this pull request
Dec 20, 2025
Signed-off-by: grokspawn <jordan@nimblewidget.com> Upstream-repository: api Upstream-commit: 9b9df1ed4c8a67a8c8e49ea18fa40ace76175b45
openshift-bot
pushed a commit
to openshift-bot/operator-framework-olm
that referenced
this pull request
Dec 25, 2025
Signed-off-by: grokspawn <jordan@nimblewidget.com> Upstream-repository: api Upstream-commit: 9b9df1ed4c8a67a8c8e49ea18fa40ace76175b45
openshift-bot
pushed a commit
to openshift-bot/operator-framework-olm
that referenced
this pull request
Jan 1, 2026
Signed-off-by: grokspawn <jordan@nimblewidget.com> Upstream-repository: api Upstream-commit: 9b9df1ed4c8a67a8c8e49ea18fa40ace76175b45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.