Test operator_sdk 1.41.1

Author: dprince

apis/go.mod

@@ -144,3 +144,5 @@ replace k8s.io/code-generator => k8s.io/code-generator v0.31.13 //allow-merging
 replace k8s.io/component-base => k8s.io/component-base v0.31.13 //allow-merging
 
 replace github.com/cert-manager/cmctl/v2 => github.com/cert-manager/cmctl/v2 v2.1.2-0.20241127223932-88edb96860cf //allow-merging
+
+replace github.com/openstack-k8s-operators/glance-operator/api => github.com/dprince/glance-operator/api v0.0.0-20251022205722-046a560f2a6b

apis/go.sum

@@ -10,6 +10,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dprince/glance-operator/api v0.0.0-20251022205722-046a560f2a6b h1:E0Ai//LqvAMJsjTeqT92x1AfBKlFFgaSlH6vQ2K3608=
+github.com/dprince/glance-operator/api v0.0.0-20251022205722-046a560f2a6b/go.mod h1:fK1M/vQi/TxrZmQvRxgIj998sPHo/v0zC0YUgJ25fU0=
 github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU=
 github.com/emicklei/go-restful/v3 v3.12.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/evanphx/json-patch v5.9.11+incompatible h1:ixHHqfcGvxhWkniF1tWxBHA0yb4Z+d1UQi45df52xW8=
@@ -120,8 +122,6 @@ github.com/openstack-k8s-operators/cinder-operator/api v0.6.1-0.20251014173752-e
 github.com/openstack-k8s-operators/cinder-operator/api v0.6.1-0.20251014173752-ea967e56a392/go.mod h1:HIDWCoybpcyE2/wacsucEm+1dfo5d+Wr6TAQ3+vOaQc=
 github.com/openstack-k8s-operators/designate-operator/api v0.6.1-0.20251022085840-31cb063eeb8a h1:To9zRB8ilQEwkKZ8MXLe5+zaVXail+bjknMVLo3F09Y=
 github.com/openstack-k8s-operators/designate-operator/api v0.6.1-0.20251022085840-31cb063eeb8a/go.mod h1:8R9RYAjEwq+WrgKS558pvMa1Zt5WkAOQEJChloFOKzY=
-github.com/openstack-k8s-operators/glance-operator/api v0.6.1-0.20251022111742-64b4039d28a7 h1:rnR6Qq+R6V/7ZF+50fsSYcSD8SMRgQdiqdT+w2mfThM=
-github.com/openstack-k8s-operators/glance-operator/api v0.6.1-0.20251022111742-64b4039d28a7/go.mod h1:fK1M/vQi/TxrZmQvRxgIj998sPHo/v0zC0YUgJ25fU0=
 github.com/openstack-k8s-operators/heat-operator/api v0.6.1-0.20251025092254-de6e9a251638 h1:5Cj3+iee4jhV/WvrPysevisQlTIgmOdREn1mt7JHrw4=
 github.com/openstack-k8s-operators/heat-operator/api v0.6.1-0.20251025092254-de6e9a251638/go.mod h1:/o8HTAMKnnrETQvJCBXP90yb7kkm0tdfYqp6HUI8Ji0=
 github.com/openstack-k8s-operators/horizon-operator/api v0.6.1-0.20251025090908-00fab1da8f24 h1:jexX3KB+ZiO8h2oF3zzTWA3epgRI6HWoizRA0G/V10g=

bindata/crds/glance.openstack.org_glanceapis.yaml

@@ -2,7 +2,6 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
     controller-gen.kubebuilder.io/version: v0.18.0
   creationTimestamp: null
   name: glanceapis.glance.openstack.org

bindata/crds/glance.openstack.org_glances.yaml

@@ -2,7 +2,6 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
     controller-gen.kubebuilder.io/version: v0.18.0
   creationTimestamp: null
   name: glances.glance.openstack.org

bindata/operator/infra-operator-webhooks.yaml

@@ -39,21 +39,6 @@ spec:
     name: infra-operator-selfsigned-issuer
   secretName: infra-operator-webhook-server-cert
 ---
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  labels:
-    app.kubernetes.io/component: certificate
-    app.kubernetes.io/created-by: openstack-operator
-    app.kubernetes.io/instance: selfsigned-issuer
-    app.kubernetes.io/managed-by: kustomize
-    app.kubernetes.io/name: issuer
-    app.kubernetes.io/part-of: infra-operator
-  name: infra-operator-selfsigned-issuer
-  namespace: '{{ .OperatorNamespace }}'
-spec:
-  selfSigned: {}
----
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:

bindata/operator/managers.yaml

@@ -22,9 +22,17 @@ spec:
     spec:
       containers:
       - args:
+        - --leader-elect
         - --health-probe-bind-address=:8081
+{{- if isEnvVarTrue .Deployment.Manager.Env "METRICS_CERTS" }}
+        - --metrics-bind-address=:8443
+        - --metrics-cert-path=/tmp/k8s-metrics-server/metrics-certs
+{{- if isEnvVarTrue .Deployment.Manager.Env "ENABLE_WEBHOOKS" }}
+        - --webhook-cert-path=/tmp/k8s-webhook-server/serving-certs
+{{- end }}
+{{- else }}
         - --metrics-bind-address=127.0.0.1:8080
-        - --leader-elect
+{{- end }}
         command:
         - /manager
         env:
@@ -55,12 +63,18 @@ spec:
             memory: {{ .Deployment.Manager.Resources.Requests.Memory }}
         securityContext:
           allowPrivilegeEscalation: false
-{{- if isEnvVarTrue .Deployment.Manager.Env "ENABLE_WEBHOOKS" }}
         volumeMounts:
+{{- if isEnvVarTrue .Deployment.Manager.Env "ENABLE_WEBHOOKS" }}
         - mountPath: /tmp/k8s-webhook-server/serving-certs
           name: cert
           readOnly: true
 {{- end }}
+{{- if isEnvVarTrue .Deployment.Manager.Env "METRICS_CERTS" }}
+        - mountPath: /tmp/k8s-metrics-server/metrics-certs
+          name: metrics-certs
+          readOnly: true
+{{- end }}
+{{- if isEnvVarFalse .Deployment.Manager.Env "METRICS_CERTS" }}
       - args:
         - --secure-listen-address=0.0.0.0:8443
         - --upstream=http://127.0.0.1:8080/
@@ -81,6 +95,7 @@ spec:
             memory: {{ .Deployment.KubeRbacProxy.Resources.Requests.Memory }}
         securityContext:
           allowPrivilegeEscalation: false
+{{- end }}
       securityContext:
         runAsNonRoot: true
       serviceAccountName: {{ .Name }}-operator-controller-manager
@@ -101,12 +116,25 @@ spec:
         tolerationSeconds: {{ .TolerationSeconds }}
 {{- end }}
 {{- end }}
-{{- if isEnvVarTrue .Deployment.Manager.Env "ENABLE_WEBHOOKS" }}
       volumes:
+{{- if isEnvVarTrue .Deployment.Manager.Env "ENABLE_WEBHOOKS" }}
       - name: cert
         secret:
           defaultMode: 420
           secretName: {{ .Name }}-operator-webhook-server-cert
 {{ end }}
+{{- if isEnvVarTrue .Deployment.Manager.Env "METRICS_CERTS" }}
+      - name: metrics-certs
+        secret:
+          items:
+          - key: ca.crt
+            path: ca.crt
+          - key: tls.crt
+            path: tls.crt
+          - key: tls.key
+            path: tls.key
+          optional: false
+          secretName: {{ .Name }}-operator-metrics-server-cert
+{{ end }}
 ---
 {{ end }}

bindata/operator/openstack-baremetal-operator-webhooks.yaml

@@ -39,21 +39,6 @@ spec:
     name: openstack-baremetal-operator-selfsigned-issuer
   secretName: openstack-baremetal-operator-webhook-server-cert
 ---
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
-  labels:
-    app.kubernetes.io/component: certificate
-    app.kubernetes.io/created-by: openstack-operator
-    app.kubernetes.io/instance: selfsigned-issuer
-    app.kubernetes.io/managed-by: kustomize
-    app.kubernetes.io/name: issuer
-    app.kubernetes.io/part-of: openstack-baremetal-operator
-  name: openstack-baremetal-operator-selfsigned-issuer
-  namespace: '{{ .OperatorNamespace }}'
-spec:
-  selfSigned: {}
----
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:

bindata/rbac/barbican-operator-rbac.yaml

@@ -1,5 +1,21 @@
 # NOTE: this file is automatically generated by hack/sync-bindata.sh!
 #
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  labels:
+    app.kubernetes.io/component: certificate
+    app.kubernetes.io/created-by: openstack-operator
+    app.kubernetes.io/instance: selfsigned-issuer
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: issuer
+    app.kubernetes.io/part-of: barbican-operator
+  name: barbican-operator-selfsigned-issuer
+  namespace: '{{ .OperatorNamespace }}'
+spec:
+  selfSigned: {}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -290,6 +306,7 @@ spec:
   - name: https
     port: 8443
     protocol: TCP
-    targetPort: https
+    targetPort: 8443
   selector:
     openstack.org/operator-name: barbican
+    control-plane: controller-manager

bindata/rbac/cinder-operator-rbac.yaml

@@ -1,5 +1,21 @@
 # NOTE: this file is automatically generated by hack/sync-bindata.sh!
 #
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  labels:
+    app.kubernetes.io/component: certificate
+    app.kubernetes.io/created-by: openstack-operator
+    app.kubernetes.io/instance: selfsigned-issuer
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: issuer
+    app.kubernetes.io/part-of: cinder-operator
+  name: cinder-operator-selfsigned-issuer
+  namespace: '{{ .OperatorNamespace }}'
+spec:
+  selfSigned: {}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -303,6 +319,7 @@ spec:
   - name: https
     port: 8443
     protocol: TCP
-    targetPort: https
+    targetPort: 8443
   selector:
     openstack.org/operator-name: cinder
+    control-plane: controller-manager

bindata/rbac/designate-operator-rbac.yaml

@@ -1,5 +1,21 @@
 # NOTE: this file is automatically generated by hack/sync-bindata.sh!
 #
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  labels:
+    app.kubernetes.io/component: certificate
+    app.kubernetes.io/created-by: openstack-operator
+    app.kubernetes.io/instance: selfsigned-issuer
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: issuer
+    app.kubernetes.io/part-of: designate-operator
+  name: designate-operator-selfsigned-issuer
+  namespace: '{{ .OperatorNamespace }}'
+spec:
+  selfSigned: {}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -337,6 +353,7 @@ spec:
   - name: https
     port: 8443
     protocol: TCP
-    targetPort: https
+    targetPort: 8443
   selector:
     openstack.org/operator-name: designate
+    control-plane: controller-manager