Skip to content

Commit e1dcfd1

Browse files
kaovilaiclaude
kaovilai
and
claude
authored
Replace operator-sdk run bundle with catalog-based OLM deployment (#2078)
The operator-sdk run bundle command has limitations and a pending PR (#7040) that is not getting merged. This replaces it with a catalog-based approach using opm and direct OLM resource creation. Changes: - Add CATALOG_SOURCE_NAME variable for configurability - Update deploy-olm to build catalog using existing catalog-build/catalog-push - Create CatalogSource with grpcPodConfig.securityContextConfig: restricted - Create OperatorGroup and Subscription directly via oc apply - Wait for CatalogSource READY, InstallPlan, and CSV Succeeded states - Simplify undeploy-olm to remove operator-sdk cleanup dependency - Update create-sts-subscription helper to use DEFAULT_CHANNEL variable - Update deploy-olm-stsflow console URL to use DEFAULT_CHANNEL variable Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
1 parent 48733e6 commit e1dcfd1

File tree

1 file changed

+99
-14
lines changed

1 file changed

+99
-14
lines changed

Makefile

Lines changed: 99 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -389,6 +389,9 @@ ifneq ($(origin CATALOG_BASE_IMG), undefined)
389389
FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG)
390390
endif
391391

392+
# Catalog source name for deploy-olm
393+
CATALOG_SOURCE_NAME ?= oadp-operator-catalog
394+
392395
# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'.
393396
# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see:
394397
# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator
@@ -535,28 +538,110 @@ OADP_TEST_NAMESPACE ?= openshift-adp
535538
.PHONY: deploy-olm
536539
deploy-olm: THIS_OPERATOR_IMAGE?=ttl.sh/oadp-operator-$(GIT_REV):$(TTL_DURATION) # Set target specific variable
537540
deploy-olm: THIS_BUNDLE_IMAGE?=ttl.sh/oadp-operator-bundle-$(GIT_REV):$(TTL_DURATION) # Set target specific variable
541+
deploy-olm: THIS_CATALOG_IMAGE?=ttl.sh/oadp-operator-catalog-$(GIT_REV):$(TTL_DURATION) # Set target specific variable
538542
deploy-olm: DEPLOY_TMP:=$(shell mktemp -d)/ # Set target specific variable
539543
deploy-olm: undeploy-olm ## Build current branch operator image, bundle image, push and install via OLM. For more information, check docs/developer/install_from_source.md
540544
@make versions
541545
@echo "DEPLOY_TMP: $(DEPLOY_TMP)"
542-
# build and push operator and bundle image
543-
# use $(OPERATOR_SDK) to install bundle to authenticated cluster
546+
# build and push operator, bundle, and catalog images
544547
cp -r . $(DEPLOY_TMP) && cd $(DEPLOY_TMP) && \
545-
IMG=$(THIS_OPERATOR_IMAGE) BUNDLE_IMG=$(THIS_BUNDLE_IMAGE) \
546-
make docker-build docker-push bundle bundle-build bundle-push; \
548+
IMG=$(THIS_OPERATOR_IMAGE) BUNDLE_IMG=$(THIS_BUNDLE_IMAGE) BUNDLE_IMGS=$(THIS_BUNDLE_IMAGE) CATALOG_IMG=$(THIS_CATALOG_IMAGE) \
549+
make docker-build docker-push bundle bundle-build bundle-push catalog-build catalog-push; \
547550
chmod -R 777 $(DEPLOY_TMP) && rm -rf $(DEPLOY_TMP)
548-
$(OPERATOR_SDK) run bundle --security-context-config restricted $(THIS_BUNDLE_IMAGE) --namespace $(OADP_TEST_NAMESPACE)
551+
# Create CatalogSource with restricted security context
552+
@echo "Creating CatalogSource $(CATALOG_SOURCE_NAME)..."
553+
@echo -e "apiVersion: operators.coreos.com/v1alpha1\nkind: CatalogSource\nmetadata:\n name: $(CATALOG_SOURCE_NAME)\n namespace: $(OADP_TEST_NAMESPACE)\nspec:\n sourceType: grpc\n image: $(THIS_CATALOG_IMAGE)\n displayName: OADP Operator Catalog\n publisher: OADP Team\n grpcPodConfig:\n securityContextConfig: restricted" | $(OC_CLI) apply -f -
554+
# Wait for CatalogSource to be ready
555+
@echo "Waiting for CatalogSource to be ready..."
556+
@timeout=120; \
557+
while [ $$timeout -gt 0 ]; do \
558+
STATE=$$($(OC_CLI) get catalogsource $(CATALOG_SOURCE_NAME) -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.status.connectionState.lastObservedState}' 2>/dev/null); \
559+
if [ "$$STATE" = "READY" ]; then \
560+
echo "CatalogSource is ready"; \
561+
break; \
562+
fi; \
563+
echo -n "."; \
564+
sleep 2; \
565+
timeout=$$((timeout-2)); \
566+
done; \
567+
if [ $$timeout -le 0 ]; then \
568+
echo "Timeout waiting for CatalogSource"; \
569+
$(OC_CLI) get catalogsource $(CATALOG_SOURCE_NAME) -n $(OADP_TEST_NAMESPACE) -o yaml; \
570+
exit 1; \
571+
fi
572+
# Create OperatorGroup if not exists
573+
@echo "Checking OperatorGroup..."
574+
@OG_COUNT=$$($(OC_CLI) get operatorgroup -n $(OADP_TEST_NAMESPACE) --no-headers 2>/dev/null | wc -l | tr -d ' '); \
575+
if [ "$$OG_COUNT" -eq "0" ]; then \
576+
echo "Creating OperatorGroup..."; \
577+
echo -e "apiVersion: operators.coreos.com/v1\nkind: OperatorGroup\nmetadata:\n name: oadp-operator-group\n namespace: $(OADP_TEST_NAMESPACE)\nspec:\n targetNamespaces:\n - $(OADP_TEST_NAMESPACE)" | $(OC_CLI) apply -f -; \
578+
else \
579+
echo "OperatorGroup already exists"; \
580+
fi
581+
# Create Subscription
582+
@echo "Creating Subscription..."
583+
@echo -e "apiVersion: operators.coreos.com/v1alpha1\nkind: Subscription\nmetadata:\n name: oadp-operator\n namespace: $(OADP_TEST_NAMESPACE)\nspec:\n channel: $(DEFAULT_CHANNEL)\n name: oadp-operator\n source: $(CATALOG_SOURCE_NAME)\n sourceNamespace: $(OADP_TEST_NAMESPACE)\n installPlanApproval: Automatic" | $(OC_CLI) apply -f -
584+
# Wait for operator to be ready
585+
@echo "Waiting for InstallPlan to be created..."
586+
@timeout=60; \
587+
while [ $$timeout -gt 0 ]; do \
588+
INSTALL_PLAN=$$($(OC_CLI) get subscription oadp-operator -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.status.installPlanRef.name}' 2>/dev/null); \
589+
if [ -n "$$INSTALL_PLAN" ]; then \
590+
echo "InstallPlan $$INSTALL_PLAN found"; \
591+
break; \
592+
fi; \
593+
echo -n "."; \
594+
sleep 2; \
595+
timeout=$$((timeout-2)); \
596+
done; \
597+
if [ $$timeout -le 0 ]; then \
598+
echo "Timeout waiting for InstallPlan"; \
599+
exit 1; \
600+
fi
601+
@echo "Waiting for CSV to exist..."
602+
@timeout=120; \
603+
CSV_NAME=""; \
604+
while [ $$timeout -gt 0 ]; do \
605+
CSV_NAME=$$($(OC_CLI) get subscription oadp-operator -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.status.currentCSV}' 2>/dev/null); \
606+
if [ -n "$$CSV_NAME" ]; then \
607+
if $(OC_CLI) get csv/$$CSV_NAME -n $(OADP_TEST_NAMESPACE) >/dev/null 2>&1; then \
608+
echo "CSV $$CSV_NAME found"; \
609+
break; \
610+
fi; \
611+
fi; \
612+
echo -n "."; \
613+
sleep 2; \
614+
timeout=$$((timeout-2)); \
615+
done; \
616+
if [ $$timeout -le 0 ]; then \
617+
echo "Timeout waiting for CSV to exist"; \
618+
exit 1; \
619+
fi
620+
@echo "Waiting for CSV to be ready..."
621+
@CSV_NAME=$$($(OC_CLI) get subscription oadp-operator -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.status.currentCSV}' 2>/dev/null); \
622+
if [ -n "$$CSV_NAME" ]; then \
623+
$(OC_CLI) wait --for=jsonpath='{.status.phase}'=Succeeded csv/$$CSV_NAME -n $(OADP_TEST_NAMESPACE) --timeout=300s; \
624+
fi
625+
@echo "Operator is ready!"
626+
@$(OC_CLI) get subscription oadp-operator -n $(OADP_TEST_NAMESPACE)
627+
@$(OC_CLI) get csv -n $(OADP_TEST_NAMESPACE)
549628

550629
.PHONY: undeploy-olm
551-
undeploy-olm: login-required operator-sdk ## Uninstall current branch operator via OLM
630+
undeploy-olm: login-required ## Uninstall current branch operator via OLM
552631
$(OC_CLI) whoami # Check if logged in
553632
$(OC_CLI) create namespace $(OADP_TEST_NAMESPACE) || true
554-
-$(OPERATOR_SDK) cleanup oadp-operator --namespace $(OADP_TEST_NAMESPACE) || true
555-
# Also try to clean up any leftover resources
633+
# Delete Subscription
556634
-$(OC_CLI) delete subscription oadp-operator -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
557-
-$(OC_CLI) get subscription -n $(OADP_TEST_NAMESPACE) -o name | xargs -I {} $(OC_CLI) get {} -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.metadata.name}{"\t"}{.spec.source}{"\n"}' | grep "oadp-operator-catalog" | cut -f1 | xargs -I {} $(OC_CLI) delete subscription {} -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
635+
# Delete any subscriptions using our catalog
636+
-$(OC_CLI) get subscription -n $(OADP_TEST_NAMESPACE) -o name 2>/dev/null | xargs -I {} $(OC_CLI) get {} -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.metadata.name}{"\t"}{.spec.source}{"\n"}' 2>/dev/null | grep "$(CATALOG_SOURCE_NAME)" | cut -f1 | xargs -I {} $(OC_CLI) delete subscription {} -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true || true
637+
# Delete CSV with OADP label
558638
-$(OC_CLI) delete csv -l operators.coreos.com/oadp-operator.$(OADP_TEST_NAMESPACE) -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
559-
-$(OC_CLI) delete catalogsource oadp-operator-catalog -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
639+
# Delete any CSV starting with oadp-operator
640+
-$(OC_CLI) get csv -n $(OADP_TEST_NAMESPACE) -o name 2>/dev/null | grep oadp-operator | xargs -I {} $(OC_CLI) delete {} -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true || true
641+
# Delete CatalogSource
642+
-$(OC_CLI) delete catalogsource $(CATALOG_SOURCE_NAME) -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
643+
# Delete OperatorGroup (only if we created it)
644+
-$(OC_CLI) delete operatorgroup oadp-operator-group -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
560645

561646
# Create subscription YAML helper function
562647
# Parameters:
@@ -568,9 +653,9 @@ create-sts-subscription = \
568653
echo " name: oadp-operator" >> $(1) && \
569654
echo " namespace: $(OADP_TEST_NAMESPACE)" >> $(1) && \
570655
echo "spec:" >> $(1) && \
571-
echo " channel: operator-sdk-run-bundle" >> $(1) && \
656+
echo " channel: $(DEFAULT_CHANNEL)" >> $(1) && \
572657
echo " name: oadp-operator" >> $(1) && \
573-
echo " source: oadp-operator-catalog" >> $(1) && \
658+
echo " source: $(CATALOG_SOURCE_NAME)" >> $(1) && \
574659
echo " sourceNamespace: $(OADP_TEST_NAMESPACE)" >> $(1) && \
575660
echo " installPlanApproval: Automatic" >> $(1) && \
576661
echo " config:" >> $(1) && \
@@ -631,14 +716,14 @@ apply-sts-subscription = \
631716
.PHONY: deploy-olm-stsflow
632717
deploy-olm-stsflow: deploy-olm ## Deploy via OLM then uninstall CSV/Subscription and provide console URL for standardized flow
633718
@echo "Uninstalling CSV and Subscription to trigger standardized flow UI..."
634-
-$(OC_CLI) get subscription -n $(OADP_TEST_NAMESPACE) -o name | xargs -I {} $(OC_CLI) get {} -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.metadata.name}{"\t"}{.spec.source}{"\n"}' | grep "oadp-operator-catalog" | cut -f1 | xargs -I {} $(OC_CLI) delete subscription {} -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
719+
-$(OC_CLI) get subscription -n $(OADP_TEST_NAMESPACE) -o name 2>/dev/null | xargs -I {} $(OC_CLI) get {} -n $(OADP_TEST_NAMESPACE) -o jsonpath='{.metadata.name}{"\t"}{.spec.source}{"\n"}' 2>/dev/null | grep "$(CATALOG_SOURCE_NAME)" | cut -f1 | xargs -I {} $(OC_CLI) delete subscription {} -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true || true
635720
-$(OC_CLI) delete csv oadp-operator.v$(VERSION) -n $(OADP_TEST_NAMESPACE) --ignore-not-found=true
636721
@echo ""
637722
@echo "==========================================================================="
638723
@echo "Open the following URL in your browser to trigger the standardized flow UI:"
639724
@echo ""
640725
@CONSOLE_URL=$$($(OC_CLI) get route console -n openshift-console -o jsonpath='{.spec.host}'); \
641-
echo "https://$$CONSOLE_URL/operatorhub/ns/$(OADP_TEST_NAMESPACE)?keyword=oadp-operator&details-item=oadp-operator-oadp-operator-catalog-$(OADP_TEST_NAMESPACE)&channel=operator-sdk-run-bundle&version=$(VERSION)"
726+
echo "https://$$CONSOLE_URL/operatorhub/ns/$(OADP_TEST_NAMESPACE)?keyword=oadp-operator&details-item=oadp-operator-$(CATALOG_SOURCE_NAME)-$(OADP_TEST_NAMESPACE)&channel=$(DEFAULT_CHANNEL)&version=$(VERSION)"
642727
@echo ""
643728
@echo "==========================================================================="
644729

0 commit comments

Comments
 (0)