MGMT-16144 - Operator - Fix make deploy and RBAC updates

Description:
- Update the RBAC rules to account for all the resources
  the operator needs to handle
- Update the Makefile, Dockerfile and .containerignore
  for enabling the build of the operator image

.containerignore

@@ -6,3 +6,5 @@
 !/go.sum
 !/internal
 !/main.go
+!/cmd
+!/api

Dockerfile

@@ -1,20 +1,20 @@
 # Build the manager binary
-FROM golang:1.20 as builder
+FROM registry.hub.docker.com/library/golang:1.21 as builder
 ARG TARGETOS
 ARG TARGETARCH
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
-COPY go.mod go.mod
-COPY go.sum go.sum
+COPY go.mod go.sum ./
+
 # cache deps before building and copying source so that we don't need to re-download as much
 # and so that source changes don't invalidate our downloaded layer
 RUN go mod download
 
 # Copy the go source
 COPY cmd/main.go cmd/main.go
 COPY api/ api/
-COPY controllers/ controllers/
+COPY internal/controllers/ internal/controllers/
 
 # Build
 # the GOARCH has not a default value to allow the binary be built according to the host where the command

Makefile

@@ -19,8 +19,16 @@ image_tag:=latest
 # Additional flags to pass to the `ginkgo` command.
 ginkgo_flags:=
 
+# VERSION
+VERSION ?= latest
+
+# IMAGE_TAG_BASE
+# TODO: change this once the operator images are mirrored to quay
+IMAGE_TAG_BASE ?= quay.io/imihai/oran-o2ims-operator
+
 # Image URL to use all building/pushing image targets
-IMG ?= controller:latest
+IMG ?= $(IMAGE_TAG_BASE):$(VERSION)
+
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
 ENVTEST_K8S_VERSION = 1.28.0
 
@@ -86,7 +94,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
 # More info: https://docs.docker.com/develop/develop-images/build_enhancements/
 .PHONY: docker-build
 docker-build: ## Build docker image with the manager.
-	$(CONTAINER_TOOL) build -t ${IMG} .
+	$(CONTAINER_TOOL) build -t ${IMG} -f Dockerfile .
 
 .PHONY: docker-push
 docker-push: ## Push docker image with the manager.

cmd/main.go

@@ -34,7 +34,7 @@ import (
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
 	oranv1alpha1 "github.com/openshift-kni/oran-o2ims/api/v1alpha1"
-	controller "github.com/openshift-kni/oran-o2ims/internal/controllers"
+	"github.com/openshift-kni/oran-o2ims/internal/controllers"
 	//+kubebuilder:scaffold:imports
 )
 
@@ -102,7 +102,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err = (&controller.ORANO2IMSReconciler{
+	if err = (&controllers.ORANO2IMSReconciler{
 		Client: mgr.GetClient(),
 		Log:    ctrl.Log.WithName("controller").WithName("ORAN-O2IMS"),
 		Scheme: mgr.GetScheme(),

config/manager/kustomization.yaml

@@ -1,8 +1,13 @@
-resources:
-- manager.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
+
+resources:
+- manager.yaml
+
+generatorOptions:
+  disableNameSuffixHash: true
+
 images:
 - name: controller
-  newName: controller
+  newName: quay.io/imihai/oran-o2ims-operator
   newTag: latest

config/rbac/role.yaml

@@ -4,10 +4,70 @@ kind: ClusterRole
 metadata:
   name: manager-role
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - services
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - ingresses
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - oran.openshift.io
   resources:
-  - orano2ims
+  - orano2imses
   verbs:
   - create
   - delete
@@ -19,13 +79,13 @@ rules:
 - apiGroups:
   - oran.openshift.io
   resources:
-  - orano2ims/finalizers
+  - orano2imses/finalizers
   verbs:
   - update
 - apiGroups:
   - oran.openshift.io
   resources:
-  - orano2ims/status
+  - orano2imses/status
   verbs:
   - get
   - patch

internal/controllers/orano2ims_controller.go

@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package controller
+package controllers
 
 import (
 	"context"
@@ -52,9 +52,14 @@ type ORANO2IMSReconciler struct {
 	Scheme *runtime.Scheme
 }
 
-//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2ims,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2ims/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2ims/finalizers,verbs=update
+//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2imses,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2imses/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=oran.openshift.io,resources=orano2imses/finalizers,verbs=update
+//+kubebuilder:rbac:groups="apps",resources=deployments,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="networking.k8s.io",resources=ingresses,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="",resources=serviceaccounts,verbs=get;list;watch;create;update;patch;delete
 
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
 // move the current state of the cluster closer to the desired state.

internal/controllers/suite_test.go

@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package controller
+package controllers
 
 import (
 	"fmt"