Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Allow IfNotPresent policy when operator-sdk run bundle #6795 #6851

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

kaovilai
Copy link

@kaovilai kaovilai commented Oct 30, 2024

Description of the change:

❯ go run cmd/operator-sdk/main.go run bundle 
Error: accepts 1 arg(s), received 0
Usage:
  operator-sdk run bundle <bundle-image> [flags]

Flags:
      --ca-secret-name string                     Name of a generic secret containing a PEM root certificate file required to pull bundle images. This secret *must* be in the namespace that this command is configured to run in, and the file *must* be encoded under the key "cert.pem"
      --decompression-image string                image used in an init container in the registry pod to decompress the compressed catalog contents. cat and gzip binaries are expected to exist in the PATH (default "registry.access.redhat.com/ubi8:8.9")
  -h, --help                                      help for bundle
+     --image-pull-policy string                  image pull policy for the registry pod (default "Always")
      --index-image string                        index image in which to inject bundle (default "quay.io/operator-framework/opm:latest")
      --install-mode InstallModeValue             install mode
      --kubeconfig string                         Path to the kubeconfig file to use for CLI requests.
  -n, --namespace string                          If present, namespace scope for this CLI request
      --pull-secret-name string                   Name of image pull secret ("type: kubernetes.io/dockerconfigjson") required to pull bundle images. This secret *must* be both in the namespace and an imagePullSecret of the service account that this command is configured to run in
      --security-context-config SecurityContext   specifies the security context to use for the catalog pod. allowed: 'restricted', 'legacy'. (default legacy)
      --service-account string                    Service account name to bind registry objects to. If unset, the default service account is used. This value does not override the operator's service account
      --skip-tls                                  skip authentication of image registry TLS certificate when pulling a bundle image in-cluster
      --skip-tls-verify                           skip TLS certificate verification for container image registries while pulling bundles
      --timeout duration                          Duration to wait for the command to complete before failing (default 2m0s)
      --use-http                                  use plain HTTP for container image registries while pulling bundles

Global Flags:
      --plugins strings   plugin keys to be used for this subcommand execution
      --verbose           Enable verbose logging

FATA[0000] accepts 1 arg(s), received 0                 
exit status 1

Motivation for the change:
When pushing bundle to temp registry like ttl.sh, images ought to become unavailable eventually. We want pod restarts if any to not result in pull errors. The images will be tagged with a short sha hash so it should be "globally unique" to the user working on a branch.

Fixes #6795

Checklist

If the pull request includes user-facing changes, extra documentation is required:

@kaovilai kaovilai force-pushed the run-bundle-ifnotpresent branch 2 times, most recently from bb4ee45 to 7d78ddf Compare October 30, 2024 17:21
@kaovilai kaovilai changed the title Fix Use IfNotPresent policy when operator-sdk run bundle --if-not-present #6795 Fix Use IfNotPresent policy when operator-sdk run bundle pull-if-not-present #6795 Oct 30, 2024
@kaovilai kaovilai changed the title Fix Use IfNotPresent policy when operator-sdk run bundle pull-if-not-present #6795 Fix Use IfNotPresent policy when operator-sdk run bundle --pull-if-not-present #6795 Oct 30, 2024
@kaovilai kaovilai changed the title Fix Use IfNotPresent policy when operator-sdk run bundle --pull-if-not-present #6795 Fix Allow IfNotPresent policy when operator-sdk run bundle #6795 Oct 30, 2024
@kaovilai kaovilai force-pushed the run-bundle-ifnotpresent branch from 7d78ddf to 5dc05a9 Compare October 30, 2024 19:43
@kaovilai kaovilai force-pushed the run-bundle-ifnotpresent branch from 5dc05a9 to c76ef3c Compare October 31, 2024 03:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Allow IfNotPresent policy when operator-sdk run bundle
3 participants