Set console plugin ns dynamically (#100)

Based on [this](#89 (comment)) discussion in previous PR, Instead of using a hard coded ns for the console plugin, the plugin ns will be set according to the ns of the controller. The controller ns is saved as an env var within the container using [downward API](https://github.com/kubernetes/kubernetes/blob/release-1.0/docs/user-guide/downward-api.md). That way, when setting up controller's manager and creating the plugin resources, we can extract the controller's ns and set it as the console plugin ns as well. The plugin resources don't have a default ns, and are set with a place holder for the ns. That way, if we fail to set the operator ns as the plugins ns, will get back an error.
redhat-best-practices-for-k8s · Aug 5, 2024 · 17bf32f · 17bf32f
1 parent a186da3
commit 17bf32f
Show file tree

Hide file tree

Showing 8 changed files with 26 additions and 9 deletions.
diff --git a/bundle/manifests/cnf-certsuite-operator.clusterserviceversion.yaml b/bundle/manifests/cnf-certsuite-operator.clusterserviceversion.yaml
@@ -125,6 +125,10 @@ spec:
                       fieldPath: metadata.annotations['olm.targetNamespaces']
                 - name: SIDECAR_APP_IMG
                   value: quay.io/testnetworkfunction/cnf-certsuite-operator-sidecar:v0.0.1
+                - name: CONTROLLER_NS
+                  valueFrom:
+                    fieldRef:
+                      fieldPath: metadata.namespace
                 image: quay.io/testnetworkfunction/cnf-certsuite-operator:v0.0.1
                 imagePullPolicy: IfNotPresent
                 livenessProbe:

diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -77,6 +77,10 @@ spec:
               fieldPath: metadata.namespace
         - name: SIDECAR_APP_IMG
           value: quay.io/testnetworkfunction/cnf-certsuite-operator-sidecar:v0.0.1
+        - name: CONTROLLER_NS
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
         image: controller:latest
         name: manager
         imagePullPolicy: IfNotPresent

diff --git a/internal/controller/cnfcertificationsuiterun_controller.go b/internal/controller/cnfcertificationsuiterun_controller.go
@@ -297,7 +297,7 @@ func (r *CnfCertificationSuiteRunReconciler) Reconcile(ctx context.Context, req
 	return ctrl.Result{}, nil
 }
 
-func (r *CnfCertificationSuiteRunReconciler) createSinglePluginResource(filePath string, decoder runtime.Decoder) error {
+func (r *CnfCertificationSuiteRunReconciler) createSinglePluginResource(filePath, ns string, decoder runtime.Decoder) error {
 	logger.Infof("Creating plugin resource: %s", filePath)
 	yamlFile, err := os.ReadFile(filePath)
 	if err != nil {
@@ -311,8 +311,11 @@ func (r *CnfCertificationSuiteRunReconciler) createSinglePluginResource(filePath
 		return err
 	}
 
+	clientObj := obj.(client.Object)
+	clientObj.SetNamespace(ns)
+
 	// Apply the resource to the cluster
-	err = r.Create(context.Background(), obj.(client.Object))
+	err = r.Create(context.Background(), clientObj)
 	if err != nil {
 		logger.Errorf("failed to create plugin resource, err: %v", err)
 		return err
@@ -331,11 +334,17 @@ func (r *CnfCertificationSuiteRunReconciler) CreatePluginResources() error {
 		return err
 	}
 
+	// Get controller's ns to set plugin in same ns
+	controllerNS, found := os.LookupEnv(definitions.ControllerNamespaceEnvVar)
+	if !found {
+		return fmt.Errorf("controller ns env var %q not found", definitions.ControllerNamespaceEnvVar)
+	}
+
 	// Iterate over all plugin's resources
 	decoder := serializer.NewCodecFactory(r.Scheme).UniversalDeserializer()
 	for _, file := range yamlFiles {
 		yamlfilepath := filepath.Join(pluginDir, file.Name())
-		err = r.createSinglePluginResource(yamlfilepath, decoder)
+		err = r.createSinglePluginResource(yamlfilepath, controllerNS, decoder)
 		if err != nil {
 			return err
 		}

diff --git a/internal/controller/definitions/definitions.go b/internal/controller/definitions/definitions.go
@@ -22,6 +22,6 @@ const (
 	PreflightDockerConfigFilePath = CnfPreflightConfigFolder + "/preflight_dockerconfig.json"
 
 	SideCarResultsFolderEnvVar = "TNF_RESULTS_FOLDER"
-
-	SideCarImageEnvVar = "SIDECAR_APP_IMG"
+	SideCarImageEnvVar         = "SIDECAR_APP_IMG"
+	ControllerNamespaceEnvVar  = "CONTROLLER_NS"
 )
diff --git a/plugin/configmap.yaml b/plugin/configmap.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: nginx-configmap
-  namespace: cnf-certsuite-operator
+  namespace: OPERATOR_NS_PLACEHOLDER
   labels:
     app: cnf-certsuite-plugin
     app.kubernetes.io/component: cnf-certsuite-plugin

diff --git a/plugin/console-plugin.yaml b/plugin/console-plugin.yaml
@@ -2,7 +2,7 @@ apiVersion: console.openshift.io/v1
 kind: ConsolePlugin
 metadata:
   name: cnf-certsuite-plugin
-  namespace: cnf-certsuite-operator
+  namespace: OPERATOR_NS_PLACEHOLDER
   labels:
     app: cnf-certsuite-plugin
     app.kubernetes.io/component: cnf-certsuite-plugin

diff --git a/plugin/deployment.yaml b/plugin/deployment.yaml
@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: cnf-certsuite-plugin
-  namespace: cnf-certsuite-operator
+  namespace: OPERATOR_NS_PLACEHOLDER
   labels:
     app: cnf-certsuite-plugin
     app.kubernetes.io/component: cnf-certsuite-plugin

diff --git a/plugin/service.yaml b/plugin/service.yaml
@@ -4,7 +4,7 @@ metadata:
   annotations:
     service.alpha.openshift.io/serving-cert-secret-name: console-serving-cert
   name: cnf-certsuite-plugin
-  namespace: cnf-certsuite-operator
+  namespace: OPERATOR_NS_PLACEHOLDER
   labels:
     app: cnf-certsuite-plugin
     app.kubernetes.io/component: cnf-certsuite-plugin