Skip to content

Commit

Permalink
Change the OPP policies to adopt OperatorPolicy
Browse files Browse the repository at this point in the history 
Deploying operators with OperatorPolicy has benefits that should be
adopted to help customers get better visibility into the operator
status automatically.

Refs:
 - https://issues.redhat.com/browse/OCPQE-25041

Signed-off-by: Gus Parvin <[email protected]>
(cherry picked from commit 0894bdb)
  • Loading branch information
@gparvin @magic-mirror-bot
gparvin authored and magic-mirror-bot[bot] committed Oct 2, 2024
1 parent bfd0e26 commit 88975f4
Show file tree
Hide file tree
Showing 8 changed files with 106 additions and 118 deletions.
32 changes: 16 additions & 16 deletions ...ator/policy-sets/stable/openshift-plus/input-acs-central/policy-acs-operator-central.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,24 @@ kind: Namespace
metadata:
name: rhacs-operator
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: rhacs-operator-group
namespace: rhacs-operator
spec: {}
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: rhacs-operator
namespace: rhacs-operator
name: operatorpolicy-rhacs-operator
spec:
channel: stable
installPlanApproval: Automatic
name: rhacs-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
operatorGroup:
name: rhacs-operator-group
namespace: rhacs-operator
subscription:
channel: stable
name: rhacs-operator
namespace: rhacs-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: platform.stackrox.io/v1alpha1
kind: Central
Expand Down
44 changes: 18 additions & 26 deletions ...olicy-sets/stable/openshift-plus/input-compliance/policy-compliance-operator-install.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,31 +3,23 @@ kind: Namespace
metadata:
name: openshift-compliance
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: compliance-operator
namespace: openshift-compliance
name: operatorpolicy-comp-operator
spec:
targetNamespaces:
- openshift-compliance
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: compliance-operator
namespace: openshift-compliance
spec:
installPlanApproval: Automatic
name: compliance-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
namespace: openshift-compliance
spec:
displayName: Compliance Operator
status:
phase: Succeeded # check the csv status to determine if operator is running or not
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
operatorGroup:
name: compliance-operator
namespace: openshift-compliance
targetNamespaces:
- openshift-compliance
subscription:
channel: stable
name: compliance-operator
namespace: openshift-compliance
source: redhat-operators
sourceNamespace: openshift-marketplace
10 changes: 0 additions & 10 deletions policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf-status.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,6 @@ status:
- status: "True"
type: Available
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: odf-operator-controller-manager
namespace: openshift-storage
status:
conditions:
- status: "True"
type: Available
---
apiVersion: ocs.openshift.io/v1
kind: StorageCluster
metadata:
Expand Down
34 changes: 17 additions & 17 deletions policygenerator/policy-sets/stable/openshift-plus/input-odf/policy-odf.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,25 +5,25 @@ metadata:
openshift.io/cluster-monitoring: "true"
name: openshift-storage
---
apiVersion: operators.coreos.com/v1alpha2
kind: OperatorGroup
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: openshift-storage-operatorgroup
namespace: openshift-storage
spec:
targetNamespaces:
- openshift-storage
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: odf-operator
namespace: openshift-storage
name: operatorpolicy-odf-operator
spec:
installPlanApproval: Automatic
name: odf-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
operatorGroup:
name: openshift-storage-operatorgroup
namespace: openshift-storage
targetNamespaces:
- openshift-storage
subscription:
name: odf-operator
namespace: openshift-storage
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: odf.openshift.io/v1alpha1
kind: StorageSystem
Expand Down
19 changes: 11 additions & 8 deletions policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-hub-quay-bridge.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: operatorpolicy-quay-bridge-operator
labels:
operators.coreos.com/quay-bridge-operator.openshift-operators: ""
name: quay-bridge-operator
namespace: openshift-operators
spec:
installPlanApproval: Automatic
name: quay-bridge-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
subscription:
name: quay-bridge-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
kind: Secret
type: Opaque
Expand Down
34 changes: 17 additions & 17 deletions policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-install-quay.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,27 +58,27 @@ subjects:
name: create-admin-user
namespace: local-quay
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: local-quay
namespace: local-quay
spec:
targetNamespaces:
- local-quay
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: operatorpolicy-quay-operator
labels:
operators.coreos.com/quay-operator.local-quay: ""
name: quay-operator
namespace: local-quay
spec:
installPlanApproval: Automatic
name: quay-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
operatorGroup:
name: local-quay
namespace: local-quay
targetNamespaces:
- local-quay
subscription:
name: quay-operator
namespace: local-quay
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: v1
data:
Expand Down
19 changes: 11 additions & 8 deletions policygenerator/policy-sets/stable/openshift-plus/input-quay/policy-quay-bridge.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: operatorpolicy-quay-bridge-operator
labels:
operators.coreos.com/quay-bridge-operator.openshift-operators: ""
name: quay-bridge-operator
namespace: openshift-operators
spec:
installPlanApproval: Automatic
name: quay-bridge-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
subscription:
name: quay-bridge-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: quay.redhat.com/v1
kind: QuayIntegration
Expand Down
32 changes: 16 additions & 16 deletions ...icy-sets/stable/openshift-plus/input-sensor/policy-advanced-managed-cluster-security.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,24 +8,24 @@ kind: Namespace
metadata:
name: rhacs-operator
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
apiVersion: policy.open-cluster-management.io/v1beta1
kind: OperatorPolicy
metadata:
name: rhacs-operator-group
namespace: rhacs-operator
spec: {}
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: rhacs-operator
namespace: rhacs-operator
name: operatorpolicy-rhacs-operator
spec:
channel: stable
installPlanApproval: Automatic
name: rhacs-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
remediationAction: enforce
severity: high
complianceType: musthave
upgradeApproval: Automatic
operatorGroup:
name: rhacs-operator-group
namespace: rhacs-operator
subscription:
channel: stable
name: rhacs-operator
namespace: rhacs-operator
source: redhat-operators
sourceNamespace: openshift-marketplace
---
apiVersion: v1
data:
Expand Down

0 comments on commit 88975f4

Please sign in to comment.