Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Update Operator to support Gatekeeper v3.5.1 #181

Merged
merged 34 commits into from
Jul 27, 2021
Merged

Update Operator to support Gatekeeper v3.5.1 #181

merged 34 commits into from
Jul 27, 2021

Conversation

font
Copy link
Member

@font font commented Jul 23, 2021
edited
Loading

  • Set Gatekeeper version to v3.5.1
  • make import-manifests
  • Remove v1beta1 CRDs and webhook Gatekeeper configs
  • make update-bindata
  • Update operator Gatekeeper assets for v3.5.1
  • Remove workaround to build Gatekeeper manifests
  • Run actions gatekeeper e2e tests directly
  • Remove duplicate Gatekeeper bats e2e tests
  • Update RELATED_IMAGE_GATEKEEPER version to v3.5.1
  • Update sample configs to use Gatekeeper v3.5.1
  • make bundle
  • Add kubebuilder RBAC marker to CRUD resourcequotas
  • Add RBAC marker to CRUD poddisruptionbudgets
  • make manifests
  • make bundle
  • Update unit tests for Gatekeeper v3.5.1
  • Add audit mutation-status operation for mutation
  • Add unit tests for audit mutation-status operation
  • Add e2e tests for audit mutation-status operation
  • Reorder deletes and creates or updates of assets
  • Always set failure policy to ignore for pods pending
  • Add logs for verifying deployment readiness
  • Update unit tests after reordering CRUD for assets
  • Add DisabledBuiltins field to WebhookConfig
  • make generate
  • make manifests
  • make bundle
  • Add support --disable-opa-builtin argument
  • Update unit tests for --disable-opa-builtin arg
  • Update e2e tests for --disable-opa-builtin arg

ref #179
closes #158

font added 30 commits July 15, 2021 16:22
@font
Set Gatekeeper version to v3.5.1
33bf20a
@font
make import-manifests
0fab940
@font
Remove v1beta1 CRDs and webhook Gatekeeper configs
97e94d2
@font
make update-bindata
48d41c6
@font
Update operator Gatekeeper assets for v3.5.1
5b7495d
@font
Remove workaround to build Gatekeeper manifests
951c672 
Now that Gatekeeper has fixed the kustomize build issues when using a
go-getter URL reference, we can now simply run the make import-manifests
target without the workaround of checking out Gatekeeper and building
the Gatekeeper manifests from source.
@font
Run actions gatekeeper e2e tests directly
8e13c78 
This change now checks out the Gatekeeper repository and runs the bats
e2e tests directly from the Gatekeeper repository instead of maintaining
a duplicate version of the bats tests in the operator repository. This
simplifies maintenance, and if it ever breaks, we can either revert back
to committing the bats tests in the operator repo, or fixing it directly
in the Gatekeeper version release branch.
@font
Remove duplicate Gatekeeper bats e2e tests
3a647ec 
We now rely on the bats e2e tests directly from the Gatekeeper
repository. If this ever breaks, we can revert back to committing the
bats e2e tests here, with any fixes necessary, or fix it in the
Gatekeeper version release branch.
@font
Update RELATED_IMAGE_GATEKEEPER version to v3.5.1
9f85ba7
@font
Update sample configs to use Gatekeeper v3.5.1
fe8da6a
@font
make bundle
e819023
@font
Add kubebuilder RBAC marker to CRUD resourcequotas
83fb438
@font
Add RBAC marker to CRUD poddisruptionbudgets
e210f69
@font
make manifests
a064f5a
@font
make bundle
29102a5
@font
Update unit tests for Gatekeeper v3.5.1
9401087
@font
Add audit mutation-status operation for mutation
5418df7
@font
Add unit tests for audit mutation-status operation
3ebfff9
@font
Add e2e tests for audit mutation-status operation
58c4656
@font
Reorder deletes and creates or updates of assets
6051155 
This update reorders and refactors the deletion and creation/updating of
assets in the following order:
1. Delete the webhook configs.
2. Apply ordered assets i.e. not webhook configs.
3. Apply webhook configs.
4. Delete CRD configs.

This ensures we avoid fatal errors caused by the deletion of CRDs
prior to the deletion or updating of any webhooks and deployments.
@font
Always set failure policy to ignore for pods pending
12bf1b4
@font
Add logs for verifying deployment readiness
ad642bb
@font
Update unit tests after reordering CRUD for assets
753ba82
@font
Add DisabledBuiltins field to WebhookConfig
ab18af2
@font
make generate
b68298f
@font
make manifests
9b1c1ed
@font
make bundle
6bad031
@font
Add support --disable-opa-builtin argument
43eb20c
@font
Update unit tests for --disable-opa-builtin arg
15abaad
@font
Update e2e tests for --disable-opa-builtin arg
d7aef80
font added 4 commits July 26, 2021 10:47
@font
Convert mutation enabled check to be asynchronous
538beef 
This fixes occasional e2e test flakes where checking mutation is enabled
was happening synchronously as soon as the Gatekeeper CR was created.
This now modifies the check to be asynchronous using Eventually.
@font
Use MutatingCRDs global var to check CRDs exist
664793e
@font
Add poll-interval and timeout options to e2e tests
ae928e0
@font
Wait up to 10 minutes for Gatekeeper CR deletion
a5d6580
@font font merged commit 2b0a907 into gatekeeper:master Jul 27, 2021
@font font mentioned this pull request Jul 27, 2021
Open
17 tasks
@font font deleted the gk-v3.5.1 branch August 5, 2021 17:39
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade to Gatekeeper v3.5.1
1 participant
@font