[RFP] Document installation procedure of operators

[metacosm]

Request for proposal

The following ticket describes a RFP to :

• Document how to install operators
• To design a new command to install operators using a CLI
• using a profile of a cluster-role or non cluster-role user

Such investigation is based on the work of OLM to grant access for non cluster-admin users [1], what IBM proposes part of the installation procedure of the Appsody operator [2].

My conclusion is for the moment to stay with a user having - cluster-admin role due to the complexity even for Admin users to configure: sa, role, roleCluster, roleBinding or OperatorGroup

[1] https://github.com/operator-framework/operator-lifecycle-manager/blob/master/doc/design/scoped-operator-install.md#background
[2] https://appsody.dev/docs/using-appsody/building-and-deploying/#rbac-considerations-for-the-use-of-appsody-deploy-and-appsody-operator-commands

User with cluster-admin role

• Install halkyon and related : Tekton, KubeDB using a new command install -o operator1, operator2,... list where the command will:
  • issue a subscription within the namespace of the user if OLM is available
  • install the Operator using Yaml resources files if OLM is not available

Remark: The list of the operators to be installed could be replaced with different profiles: default -> halkyon, tekton + kubedb, ....

User without cluster-admin role

• Document as appsody did how a cluster-admin user can create a :
  • Role with Admin rights,
  • RoleCluster with nodes view rights and
  • RoleBinding for the user deploying in a namespace
• Install halkyon and related as described for user with cluster-admin role

WDYT ? @nainaz @tqvarnst @iocanel