[WIP-DON'T MERGE YET] update pattern deletion logic#469
[WIP-DON'T MERGE YET] update pattern deletion logic#469dminnear-rh wants to merge 17 commits intovalidatedpatterns:mainfrom
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dminnear-rh The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
dminnear-rh
force-pushed
the
pattern-delete
branch
from
83788a6 to
9aab6c0
Compare
|
/recheck |
|
/lgtm |
|
/recheck |
1 similar comment
|
/recheck |
dminnear-rh
changed the title
dminnear-rh
force-pushed
the
pattern-delete
branch
from
9aab6c0 to
c04e182
Compare
|
New changes are detected. LGTM label has been removed. |
dminnear-rh
force-pushed
the
pattern-delete
branch
from
c04e182 to
8ff052c
Compare
this commit includes two key changes: 1. A sync with prune is triggered to remove all applications part of the pattern BEFORE the subscriptions and other resources are deleted to prevent applications from becoming undeleteable if CRs, webhooks, etc disappear. 2. Subscription for openshift-gitops is no longer owned by pattern instances. Previously, deleting a pattern would delete this subscription and a new subscription would not be able to be created on the reinstall of a pattern since the CSV still existed. The subscription is necessary since it sets the env var ARGOCD_CLUSTER_CONFIG_NAMESPACES to '*'. Without the subscription the ArgoCD instance created by the new pattern would be created in namespaced mode and many charts like vault will not install since they try to create clusterwide resources like clusterrolebindings
… to determine if sync is in progress during finalization of pattern
dminnear-rh
force-pushed
the
pattern-delete
branch
from
ce76df7 to
9efac33
Compare
| } else { | ||
| return r.actionPerformed(qualifiedInstance, "error getting operator configmap", err) | ||
| } | ||
|
|
There was a problem hiding this comment.
Can you add a comment as to why we transfer ownership for our future selves?
There was a problem hiding this comment.
There is a comment a couple lines below where the update happens that I've now expanded a bit. Reproducing for convenience on this comment:
Historically the subscription was owned by the pattern, not the operator. If this is the case,
we update the owner reference to the operator itself. When the subscription is owned by the pattern,
deleting the pattern removes the subscription and some, but not all, argo resources. This causes
subsequent pattern installations to try to start argo in namespaced mode and any charts requiring
cluster-wide access, like Vault, will fail to install. Having the subscription owned by the operator
allows subsequent pattern installations to reuse the openshift gitops operator already on the cluster.
Is this good enough? I'm happy to improve it if it's not clear
This is needed for the pattern operator to be able to fetch the resources from spoke clusters via open-cluster-management search-api.
Remove dead code bits, and return true only if there is actually managed clusters other than the local-cluster
Remove dead code bits, and return true only if there is actually managed clusters other than the local-cluster
Cleanup, add deletion phases to cover proper ordering
We only sync now with prune if its a must
dminnear-rh
force-pushed
the
pattern-delete
branch
from
9efac33 to
2a62da8
Compare
|
/retest |
|
@dminnear-rh: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
3 participants
this commit includes two key changes: