Fix up makefile

Signed-off-by: Per Goncalves da Silva <[email protected]>

Author: Per Goncalves da Silva

cmd/operator-controller/main.go

@@ -22,13 +22,6 @@ import (
 	"errors"
 	"flag"
 	"fmt"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/authorization"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/convert"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/preflights/crdupgradesafety"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/certproviders"
-	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/registryv1"
-	apiextensionsv1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -38,7 +31,8 @@ import (
 	"github.com/containers/image/v5/types"
 	"github.com/spf13/cobra"
 	rbacv1 "k8s.io/api/rbac/v1"
-	"k8s.io/apimachinery/pkg/labels"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	apiextensionsv1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
 	k8slabels "k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/selection"
 	k8stypes "k8s.io/apimachinery/pkg/types"
@@ -66,13 +60,19 @@ import (
 	"github.com/operator-framework/operator-controller/internal/operator-controller/action"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/applier"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/authentication"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/authorization"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/catalogmetadata/cache"
 	catalogclient "github.com/operator-framework/operator-controller/internal/operator-controller/catalogmetadata/client"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/contentmanager"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/controllers"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/features"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/finalizers"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/resolve"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/convert"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/preflights/crdupgradesafety"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/certproviders"
+	"github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/render/registryv1"
 	"github.com/operator-framework/operator-controller/internal/operator-controller/scheme"
 	sharedcontrollers "github.com/operator-framework/operator-controller/internal/shared/controllers"
 	fsutil "github.com/operator-framework/operator-controller/internal/shared/util/fs"
@@ -439,9 +439,17 @@ func run() error {
 
 	if features.OperatorControllerFeatureGate.Enabled(features.BoxcutterRuntime) {
 		// TODO: add support for preflight checks
+		// TODO: better scheme handling - which types do we want to support?
+		_ = apiextensionsv1.AddToScheme(mgr.GetScheme())
 		extApplier = &applier.Boxcutter{
 			Client: mgr.GetClient(),
 			Scheme: mgr.GetScheme(),
+			RevisionGenerator: &applier.SimpleRevisionGenerator{
+				Scheme: mgr.GetScheme(),
+				BundleRenderer: &applier.RegistryV1BundleRenderer{
+					BundleRenderer: registryv1.Renderer,
+				},
+			},
 		}
 		ctrlBuilderOpts = append(ctrlBuilderOpts, controllers.WithOwns(&ocv1.ClusterExtensionRevision{}))
 	} else {
@@ -470,46 +478,6 @@ func run() error {
 		return err
 	}
 
-	// Boxcutter
-	discoveryClient, err := discovery.NewDiscoveryClientForConfig(restConfig)
-	if err != nil {
-		setupLog.Error(err, "unable to create discovery client")
-		return err
-	}
-	mapFunc := func(ctx context.Context, ce *ocv1.ClusterExtension, c *rest.Config, o crcache.Options) (*rest.Config, crcache.Options, error) {
-		saKey := client.ObjectKey{
-			Name:      ce.Spec.ServiceAccount.Name,
-			Namespace: ce.Spec.Namespace,
-		}
-		saConfig := rest.AnonymousClientConfig(c)
-		saConfig.Wrap(func(rt http.RoundTripper) http.RoundTripper {
-			return &authentication.TokenInjectingRoundTripper{
-				Tripper:     rt,
-				TokenGetter: tokenGetter,
-				Key:         saKey,
-			}
-		})
-
-		// Cache scoping
-		req1, err := labels.NewRequirement(
-			controllers.ClusterExtensionRevisionOwnerLabel, selection.Equals, []string{ce.Name})
-		if err != nil {
-			return nil, o, err
-		}
-		o.DefaultLabelSelector = labels.NewSelector().Add(*req1)
-
-		return saConfig, o, nil
-	}
-
-	accessManager := managedcache.NewObjectBoundAccessManager(
-		ctrl.Log.WithName("accessmanager"), mapFunc, restConfig, crcache.Options{
-			Scheme: mgr.GetScheme(), Mapper: mgr.GetRESTMapper(),
-		})
-	if err := mgr.Add(accessManager); err != nil {
-		setupLog.Error(err, "unable to register AccessManager")
-		return err
-	}
-
 	if err = (&controllers.ClusterExtensionReconciler{
 		Client:                cl,
 		Resolver:              resolver,
@@ -524,15 +492,59 @@ func run() error {
 		return err
 	}
 
-	if err = (&controllers.ClusterExtensionRevisionReconciler{
-		Client:          cl,
-		AccessManager:   accessManager,
-		Scheme:          mgr.GetScheme(),
-		RestMapper:      mgr.GetRESTMapper(),
-		DiscoveryClient: discoveryClient,
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "ClusterExtension")
-		return err
+	if features.OperatorControllerFeatureGate.Enabled(features.BoxcutterRuntime) {
+		// Boxcutter
+		discoveryClient, err := discovery.NewDiscoveryClientForConfig(restConfig)
+		if err != nil {
+			setupLog.Error(err, "unable to create discovery client")
+			return err
+		}
+		mapFunc := func(ctx context.Context, ce *ocv1.ClusterExtension, c *rest.Config, o crcache.Options) (*rest.Config, crcache.Options, error) {
+			saKey := client.ObjectKey{
+				Name:      ce.Spec.ServiceAccount.Name,
+				Namespace: ce.Spec.Namespace,
+			}
+			saConfig := rest.AnonymousClientConfig(c)
+			saConfig.Wrap(func(rt http.RoundTripper) http.RoundTripper {
+				return &authentication.TokenInjectingRoundTripper{
+					Tripper:     rt,
+					TokenGetter: tokenGetter,
+					Key:         saKey,
+				}
+			})
+
+			// Cache scoping
+			req1, err := k8slabels.NewRequirement(
+				controllers.ClusterExtensionRevisionOwnerLabel, selection.Equals, []string{ce.Name})
+			if err != nil {
+				return nil, o, err
+			}
+			o.DefaultLabelSelector = k8slabels.NewSelector().Add(*req1)
+
+			return saConfig, o, nil
+		}
+
+		accessManager := managedcache.NewObjectBoundAccessManager(
+			ctrl.Log.WithName("accessmanager"), mapFunc, restConfig, crcache.Options{
+				Scheme: mgr.GetScheme(), Mapper: mgr.GetRESTMapper(),
+			})
+		if err := mgr.Add(accessManager); err != nil {
+			setupLog.Error(err, "unable to register AccessManager")
+			return err
+		}
+
+		if err = (&controllers.ClusterExtensionRevisionReconciler{
+			Client: cl,
+			RevisionManager: &controllers.OLMRevisionEngineGetter{
+				AccessManager:   accessManager,
+				Scheme:          mgr.GetScheme(),
+				RestMapper:      mgr.GetRESTMapper(),
+				DiscoveryClient: discoveryClient,
+			},
+		}).SetupWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create controller", "controller", "ClusterExtension")
+			return err
+		}
 	}
 
 	if err = (&controllers.ClusterCatalogReconciler{

config/base/operator-controller/rbac/standard/role.yaml

@@ -27,10 +27,8 @@ rules:
 - apiGroups:
   - olm.operatorframework.io
   resources:
-  - clusterextensionrevisions
+  - clusterextensions
   verbs:
-  - create
-  - delete
   - get
   - list
   - patch
@@ -39,28 +37,16 @@ rules:
 - apiGroups:
   - olm.operatorframework.io
   resources:
-  - clusterextensionrevisions/finalizers
   - clusterextensions/finalizers
   verbs:
   - update
 - apiGroups:
   - olm.operatorframework.io
   resources:
-  - clusterextensionrevisions/status
   - clusterextensions/status
   verbs:
   - patch
   - update
-- apiGroups:
-  - olm.operatorframework.io
-  resources:
-  - clusterextensions
-  verbs:
-  - get
-  - list
-  - patch
-  - update
-  - watch
 - apiGroups:
   - rbac.authorization.k8s.io
   resources:

config/samples/olm_v1_clusterextension.yaml

@@ -33,6 +33,10 @@ rules:
   resources: [clusterextensions/finalizers]
   verbs: [update]
   resourceNames: [argocd]
+# Allow ClusterExtensionRevisions to set blockOwnerDeletion ownerReferences
+- apiGroups: [olm.operatorframework.io]
+  resources: [clusterextensionrevisions/finalizers]
+  verbs: [update]
 # Manage ArgoCD CRDs
 - apiGroups: [apiextensions.k8s.io]
   resources: [customresourcedefinitions]

docs/api-reference/crd-ref-docs-gen-config.yaml

@@ -1,5 +1,5 @@
 processor:
-  ignoreTypes: []
+  ignoreTypes: [ClusterExtensionRevision, ClusterExtensionRevisionList]
   ignoreFields: []
 
 render: