Commit 76936be
feat: Add v1alpha2 for SecretClass, rename experimentalGenerateSamAccountName (#634)
* chore(tilt): Remove CRD handling
* fix(tilt): Trigger rebuild and set built image
* feat(tilt): Support setting a custom Helm values file
* chore: Remove CRD deployment by Helm
All CRDs are now maintained (created and patched) by the operator. They
are no longer deplyoed by Helm and as such are removed from the Helm
Chart templates. A YAML file is still checked in (extra/crds.yaml) to
ensure diffs are visible and tracked by Git.
Co-authored-by: Sebastian Bernauer <[email protected]>
* refactor: Separate CRDs, add SecretClass change
Co-authored-by: Sebastian Bernauer <[email protected]
* feat: Add conversion webhook and CRD maintainer
The operator can now handle CRD conversions via a webhook and maintains
it's own CRDs via the CRD maintainer. As such, it needs permissions to
create and patch CRDs.
Co-authored-by: Sebastian Bernauer <[email protected]>
* chore: Update dependencies
* chore: Mark extra/crds.yaml as generated
* chore: Revert accidental reformat of Cargo.toml
* chore: Update Cargo.nix
* chore: Remove superfluous file
* refactor: Move webhook and CRD maintainer creation into function
* fix: Correctly set Secret namespace for 'tls' SecretClass
* fix: Re-enable custom ca.secret.namespace for 'tls' SecretClass
* test: Fix CRD conversion failures
The current testing script immediately continues to run tests
after all required operators are installed. This can lead to CRD
conversion failures because all resources (this includes custom
ones) are applied by kuttl immediately after. All custom resources
(SecretClasses in this case) use v1alpha1 (to additionally test
the conversion) and as such cannot be converted to the stored
v1alpha2 version when the conversion webhook is not running yet.
To remedy this, a 10 second wait is introduced after the operator
installation. A far better solution is to wait for a Kubernetes
status condition, but that is more involved. I would like to stop
bolting on functionality to the test script and instead move these
features into our new (hopefully coming soon) tooling.
* chore: Bump stackable-operator to 0.100.0
* chore: Apply suggestions
Co-authored-by: Sebastian Bernauer <[email protected]>
* refactor: Move create_webhook_and_maintainer function
* chore: Remove version and instance label from 'tls' SecretClass
* docs: Mark generateSamAccountName as non-experimantal
* fix: Only select Deployment in Service
Co-authored-by: Sebastian Bernauer <[email protected]>
* feat(helm): Use new values in templates
* feat(helm): Gate create, patch permissions for CRDs
---------
Co-authored-by: Techassi <[email protected]>1 parent 0d8cd90 commit 76936be
File tree
35 files changed
+5342
-2403
lines changed- deploy/helm/secret-operator
- crds
- templates
- docs/modules/secret-operator/pages
- extra
- rust/operator-binary
- src
- backend
- tls
- crd
- secret_class
- trust_store
- webhooks
- scripts
35 files changed
+5342
-2403
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | 3 | | |
| 4 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
| 16 | + | |
16 | 17 | | |
17 | 18 | | |
18 | 19 | | |
| |||
0 commit comments