openshift · openshift-merge-robot · Aug 4, 2023 · Jul 19, 2023 · Jul 25, 2023 · Jul 28, 2023
diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/mikefarah/yq/v3 v3.0.0-20201202084205-8846255d1c37
 	github.com/onsi/ginkgo/v2 v2.9.5
 	github.com/openshift/api v3.9.0+incompatible
-	github.com/operator-framework/api v0.17.7
+	github.com/operator-framework/api v0.17.8-0.20230803152844-704ae942c4a9
 	github.com/operator-framework/operator-lifecycle-manager v0.0.0-00010101000000-000000000000
 	github.com/operator-framework/operator-registry v1.27.1
 	github.com/sirupsen/logrus v1.9.2
@@ -68,7 +68,7 @@ require (
 	github.com/distribution/distribution v2.7.1+incompatible // indirect
 	github.com/docker/cli v23.0.1+incompatible // indirect
 	github.com/docker/distribution v2.8.2+incompatible // indirect
-	github.com/docker/docker v23.0.1+incompatible // indirect
+	github.com/docker/docker v23.0.3+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.7.0 // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect

diff --git a/go.sum b/go.sum
@@ -185,8 +185,8 @@ github.com/docker/cli v23.0.1+incompatible h1:LRyWITpGzl2C9e9uGxzisptnxAn1zfZKXy
 github.com/docker/cli v23.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v0.0.0-20191216044856-a8371794149d h1:jC8tT/S0OGx2cswpeUTn4gOIea8P08lD3VFQT0cOZ50=
 github.com/docker/distribution v0.0.0-20191216044856-a8371794149d/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY=
-github.com/docker/docker v23.0.1+incompatible h1:vjgvJZxprTTE1A37nm+CLNAdwu6xZekyoiVlUZEINcY=
-github.com/docker/docker v23.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v23.0.3+incompatible h1:9GhVsShNWz1hO//9BNg/dpMnZW25KydO4wtVxWAIbho=
+github.com/docker/docker v23.0.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
 github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=

diff --git a/manifests/0000_50_olm_00-catalogsources.crd.yaml b/manifests/0000_50_olm_00-catalogsources.crd.yaml
@@ -534,6 +534,13 @@ spec:
                                   topologyKey:
                                     description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                     type: string
+                    memoryTarget:
+                      description: "MemoryTarget configures the $GOMEMLIMIT value for the gRPC catalog Pod. This is a soft memory limit for the server, which the runtime will attempt to meet but makes no guarantees that it will do so. If this value is set, the Pod will have the following modifications made to the container running the server: - the $GOMEMLIMIT environment variable will be set to this value in bytes - the memory request will be set to this value - the memory limit will be set to 200% of this value \n This field should be set if it's desired to reduce the footprint of a catalog server as much as possible, or if a catalog being served is very large and needs more than the default allocation. If your index image has a file- system cache, determine a good approximation for this value by doubling the size of the package cache at /tmp/cache/cache/packages.json in the index image. \n This field is best-effort; if unset, no default will be used and no Pod memory limit or $GOMEMLIMIT value will be set."
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      anyOf:
+                        - type: integer
+                        - type: string
+                      x-kubernetes-int-or-string: true
                     nodeSelector:
                       description: NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node.
                       type: object

diff --git a/staging/api/.github/workflows/go.yaml b/staging/api/.github/workflows/go.yaml
@@ -33,7 +33,6 @@ jobs:
     - uses: codecov/codecov-action@v3
       with:
         files: cover.out
-        fail_ci_if_error: true
         functionalities: fixes
 
   go-apidiff:

diff --git a/staging/api/crds/operators.coreos.com_catalogsources.yaml b/staging/api/crds/operators.coreos.com_catalogsources.yaml
@@ -532,6 +532,13 @@ spec:
                                   topologyKey:
                                     description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
                                     type: string
+                    memoryTarget:
+                      description: "MemoryTarget configures the $GOMEMLIMIT value for the gRPC catalog Pod. This is a soft memory limit for the server, which the runtime will attempt to meet but makes no guarantees that it will do so. If this value is set, the Pod will have the following modifications made to the container running the server: - the $GOMEMLIMIT environment variable will be set to this value in bytes - the memory request will be set to this value - the memory limit will be set to 200% of this value \n This field should be set if it's desired to reduce the footprint of a catalog server as much as possible, or if a catalog being served is very large and needs more than the default allocation. If your index image has a file- system cache, determine a good approximation for this value by doubling the size of the package cache at /tmp/cache/cache/packages.json in the index image. \n This field is best-effort; if unset, no default will be used and no Pod memory limit or $GOMEMLIMIT value will be set."
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      anyOf:
+                        - type: integer
+                        - type: string
+                      x-kubernetes-int-or-string: true
                     nodeSelector:
                       description: NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node.
                       type: object

diff --git a/staging/api/crds/zz_defs.go b/staging/api/crds/zz_defs.go
diff --git a/staging/api/pkg/operators/v1alpha1/catalogsource_types.go b/staging/api/pkg/operators/v1alpha1/catalogsource_types.go
@@ -7,6 +7,7 @@ import (
 
 	"github.com/sirupsen/logrus"
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 )
@@ -145,6 +146,21 @@ type GrpcPodConfig struct {
 	// +kubebuilder:validation:Enum=legacy;restricted
 	// +kubebuilder:default:=legacy
 	SecurityContextConfig SecurityConfig `json:"securityContextConfig,omitempty"`
+
+	// MemoryTarget configures the $GOMEMLIMIT value for the gRPC catalog Pod. This is a soft memory limit for the server,
+	// which the runtime will attempt to meet but makes no guarantees that it will do so. If this value is set, the Pod
+	// will have the following modifications made to the container running the server:
+	// - the $GOMEMLIMIT environment variable will be set to this value in bytes
+	// - the memory request will be set to this value
+	// - the memory limit will be set to 200% of this value
+	//
+	// This field should be set if it's desired to reduce the footprint of a catalog server as much as possible, or if
+	// a catalog being served is very large and needs more than the default allocation. If your index image has a file-
+	// system cache, determine a good approximation for this value by doubling the size of the package cache at
+	// /tmp/cache/cache/packages.json in the index image.
+	//
+	// This field is best-effort; if unset, no default will be used and no Pod memory limit or $GOMEMLIMIT value will be set.
+	MemoryTarget *resource.Quantity `json:"memoryTarget,omitempty"`
 }
 
 // UpdateStrategy holds all the different types of catalog source update strategies

diff --git a/staging/api/pkg/operators/v1alpha1/clusterserviceversion.go b/staging/api/pkg/operators/v1alpha1/clusterserviceversion.go
@@ -120,12 +120,19 @@ func (c *ClusterServiceVersion) IsObsolete() bool {
 
 // IsCopied returns true if the CSV has been copied and false otherwise.
 func (c *ClusterServiceVersion) IsCopied() bool {
-	operatorNamespace, ok := c.GetAnnotations()[OperatorGroupNamespaceAnnotationKey]
-	if c.Status.Reason == CSVReasonCopied || ok && c.GetNamespace() != operatorNamespace {
-		return true
+	return c.Status.Reason == CSVReasonCopied || IsCopied(c)
+}
+
+func IsCopied(o metav1.Object) bool {
+	annotations := o.GetAnnotations()
+	if annotations != nil {
+		operatorNamespace, ok := annotations[OperatorGroupNamespaceAnnotationKey]
+		if ok && o.GetNamespace() != operatorNamespace {
+			return true
+		}
 	}
 
-	if labels := c.GetLabels(); labels != nil {
+	if labels := o.GetLabels(); labels != nil {
 		if _, ok := labels[CopiedLabelKey]; ok {
 			return true
 		}

diff --git a/staging/api/pkg/operators/v1alpha1/clusterserviceversion_test.go b/staging/api/pkg/operators/v1alpha1/clusterserviceversion_test.go
@@ -430,3 +430,68 @@ func helperNewConditions(count int) []ClusterServiceVersionCondition {
 
 	return conditions
 }
+
+func TestIsCopied(t *testing.T) {
+	var testCases = []struct {
+		name     string
+		input    metav1.Object
+		expected bool
+	}{
+		{
+			name:     "no labels or annotations",
+			input:    &metav1.ObjectMeta{},
+			expected: false,
+		},
+		{
+			name: "no labels, has annotations but missing operatorgroup namespace annotation",
+			input: &metav1.ObjectMeta{
+				Annotations: map[string]string{},
+			},
+			expected: false,
+		},
+		{
+			name: "no labels, has operatorgroup namespace annotation matching self",
+			input: &metav1.ObjectMeta{
+				Namespace: "whatever",
+				Annotations: map[string]string{
+					"olm.operatorNamespace": "whatever",
+				},
+			},
+			expected: false,
+		},
+		{
+			name: "no labels, has operatorgroup namespace annotation not matching self",
+			input: &metav1.ObjectMeta{
+				Namespace: "whatever",
+				Annotations: map[string]string{
+					"olm.operatorNamespace": "other",
+				},
+			},
+			expected: true,
+		},
+		{
+			name: "no annotations, labels missing copied key",
+			input: &metav1.ObjectMeta{
+				Labels: map[string]string{},
+			},
+			expected: false,
+		},
+		{
+			name: "no annotations, labels has copied key",
+			input: &metav1.ObjectMeta{
+				Labels: map[string]string{
+					"olm.copiedFrom": "whatever",
+				},
+			},
+			expected: true,
+		},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			if got, expected := IsCopied(testCase.input), testCase.expected; got != expected {
+				t.Errorf("got %v, expected %v", got, expected)
+			}
+		})
+	}
+}
diff --git a/staging/api/pkg/operators/v1alpha1/zz_generated.deepcopy.go b/staging/api/pkg/operators/v1alpha1/zz_generated.deepcopy.go
diff --git a/staging/api/pkg/validation/internal/csv.go b/staging/api/pkg/validation/internal/csv.go
@@ -3,6 +3,7 @@ package internal
 import (
 	"encoding/json"
 	"fmt"
+	"github.com/blang/semver/v4"
 	"io"
 	"reflect"
 	"strings"
@@ -45,6 +46,8 @@ func validateCSV(csv *v1alpha1.ClusterServiceVersion) errors.ManifestResult {
 	result.Add(validateExamplesAnnotations(csv)...)
 	// validate installModes
 	result.Add(validateInstallModes(csv)...)
+	// validate min Kubernetes version
+	result.Add(validateMinKubeVersion(*csv)...)
 	// check missing optional/mandatory fields.
 	result.Add(checkFields(*csv)...)
 	// validate case sensitive annotation names
@@ -240,3 +243,15 @@ func validateVersionKind(csv *v1alpha1.ClusterServiceVersion) (errs []errors.Err
 	}
 	return
 }
+
+// validateMinKubeVersion checks format of spec.minKubeVersion field
+func validateMinKubeVersion(csv v1alpha1.ClusterServiceVersion) (errs []errors.Error) {
+	if len(strings.TrimSpace(csv.Spec.MinKubeVersion)) == 0 {
+		errs = append(errs, errors.WarnInvalidCSV(minKubeVersionWarnMessage, csv.GetName()))
+	} else {
+		if _, err := semver.Parse(csv.Spec.MinKubeVersion); err != nil {
+			errs = append(errs, errors.ErrInvalidCSV(fmt.Sprintf("csv.Spec.MinKubeVersion has an invalid value: %s", csv.Spec.MinKubeVersion), csv.GetName()))
+		}
+	}
+	return errs
+}
diff --git a/staging/api/pkg/validation/internal/csv_test.go b/staging/api/pkg/validation/internal/csv_test.go
@@ -6,8 +6,9 @@ import (
 	"path/filepath"
 	"testing"
 
-	"github.com/ghodss/yaml"
 	operatorsv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1"
+
+	"github.com/ghodss/yaml"
 	"github.com/operator-framework/api/pkg/validation/errors"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
@@ -107,6 +108,16 @@ func TestValidateCSV(t *testing.T) {
 			},
 			filepath.Join("testdata", "correct.csv.olm.properties.annotation.yaml"),
 		},
+		{
+			validatorFuncTest{
+				description: "should fail when spec.minKubeVersion is not in semantic version format",
+				wantErr:     true,
+				errors: []errors.Error{
+					errors.ErrInvalidCSV(`csv.Spec.MinKubeVersion has an invalid value: 1.21`, "test-operator.v0.0.1"),
+				},
+			},
+			filepath.Join("testdata", "invalid_min_kube_version.csv.yaml"),
+		},
 	}
 
 	for _, c := range cases {

diff --git a/staging/api/pkg/validation/internal/operatorhub.go b/staging/api/pkg/validation/internal/operatorhub.go
@@ -240,7 +240,7 @@ func checkSpecMinKubeVersion(checks CSVChecks) CSVChecks {
 	if len(strings.TrimSpace(checks.csv.Spec.MinKubeVersion)) == 0 {
 		checks.warns = append(checks.warns, fmt.Errorf(minKubeVersionWarnMessage))
 	} else {
-		if _, err := semver.ParseTolerant(checks.csv.Spec.MinKubeVersion); err != nil {
+		if _, err := semver.Parse(checks.csv.Spec.MinKubeVersion); err != nil {
 			checks.errs = append(checks.errs, fmt.Errorf("csv.Spec.MinKubeVersion has an invalid value: %s", checks.csv.Spec.MinKubeVersion))
 		}
 	}

diff --git a/staging/api/pkg/validation/internal/operatorhub_test.go b/staging/api/pkg/validation/internal/operatorhub_test.go
@@ -218,7 +218,7 @@ func TestCheckSpecMinKubeVersion(t *testing.T) {
 	}{
 		{
 			name: "should work with a valid value",
-			args: args{minKubeVersion: "1.16"},
+			args: args{minKubeVersion: "1.16.0"},
 		},
 		{
 			name:        "should return a warning when the minKubeVersion is not informed ",

diff --git a/staging/api/pkg/validation/internal/testdata/badAnnotationNames.csv.yaml b/staging/api/pkg/validation/internal/testdata/badAnnotationNames.csv.yaml
@@ -14,6 +14,7 @@ metadata:
     alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":["<etcd-cluster-endpoints>"],"storageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}}]'
     description: etcd is a distributed key value store providing a reliable way to store data across a cluster of machines.
 spec:
+  minKubeVersion: 1.21.0
   displayName: etcd
   description: |
     etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.

diff --git a/staging/api/pkg/validation/internal/testdata/badName.csv.yaml b/staging/api/pkg/validation/internal/testdata/badName.csv.yaml
@@ -11,6 +11,7 @@ metadata:
     alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":["<etcd-cluster-endpoints>"],"storageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}}]'
     description: etcd is a distributed key value store providing a reliable way to store data across a cluster of machines.
 spec:
+  minKubeVersion: 1.21.0
   displayName: etcd
   description: something
   keywords: ['etcd', 'key value', 'database', 'coreos', 'open source']

diff --git a/staging/api/pkg/validation/internal/testdata/correct.csv.empty.example.yaml b/staging/api/pkg/validation/internal/testdata/correct.csv.empty.example.yaml
@@ -8,6 +8,7 @@ metadata:
   annotations:
     "alm-examples": ""
 spec:
+  minKubeVersion: 1.21.0
   version: 0.9.0
   installModes:
   - type: AllNamespaces

diff --git a/staging/api/pkg/validation/internal/testdata/correct.csv.olm.properties.annotation.yaml b/staging/api/pkg/validation/internal/testdata/correct.csv.olm.properties.annotation.yaml
@@ -9,6 +9,7 @@ metadata:
     alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":["<etcd-cluster-endpoints>"],"storageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}}]'
     olm.properties: '[{"type": "foo", "value": "bar"}]'
 spec:
+  minKubeVersion: 1.21.0
   version: 0.9.0
   installModes:
   - type: AllNamespaces

diff --git a/staging/api/pkg/validation/internal/testdata/correct.csv.with.conversion.webhook.yaml b/staging/api/pkg/validation/internal/testdata/correct.csv.with.conversion.webhook.yaml
@@ -11,6 +11,7 @@ metadata:
     alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":["<etcd-cluster-endpoints>"],"storageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}}]'
     description: etcd is a distributed key value store providing a reliable way to store data across a cluster of machines.
 spec:
+  minKubeVersion: 1.21.0
   displayName: etcd
   description: |
     etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.

diff --git a/staging/api/pkg/validation/internal/testdata/correct.csv.yaml b/staging/api/pkg/validation/internal/testdata/correct.csv.yaml
@@ -11,6 +11,7 @@ metadata:
     alm-examples: '[{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdCluster","metadata":{"name":"example","namespace":"default"},"spec":{"size":3,"version":"3.2.13"}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdRestore","metadata":{"name":"example-etcd-cluster"},"spec":{"etcdCluster":{"name":"example-etcd-cluster"},"backupStorageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}},{"apiVersion":"etcd.database.coreos.com/v1beta2","kind":"EtcdBackup","metadata":{"name":"example-etcd-cluster-backup"},"spec":{"etcdEndpoints":["<etcd-cluster-endpoints>"],"storageType":"S3","s3":{"path":"<full-s3-path>","awsSecret":"<aws-secret>"}}}]'
     description: etcd is a distributed key value store providing a reliable way to store data across a cluster of machines.
 spec:
+  minKubeVersion: 1.21.0
   displayName: etcd
   description: |
     etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines. It’s open-source and available on GitHub. etcd gracefully handles leader elections during network partitions and will tolerate machine failure, including the leader. Your applications can read and write data into etcd.