Add olm operator plug-in framework

Signed-off-by: perdasilva <[email protected]>

Author: perdasilva

pkg/controller/operators/olm/config.go

@@ -37,6 +37,26 @@ type operatorConfig struct {
 	configClient                 configv1client.Interface
 }
 
+func (o *operatorConfig) OperatorClient() operatorclient.ClientInterface {
+	return o.operatorClient
+}
+
+func (o *operatorConfig) ExternalClient() versioned.Interface {
+	return o.externalClient
+}
+
+func (o *operatorConfig) ResyncPeriod() func() time.Duration {
+	return o.resyncPeriod
+}
+
+func (o *operatorConfig) WatchedNamespaces() []string {
+	return o.watchedNamespaces
+}
+
+func (o *operatorConfig) Logger() *logrus.Logger {
+	return o.logger
+}
+
 func (o *operatorConfig) apply(options []OperatorOption) {
 	for _, option := range options {
 		option(o)

pkg/controller/operators/olm/operator.go

@@ -7,11 +7,11 @@ import (
 	"strings"
 	"time"
 
+	"github.com/operator-framework/operator-lifecycle-manager/pkg/controller/operators/olm/plugins"
 	"github.com/sirupsen/logrus"
 	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	extinf "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -61,6 +61,10 @@ var (
 	ErrAPIServiceOwnerConflict = errors.New("unable to adopt APIService")
 )
 
+// this unexported operator plugin slice provides an entrypoint for
+// downstream to inject its own plugins to augment the controller behavior
+var operatorPlugInFactoryFuncs []plugins.OperatorPlugInFactoryFunc
+
 type Operator struct {
 	queueinformer.Operator
 
@@ -91,6 +95,7 @@ type Operator struct {
 	clientAttenuator             *scoped.ClientAttenuator
 	serviceAccountQuerier        *scoped.UserDefinedServiceAccountQuerier
 	clientFactory                clients.Factory
+	plugins                      []plugins.OperatorPlugin
 }
 
 func NewOperator(ctx context.Context, options ...OperatorOption) (*Operator, error) {
@@ -588,6 +593,31 @@ func newOperatorWithConfig(ctx context.Context, config *operatorConfig) (*Operat
 		OverridesBuilderFunc: overridesBuilderFunc.GetDeploymentInitializer,
 	}
 
+	// initialize plugins
+	for _, makePlugIn := range operatorPlugInFactoryFuncs {
+		plugin, err := makePlugIn(ctx, config, op)
+		if err != nil {
+			return nil, fmt.Errorf("error creating plugin: %s", err)
+		}
+		op.plugins = append(op.plugins, plugin)
+	}
+
+	if len(operatorPlugInFactoryFuncs) > 0 {
+		go func() {
+			// block until operator is done
+			<-op.Done()
+
+			// shutdown plug-ins
+			for _, plugin := range op.plugins {
+				if err := plugin.Shutdown(); err != nil {
+					if op.logger != nil {
+						op.logger.Warnf("error shutting down plug-in: %s", err)
+					}
+				}
+			}
+		}()
+	}
+
 	return op, nil
 }
 
@@ -1122,46 +1152,6 @@ func (a *Operator) handleClusterServiceVersionDeletion(obj interface{}) {
 			logger.WithError(err).Warnf("failed to requeue gc event: %v", webhook)
 		}
 	}
-
-	// Conversion webhooks are defined within a CRD.
-	// In an effort to prevent customer dataloss, OLM does not delete CRDs associated with a CSV when it is deleted.
-	// Deleting a CSV that introduced a conversion webhook removes the deployment that serviced the conversion webhook calls.
-	// If a conversion webhook is defined and the service isn't available, all requests against the CR associated with the CRD will fail.
-	// This ultimately breaks kubernetes garbage collection and prevents OLM from reinstalling the CSV as CR validation against the new CRD's
-	// openapiv3 schema fails.
-	// As such, when a CSV is deleted OLM will check if it is being replaced. If the CSV is not being replaced, OLM will remove the conversion
-	// webhook from the CRD definition.
-	csvs, err := a.lister.OperatorsV1alpha1().ClusterServiceVersionLister().ClusterServiceVersions(clusterServiceVersion.GetNamespace()).List(labels.Everything())
-	if err != nil {
-		logger.Errorf("error listing csvs: %v\n", err)
-	}
-	for _, csv := range csvs {
-		if csv.Spec.Replaces == clusterServiceVersion.GetName() {
-			return
-		}
-	}
-
-	for _, desc := range clusterServiceVersion.Spec.WebhookDefinitions {
-		if desc.Type != v1alpha1.ConversionWebhook || len(desc.ConversionCRDs) == 0 {
-			continue
-		}
-
-		for i, crdName := range desc.ConversionCRDs {
-			crd, err := a.lister.APIExtensionsV1().CustomResourceDefinitionLister().Get(crdName)
-			if err != nil {
-				logger.Errorf("error getting CRD %v which was defined in CSVs spec.WebhookDefinition[%d]: %v\n", crdName, i, err)
-				continue
-			}
-
-			copy := crd.DeepCopy()
-			copy.Spec.Conversion.Strategy = apiextensionsv1.NoneConverter
-			copy.Spec.Conversion.Webhook = nil
-
-			if _, err = a.opClient.ApiextensionsInterface().ApiextensionsV1().CustomResourceDefinitions().Update(context.TODO(), copy, metav1.UpdateOptions{}); err != nil {
-				logger.Errorf("error updating conversion strategy for CRD %v: %v\n", crdName, err)
-			}
-		}
-	}
 }
 
 func (a *Operator) removeDanglingChildCSVs(csv *v1alpha1.ClusterServiceVersion) error {

pkg/controller/operators/olm/operator_test.go

@@ -158,7 +158,7 @@ func apiResourcesForObjects(objs []runtime.Object) []*metav1.APIResourceList {
 
 // fakeOperatorConfig is the configuration for a fake operator.
 type fakeOperatorConfig struct {
-	*operatorConfig
+	*OperatorConfig
 
 	recorder          record.EventRecorder
 	namespaces        []string
@@ -247,7 +247,7 @@ func withLogger(logger *logrus.Logger) fakeOperatorOption {
 func NewFakeOperator(ctx context.Context, options ...fakeOperatorOption) (*Operator, error) {
 	// Apply options to default config
 	config := &fakeOperatorConfig{
-		operatorConfig: &operatorConfig{
+		OperatorConfig: &OperatorConfig{
 			resyncPeriod:      queueinformer.ResyncWithJitter(5*time.Minute, 0.1),
 			operatorNamespace: "default",
 			watchedNamespaces: []string{metav1.NamespaceAll},
@@ -288,7 +288,7 @@ func NewFakeOperator(ctx context.Context, options ...fakeOperatorOption) (*Opera
 		}
 	}
 
-	op, err := newOperatorWithConfig(ctx, config.operatorConfig)
+	op, err := newOperatorWithConfig(ctx, config.OperatorConfig)
 	if err != nil {
 		return nil, err
 	}

pkg/controller/operators/olm/plugins/operator_plugin.go

@@ -0,0 +1,37 @@
+package plugins
+
+import (
+	"context"
+	"time"
+
+	"github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned"
+	"github.com/operator-framework/operator-lifecycle-manager/pkg/lib/operatorclient"
+	"github.com/operator-framework/operator-lifecycle-manager/pkg/lib/queueinformer"
+	"github.com/sirupsen/logrus"
+)
+
+// HostOperator is an extensible and observable operator that hosts the plug-in, i.e. which the plug-in is extending
+type HostOperator interface {
+	queueinformer.ObservableOperator
+	queueinformer.ExtensibleOperator
+}
+
+// OperatorConfig gives access to required configuration from the host operator
+type OperatorConfig interface {
+	OperatorClient() operatorclient.ClientInterface
+	ExternalClient() versioned.Interface
+	ResyncPeriod() func() time.Duration
+	WatchedNamespaces() []string
+	Logger() *logrus.Logger
+}
+
+// OperatorPlugin provides a simple interface
+// that can be used to extend the olm operator's functionality
+type OperatorPlugin interface {
+	// Shutdown is called once the host operator is done
+	// to give the plug-in a change to clean up resources if necessary
+	Shutdown() error
+}
+
+// OperatorPlugInFactoryFunc factory function that returns a new instance of a plug-in
+type OperatorPlugInFactoryFunc func(ctx context.Context, config OperatorConfig, hostOperator HostOperator) (OperatorPlugin, error)

pkg/lib/queueinformer/queueinformer_operator.go

@@ -13,8 +13,19 @@ import (
 	"k8s.io/client-go/tools/cache"
 )
 
-// Operator describes a Reconciler that manages a set of QueueInformers.
-type Operator interface {
+// ExtensibleOperator describes a Reconciler that can be extended with additional informers and queue informers
+type ExtensibleOperator interface {
+	// RegisterQueueInformer registers the given QueueInformer with the Operator.
+	// This method returns an error if the Operator has already been started.
+	RegisterQueueInformer(queueInformer *QueueInformer) error
+
+	// RegisterInformer registers an informer with the Operator.
+	// This method returns an error if the Operator has already been started.
+	RegisterInformer(cache.SharedIndexInformer) error
+}
+
+// ObservableOperator describes a Reconciler whose state can be queried
+type ObservableOperator interface {
 	// Ready returns a channel that is closed when the Operator is ready to run.
 	Ready() <-chan struct{}
 
@@ -29,15 +40,12 @@ type Operator interface {
 
 	// HasSynced returns true if the Operator's Informers have synced, false otherwise.
 	HasSynced() bool
+}
 
-	// RegisterQueueInformer registers the given QueueInformer with the Operator.
-	// This method returns an error if the Operator has already been started.
-	RegisterQueueInformer(queueInformer *QueueInformer) error
-
-	// RegisterInformer registers an informer with the Operator.
-	// This method returns an error if the Operator has already been started.
-	RegisterInformer(cache.SharedIndexInformer) error
-
+// Operator describes a Reconciler that manages a set of QueueInformers.
+type Operator interface {
+	ObservableOperator
+	ExtensibleOperator
 	// RunInformers starts the Operator's underlying Informers.
 	RunInformers(ctx context.Context)