You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit migrates the ironic-operator from Operator SDK 1.31.0 to 1.41.1,
following the new project structure and best practices introduced in the newer
SDK version.
Major Changes:
Project Structure Reorganization:
- Moved entry point from root main.go to cmd/main.go
- Created internal/ directory structure following operator-sdk 1.41.1 conventions:
- internal/controller/ - Contains all controllers (moved from controllers/)
- internal/webhook/v1beta1/ - Contains webhook setup functions
- Updated all import paths and package declarations accordingly
Build System Updates:
- Updated Makefile to use operator-sdk v1.41.1
- Updated CONTROLLER_TOOLS_VERSION to v0.16.4 for compatibility
- Updated Dockerfile to use new main.go location
- Updated build and run targets for new project structure
Configuration Enhancements:
- Enhanced certmanager configuration with separate certificates for metrics and webhooks
- Added network-policy configuration for secure traffic control:
- allow-metrics-traffic.yaml - Restricts metrics access to openstack namespace
- allow-webhook-traffic.yaml - Allows webhook traffic from all namespaces
- Enhanced RBAC configuration:
- Added metrics_auth_role.yaml for TokenReview and SubjectAccessReview permissions
- Added ironic_admin_role.yaml for full Ironic resource management
- Updated existing roles with proper operator-sdk 1.41.1 labels and metadata
- Updated manager configuration:
- Added cert_metrics_manager_patch.yaml for TLS certificate mounting
- Added manager_metrics_patch.yaml with kube-rbac-proxy sidecar for secure metrics
- Enhanced Prometheus monitoring with TLS support via monitor_tls_patch.yaml
Controller and Webhook Updates:
- Migrated webhook registration to function-based approach:
- Created SetupIronicWebhookWithManager() function in internal/webhook/v1beta1/
- Updated cmd/main.go to use new webhook setup pattern
- Updated all controller package declarations and imports
- Fixed test imports in tests/functional/suite_test.go
Dependency Management:
- Updated go.mod and go.sum with compatible dependency versions
- Resolved go.work version conflicts
- Maintained compatibility with existing OpenStack operator ecosystem
The upgrade maintains 100% backward compatibility while modernizing the codebase
to align with operator-sdk 1.41.1 best practices for security, monitoring, and
deployment configurations.
All ironic-operator resources continue to function correctly:
- Ironic (main resource with webhooks)
- IronicAPI
- IronicConductor
- IronicInspector
- IronicNeutronAgent
Verified functionality:
- Build: PASS
- Manifests generation: PASS
- Bundle generation: PASS
- Unit tests: PASS
Co-Authored-By: Claude <[email protected]>
Related: https://issues.redhat.com/browse/OSPRH-21958
Copy file name to clipboardExpand all lines: Dockerfile
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -26,7 +26,7 @@ RUN mkdir -p ${DEST_ROOT}/usr/local/bin/
26
26
RUN if [ ! -f $CACHITO_ENV_FILE ]; then go mod download ; fi
27
27
28
28
# Build manager
29
-
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; env ${GO_BUILD_EXTRA_ENV_ARGS} go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager main.go
29
+
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; env ${GO_BUILD_EXTRA_ENV_ARGS} go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager cmd/main.go
0 commit comments