-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updates stf-run-ci setup playbook to use cert-manager in stable-v1 #443
Conversation
…annel For newer OCP versions (OCP >= 4.12), cert-manager should be consumed from the stable-v1 channel. This differs from previous versions of OCP, in which we were consuming cert-manager from the tech-preview channel. The way of installing both operators is different (the tech-preview requires a specific namespace and operator group, whereas the stable-v1 version does not). This change adds a conditional block checking the versions of OCP in which we are running this playbook and executing the installation steps that correspond which each version.
Ran smoke tests on an environment with cert-manager from stable-v1 installed in the way that it is being installed in this patch set to verify sanity of the deployment, it is passing. Some validation of the creation of the subscription should be added, is https://github.com/infrawatch/service-telemetry-operator/blob/master/build/validate_deployment.sh a good place for this? cc @csibbitt @leifmadsen @elfiesmelfie |
We should use the namespace being used by other service-telemetry operators (service-telemetry namespace by default)
👍
I think if the cert-manager doesn't work, then validate_deployment.sh will fail while waiting for the QDR to deploy. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, let's try CI on 4.10 and 4.12
test |
There was some side discussion that we may want to pin testing to the tech-preview channel in all cases where it's available, since that's what we'd expect people to be using if they installed following the docs. If that's the case then we might want to keep this structure and just adjust the versions? |
https://github.com/infrawatch/service-telemetry-operator/blob/master/build/stf-run-ci/tasks/preflight_checks.yml is also an option. With the index-based deployment changes, I'm not sure at which point the cert-manager subscription needs to be checked. |
Considering we will stick to tech-preview for STF up to 1.5.2 we should
For OCP 4.13 we will add dependency resolution and customers are no longer expected to pre-install cert-manager. We will need to reflect those changes in our CI. For that case, the steps followed will look like
|
Related PR #444 Will close this PR once we agreed on the approach |
For newer OCP versions (OCP >= 4.12), cert-manager should be consumed from the stable-v1 channel. This differs from previous versions of OCP, in which we were consuming cert-manager from the tech-preview channel.
The way of installing both operators is different (the tech-preview requires a specific namespace and operator group, whereas the stable-v1 version does not).
This change adds a conditional block checking the versions of OCP in which we are running this playbook and executing the installation steps that correspond which each version.