-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade operator-sdk #83
Conversation
In order to run |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wow! This a huge change. Thanks for putting in all this effort!
I haven't successfully run this yet, because I was trying to deploy it using the helm chart, which is not compatible with these changes. However, we should have a chat with Phil before deciding on the next steps for the helm chart. At first glance, it appears that we can replace the helm chart with all these new Kustomize changes.
I wanted to submit my initial review now, so I can unblock your work. I'll see if I can get this new version of the operator deployed on my machine on Monday.
Dockerfile
Outdated
@@ -0,0 +1,29 @@ | |||
# Build the terraform-k8s binary | |||
FROM golang:1.13 as builder |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In order to match go.mod, we should use 1.15
here. Optionally, we could also use the alpine version of the image, to save some time downloading: golang:1.15-alpine
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FROM golang:1.13 as builder | |
FROM golang:1.15 as builder |
Dockerfile
Outdated
COPY api/ api/ | ||
COPY controllers/ controllers/ | ||
COPY version/ version/ | ||
COPY workspacehelper/ workspacehelper/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can save some build time and disk space if you replace all the COPY
statements with a single copy statement:
COPY . .
That will grab the entire directory and save you from having to create 6 layers.
Makefile
Outdated
go get sigs.k8s.io/controller-tools/cmd/[email protected] ;\ | ||
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\ | ||
} | ||
CONTROLLER_GEN=$(GOBIN)/controller-gen |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This section could be replaced with go install sigs.k8s.io/controller-tools/cmd/controller-gen
Thanks for the massive review ! I just adopted the Makefile generated by the SDK, but your suggestions make sense. I will get back with changes :) . In order for our helm template to work I had to do the following changes locally (after copying the latest CRD from hashicorp/terraform-k8s)
|
The change above also stops us from needing /bin/sh |
Thanks, that's good to know that you were able to get the operator running using the helm repo. Those changes you gave me will help to test it. Although we will need a PR to get those changes into the helm repo, if that's the path we're going to take. I didn't make those changes to my local helm repo yet, because I didn't think it would be ok to have a specific version of the helm repo tied to a specific version of the operator. (I'm concerned about what our responsibility might be regarding backwards compatibility between the helm repo and the operator). This morning I was close to getting the operator to deploy using just kustomize, which I think is a neat option, since it's built into kubectl ( Before continuing with this operator PR, I wanted to get an answer this question: Because depending on the answer to that question, we might either deploy this change using kustomize, or make some changes to the helm repo, or make some other changes to this PR which would ensure backwards-compatibility. Due to the prioritization of a different project, I won't be able to take another look at this PR until January. But maybe by then we'll have the answer to that question and know which direction to take it. |
Dockerfile
Outdated
FROM alpine:3.12.1 | ||
WORKDIR / | ||
COPY --from=builder /workspace/terraform-k8s . | ||
USER nonroot:nonroot |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried to run this image today. It built successfully, but in my cluster it gave me this error:
Warning Failed 0s (x4 over 53s) kubelet, minikube Error: failed to start container "terraform-sync-workspace": Error response from daemon: unable to find user nonroot: no matching entries in passwd file
I tried running it manually too. Looks like we'll have to choose another user, since the one specified in this Dockerfile does not exist.
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/terraform-k8s-dev latest 586fbea58e79 4 minutes ago 54.8 MB
$ docker run -ti --rm 586fbea58e79 /bin/bash
Error: unable to find user nonroot: no matching entries in passwd file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah this is probably due to the change from distroless to alpine. I will switch it to nobody that I know for a fact it exists in the alpine image.
Dockerfile
Outdated
COPY main.go main.go | ||
COPY api/ api/ | ||
COPY controllers/ controllers/ | ||
COPY version/ version/ | ||
COPY workspacehelper/ workspacehelper/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
COPY main.go main.go | |
COPY api/ api/ | |
COPY controllers/ controllers/ | |
COPY version/ version/ | |
COPY workspacehelper/ workspacehelper/ | |
COPY . . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I finally got it all running on TFC and TFE using the branch you gave me from the terraform-helm repo. (new_sdk
) Let's get a PR for that branch next, since it's all tested and working. This looks good! Thanks again.
Squashed and rebased. |
Unlike other upgrades this one comes is quite invasive because of the SDK's attempts to move to a structure like the one used in kubebuilder and eventually at some point in the future merge the two projects.
I've also pushed a branch called |
This PR upgrades the operator to the latest version of the operator SDK used.
Unlike other upgrades this one comes is quite invasive because of the SDK's attempts to
move to a structure like the one used in kubebuilder and eventually at some point in the
future merge the two projects.
In order to make this easier to review I've kept all original commits instead of squashing
them. Once the review is done I will sqash and merge to master.
Also note that this is based on the
agent_support
branch which is also pending review, insteadof master.