Remove command args override and update operator-framework to v1.4.2

This change fixes an issue where zuul services can't create a lockfile. Another issue happening with older operator-framework and newer kubernetes version is being fixed by updating the operator-framework following this migration documentation: https://sdk.operatorframework.io/docs/building-operators/ansible/migration/ Change-Id: I6adfb907184112f0b7debb050975f76cd1dd4b01
2021-03-31 22:49:21 +00:00 · 2021-03-31 22:49:21 +00:00 · ee8a7b2cfb
commit ee8a7b2cfb
parent 2c367363e8
17 changed files with 37 additions and 45 deletions
--- a/README.md
+++ b/README.md
@ -20,7 +20,7 @@ Look for operator pod and check it's output
 $ kubectl get pods
 NAME                            READY     STATUS    RESTARTS   AGE
 zuul-operator-c64756f66-rbdmg   2/2       Running   0          3s
-$ kubectl logs zuul-operator-c64756f66-rbdmg -c operator
+$ kubectl logs zuul-operator-c64756f66-rbdmg
 [...]
 {"level":"info","ts":1554197305.5853095,"logger":"cmd","msg":"Go Version: go1.10.3"}
 {"level":"info","ts":1554197305.5854425,"logger":"cmd","msg":"Go OS/Arch: linux/amd64"}
--- a/build/Dockerfile
+++ b/build/Dockerfile
@ -1,4 +1,4 @@
-FROM quay.io/operator-framework/ansible-operator:v0.13.0
+FROM quay.io/operator-framework/ansible-operator:v1.4.2
 # dhall versions and digests
 ARG DHALL_VERSION=1.33.1
@ -14,9 +14,11 @@ ARG KUBECTL_DIGEST=a5eb7e2e44d858d96410937a4e4c82f9087c9d120cb2b9e92462878eda59d
 # Install extra requirements
 USER root
 # See: https://github.com/operator-framework/operator-sdk/issues/2384
 # Install gear to connect to the scheduler gearman
-RUN pip3 install --upgrade openshift gear
+RUN pip3 install --upgrade gear
 # Install collections
 RUN ansible-galaxy collection install community.kubernetes && chmod -R ug+rwx ${HOME}/.ansible
 # unarchive: bzip2 and tar
 # generate zuul ssh-keys or certificate: openssh and openssl
--- a/conf/zuul/components/Executor.dhall
+++ b/conf/zuul/components/Executor.dhall
@ -34,7 +34,6 @@ in  \(app-name : Text) ->
              , container = Kubernetes.Container::{
                , name = "executor"
                , image = input-executor.image
                , args = Some [ "zuul-executor", "-d" ]
                , imagePullPolicy = Some "IfNotPresent"
                , ports = Some
                  [ Kubernetes.ContainerPort::{
--- a/conf/zuul/components/Merger.dhall
+++ b/conf/zuul/components/Merger.dhall
@ -21,7 +21,6 @@ in  \(app-name : Text) ->
              , container = Kubernetes.Container::{
                , name = "merger"
                , image = input-merger.image
                , args = Some [ "zuul-merger", "-d" ]
                , imagePullPolicy = Some "IfNotPresent"
                , env = Some env
                , volumeMounts = Some (F.mkVolumeMount (data-dir # volumes))
--- a/conf/zuul/components/Scheduler.dhall
+++ b/conf/zuul/components/Scheduler.dhall
@ -23,7 +23,6 @@ in  \(app-name : Text) ->
              , container = Kubernetes.Container::{
                , name = "scheduler"
                , image = input-scheduler.image
                , args = Some [ "zuul-scheduler", "-d" ]
                , imagePullPolicy = Some "IfNotPresent"
                , ports = Some
                  [ Kubernetes.ContainerPort::{
--- a/conf/zuul/components/Web.dhall
+++ b/conf/zuul/components/Web.dhall
@ -22,7 +22,6 @@ in  \(app-name : Text) ->
              , container = Kubernetes.Container::{
                , name = "web"
                , image = input-web.image
                , args = Some [ "zuul-web", "-d" ]
                , imagePullPolicy = Some "IfNotPresent"
                , ports = Some
                  [ Kubernetes.ContainerPort::{
--- a/deploy/operator.yaml
+++ b/deploy/operator.yaml
@ -14,34 +14,28 @@ spec:
    spec:
      serviceAccountName: zuul-operator
      containers:
-        - name: ansible
+        - name: manager
-          command:
+          args:
-          - /usr/local/bin/ao-logs
+            - "--enable-leader-election"
-          - /tmp/ansible-operator/runner
+            - "--leader-election-id=zuul-operator"
          - stdout
          image: "docker.io/zuul/zuul-operator"
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
          - mountPath: /tmp/ansible-operator/runner
            name: runner
            readOnly: true
        - name: operator
          image: "docker.io/zuul/zuul-operator"
          imagePullPolicy: "IfNotPresent"
          volumeMounts:
          - mountPath: /tmp/ansible-operator/runner
            name: runner
          env:
            - name: ANSIBLE_GATHERING
              value: explicit
            - name: WATCH_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
-            - name: POD_NAME
+          image: "docker.io/zuul/zuul-operator"
-              valueFrom:
+          imagePullPolicy: "IfNotPresent"
-                fieldRef:
+          livenessProbe:
-                  fieldPath: metadata.name
+            httpGet:
-            - name: OPERATOR_NAME
+              path: /readyz
-              value: "zuul-operator"
+              port: 6789
-      volumes:
+            initialDelaySeconds: 15
-        - name: runner
+            periodSeconds: 20
-          emptyDir: {}
+          readinessProbe:
            httpGet:
              path: /healthz
              port: 6789
            initialDelaySeconds: 5
            periodSeconds: 10
--- a/playbooks/files/update-operator.sh
+++ b/playbooks/files/update-operator.sh
@ -9,7 +9,7 @@ if test -d /var/lib/silverkube/storage; then
 fi
 echo "Update local image"
-CTX=$(sudo buildah from  ${BUILDAH_OPTS} docker.io/zuul/zuul-operator:latest)
+CTX=$(sudo buildah from  --pull-never ${BUILDAH_OPTS} docker.io/zuul/zuul-operator:latest)
 MNT=$(sudo buildah mount ${BUILDAH_OPTS} $CTX)
 sudo rsync -avi --delete roles/ ${MNT}/opt/ansible/roles/
--- a/playbooks/zuul-operator-functional/test.yaml
+++ b/playbooks/zuul-operator-functional/test.yaml
@ -132,7 +132,7 @@
    - name: connect to console-stream
      command: |
-        wsdump.py -r --eof-wait 5 -t '{"uuid":"{{ _job_uuid.stdout_lines[0] }}","logfile":"console.log"}' {{ zuul_ws_url }}/api/tenant/local/console-stream
+        python3 /usr/local/bin/wsdump.py -r --eof-wait 5 -t '{"uuid":"{{ _job_uuid.stdout_lines[0] }}","logfile":"console.log"}' {{ zuul_ws_url }}/api/tenant/local/console-stream
      register: console_stream
    - name: show console stream
--- a/roles/zuul-ensure-database-password/tasks/main.yaml
+++ b/roles/zuul-ensure-database-password/tasks/main.yaml
@ -4,7 +4,7 @@
 - name: Generate and store database password
  when: _zuul_db_password.data is not defined
-  k8s:
+  community.kubernetes.k8s:
    state: "{{ state }}"
    namespace: "{{ namespace }}"
    definition:
--- a/roles/zuul-ensure-gearman-tls/tasks/main.yaml
+++ b/roles/zuul-ensure-gearman-tls/tasks/main.yaml
@ -17,7 +17,7 @@
        - "openssl x509 -req -days 3650 -in client-{{ zuul_name }}.csr -out client-{{ zuul_name }}.pem -CA ca-{{ zuul_name }}.pem -CAkey ca-{{ zuul_name }}.key -CAcreateserial"
    - name: Create k8s secret
-      k8s:
+      community.kubernetes.k8s:
        state: "{{ state }}"
        namespace: "{{ namespace }}"
        definition:
--- a/roles/zuul-ensure-registry-tls/tasks/main.yaml
+++ b/roles/zuul-ensure-registry-tls/tasks/main.yaml
@ -15,7 +15,7 @@
        - "openssl x509 -req -days 3650 -in registry-{{ zuul_name }}.csr -out registry-{{ zuul_name }}.pem -CA ca-{{ zuul_name }}.pem -CAkey ca-{{ zuul_name }}.key -CAcreateserial"
    - name: Create k8s secret
-      k8s:
+      community.kubernetes.k8s:
        state: "{{ state }}"
        namespace: "{{ namespace }}"
        definition:
@ -38,7 +38,7 @@
  when: registry_user_rw.data is not defined
  block:
    - name: Create k8s secret
-      k8s:
+      community.kubernetes.k8s:
        state: "{{ state }}"
        namespace: "{{ namespace }}"
        definition:
--- a/roles/zuul-ensure-zookeeper-tls/tasks/main.yaml
+++ b/roles/zuul-ensure-zookeeper-tls/tasks/main.yaml
@ -14,7 +14,7 @@
        creates: zk-ca/keys/clientkey.pem
    - name: Create k8s secret
-      k8s:
+      community.kubernetes.k8s:
        state: "{{ state }}"
        namespace: "{{ namespace }}"
        definition:
--- a/roles/zuul-restart-when-zuul-conf-changed/tasks/main.yaml
+++ b/roles/zuul-restart-when-zuul-conf-changed/tasks/main.yaml
@ -27,7 +27,7 @@
      register: zuul_changes
    - name: Patch service
-      k8s:
+      community.kubernetes.k8s:
        state: present
        namespace: "{{ namespace }}"
        merge_type: merge
--- a/roles/zuul/defaults/main.yaml
+++ b/roles/zuul/defaults/main.yaml
@ -5,7 +5,7 @@ zuul_app_path: "/opt/ansible/conf/zuul"
 # Here we use zuul_spec to get un-modified cr
 # see: https://github.com/operator-framework/operator-sdk/issues/1770
-raw_spec: "{{ vars['_operator_zuul-ci_org_zuul_spec'] | default(spec) }}"
+raw_spec: "{{ vars['_operator_zuul_ci_org_zuul_spec'] | default(spec) }}"
 # Let optional withCertManager bool value
 cert_manager: "{{ (raw_spec['withCertManager'] | default(true)) | bool }}"
--- a/roles/zuul/tasks/main.yaml
+++ b/roles/zuul/tasks/main.yaml
@ -44,7 +44,7 @@
  register: _json
 - name: Apply objects
-  k8s:
+  community.kubernetes.k8s:
    state: "{{ state }}"
    namespace: "{{ namespace }}"
    definition: "{{ item }}"
--- a/watches.yaml
+++ b/watches.yaml
@ -2,4 +2,4 @@
 - version: v1alpha1
  group: operator.zuul-ci.org
  kind: Zuul
-  role: /opt/ansible/roles/zuul
+  role: zuul