fix: support creating v1beta CRDs to avoid data loss during conversion to v1. Due to data loss during client side conversions OLM will support two different paths for v1 and v1beta1 CRDs.

Author: exdx

pkg/controller/operators/catalog/operator.go

@@ -17,6 +17,7 @@ import (
 	rbacv1 "k8s.io/api/rbac/v1"
 	"k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	apiextensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	"k8s.io/apiextensions-apiserver/pkg/apiserver/validation"
 	extinf "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -1315,7 +1316,21 @@ func GetCRDV1VersionsMap(crd *apiextensionsv1.CustomResourceDefinition) map[stri
 }
 
 // Ensure all existing served versions are present in new CRD
-func EnsureCRDVersions(oldCRD *apiextensionsv1.CustomResourceDefinition, newCRD *apiextensionsv1.CustomResourceDefinition) error {
+func GetCRDV1Beta1VersionsMap(crd *apiextensionsv1beta1.CustomResourceDefinition) map[string]struct{} {
+	versionsMap := map[string]struct{}{}
+
+	for _, version := range crd.Spec.Versions {
+		versionsMap[version.Name] = struct{}{}
+	}
+	if crd.Spec.Version != "" {
+		versionsMap[crd.Spec.Version] = struct{}{}
+	}
+
+	return versionsMap
+}
+
+// Ensure all existing served versions are present in new CRD
+func EnsureV1CRDVersions(oldCRD *apiextensionsv1.CustomResourceDefinition, newCRD *apiextensionsv1.CustomResourceDefinition) error {
 	newCRDVersions := GetCRDV1VersionsMap(newCRD)
 
 	for _, oldVersion := range oldCRD.Spec.Versions {
@@ -1329,6 +1344,27 @@ func EnsureCRDVersions(oldCRD *apiextensionsv1.CustomResourceDefinition, newCRD
 	return nil
 }
 
+// Ensure all existing served versions are present in new CRD
+func EnsureV1Beta1CRDVersions(oldCRD *apiextensionsv1beta1.CustomResourceDefinition, newCRD *apiextensionsv1beta1.CustomResourceDefinition) error {
+	newCRDVersions := GetCRDV1Beta1VersionsMap(newCRD)
+
+	for _, oldVersion := range oldCRD.Spec.Versions {
+		if oldVersion.Served {
+			_, ok := newCRDVersions[oldVersion.Name]
+			if !ok {
+				return fmt.Errorf("New CRD (%s) must contain existing served versions (%s)", oldCRD.Name, oldVersion.Name)
+			}
+		}
+	}
+	if oldCRD.Spec.Version != "" {
+		_, ok := newCRDVersions[oldCRD.Spec.Version]
+		if !ok {
+			return fmt.Errorf("New CRD (%s) must contain existing version (%s)", oldCRD.Name, oldCRD.Spec.Version)
+		}
+	}
+	return nil
+}
+
 // Validate all existing served versions against new CRD's validation (if changed)
 func validateV1CRDCompatibility(dynamicClient dynamic.Interface, oldCRD *apiextensionsv1.CustomResourceDefinition, newCRD *apiextensionsv1.CustomResourceDefinition) error {
 	logrus.Debugf("Comparing %#v to %#v", oldCRD.Spec.Versions, newCRD.Spec.Versions)
@@ -1364,6 +1400,38 @@ func validateV1CRDCompatibility(dynamicClient dynamic.Interface, oldCRD *apiexte
 	return nil
 }
 
+// Validate all existing served versions against new CRD's validation (if changed)
+func validateV1Beta1CRDCompatibility(dynamicClient dynamic.Interface, oldCRD *apiextensionsv1beta1.CustomResourceDefinition, newCRD *apiextensionsv1beta1.CustomResourceDefinition) error {
+	logrus.Debugf("Comparing %#v to %#v", oldCRD.Spec.Validation, newCRD.Spec.Validation)
+	// If validation schema is unchanged, return right away
+	if reflect.DeepEqual(oldCRD.Spec.Validation, newCRD.Spec.Validation) {
+		return nil
+	}
+	convertedCRD := &apiextensions.CustomResourceDefinition{}
+	if err := apiextensionsv1beta1.Convert_v1beta1_CustomResourceDefinition_To_apiextensions_CustomResourceDefinition(newCRD, convertedCRD, nil); err != nil {
+		return err
+	}
+	for _, version := range oldCRD.Spec.Versions {
+		if !version.Served {
+			gvr := schema.GroupVersionResource{Group: oldCRD.Spec.Group, Version: version.Name, Resource: oldCRD.Spec.Names.Plural}
+			err := validateExistingCRs(dynamicClient, gvr, convertedCRD)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	if oldCRD.Spec.Version != "" {
+		gvr := schema.GroupVersionResource{Group: oldCRD.Spec.Group, Version: oldCRD.Spec.Version, Resource: oldCRD.Spec.Names.Plural}
+		err := validateExistingCRs(dynamicClient, gvr, convertedCRD)
+		if err != nil {
+			return err
+		}
+	}
+	logrus.Debugf("Successfully validated CRD %s\n", newCRD.Name)
+	return nil
+}
+
 func validateExistingCRs(dynamicClient dynamic.Interface, gvr schema.GroupVersionResource, newCRD *apiextensions.CustomResourceDefinition) error {
 	// make dynamic client
 	crList, err := dynamicClient.Resource(gvr).List(context.TODO(), metav1.ListOptions{})
@@ -1410,6 +1478,28 @@ func removeDeprecatedV1StoredVersions(oldCRD *apiextensionsv1.CustomResourceDefi
 	}
 }
 
+func removeDeprecatedV1Beta1StoredVersions(oldCRD *apiextensionsv1beta1.CustomResourceDefinition, newCRD *apiextensionsv1beta1.CustomResourceDefinition) []string {
+	// StoredVersions requires to have at least one version.
+	if len(oldCRD.Status.StoredVersions) <= 1 {
+		return nil
+	}
+
+	newStoredVersions := []string{}
+	newCRDVersions := GetCRDV1Beta1VersionsMap(newCRD)
+	for _, v := range oldCRD.Status.StoredVersions {
+		_, ok := newCRDVersions[v]
+		if ok {
+			newStoredVersions = append(newStoredVersions, v)
+		}
+	}
+
+	if len(newStoredVersions) < 1 {
+		return nil
+	} else {
+		return newStoredVersions
+	}
+}
+
 // ExecutePlan applies a planned InstallPlan to a namespace.
 func (o *Operator) ExecutePlan(plan *v1alpha1.InstallPlan) error {
 	if plan.Status.Phase != v1alpha1.InstallPlanPhaseInstalling {
@@ -1436,7 +1526,7 @@ func (o *Operator) ExecutePlan(plan *v1alpha1.InstallPlan) error {
 	}
 
 	ensurer := newStepEnsurer(kubeclient, crclient, dynamicClient)
-	b := newBuilder(kubeclient, dynamicClient, o.csvProvidedAPIsIndexer)
+	b := newBuilder(kubeclient, dynamicClient, o.csvProvidedAPIsIndexer, o.logger)
 
 	for i, step := range plan.Status.Plan {
 		doStep := true

pkg/controller/operators/catalog/step.go

@@ -13,7 +13,10 @@ import (
 	errorwrap "github.com/pkg/errors"
 	logger "github.com/sirupsen/logrus"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
-	"k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset"
+	apiextensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
+	apiextensionsv1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
+	apiextensionsv1beta1client "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1"
+
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -36,13 +39,16 @@ type builder struct {
 	opclient          operatorclient.ClientInterface
 	dynamicClient     dynamic.Interface
 	csvToProvidedAPIs map[string]cache.Indexer
+	logger            logger.FieldLogger
 }
 
-func newBuilder(opclient operatorclient.ClientInterface, dynamicClient dynamic.Interface, csvToProvidedAPIs map[string]cache.Indexer) *builder {
+func newBuilder(opclient operatorclient.ClientInterface, dynamicClient dynamic.Interface, csvToProvidedAPIs map[string]cache.Indexer,
+	logger logger.FieldLogger) *builder {
 	return &builder{
 		opclient:          opclient,
 		dynamicClient:     dynamicClient,
 		csvToProvidedAPIs: csvToProvidedAPIs,
+		logger:            logger,
 	}
 }
 
@@ -57,23 +63,32 @@ func (n notSupportedStepperErr) Error() string {
 // step is a factory that creates StepperFuncs based on the Kind provided and the install plan step.
 func (b *builder) create(step *v1alpha1.Step) (Stepper, error) {
 	kind := step.Resource.Kind
+	version, err := crdlib.Version(&step.Resource.Manifest)
+	if err != nil {
+		return nil, err
+	}
+
 	switch kind {
 	case crdKind:
-		return b.NewCRDStep(step.Resource.Manifest, b.opclient.ApiextensionsInterface(), step.Status, step.Resource.Name), nil
-	default:
-		return nil, notSupportedStepperErr{fmt.Sprintf("stepper interface does not support %s", kind)}
+		switch version {
+		case crdlib.V1Version:
+			return b.NewCRDV1Step(b.opclient.ApiextensionsInterface().ApiextensionsV1(), step), nil
+		case crdlib.V1Beta1Version:
+			return b.NewCRDV1Beta1Step(b.opclient.ApiextensionsInterface().ApiextensionsV1beta1(), step), nil
+		}
 	}
+	return nil, notSupportedStepperErr{fmt.Sprintf("stepper interface does not support %s", kind)}
 }
 
-func (b *builder) NewCRDStep(manifest string, client clientset.Interface, status v1alpha1.StepStatus, name string) StepperFunc {
+func (b *builder) NewCRDV1Step(client apiextensionsv1client.ApiextensionsV1Interface, step *v1alpha1.Step) StepperFunc {
 	return func() (v1alpha1.StepStatus, error) {
-		switch status {
+		switch step.Status {
 		case v1alpha1.StepStatusPresent:
 			return v1alpha1.StepStatusPresent, nil
 		case v1alpha1.StepStatusCreated:
 			return v1alpha1.StepStatusCreated, nil
 		case v1alpha1.StepStatusWaitingForAPI:
-			crd, err := client.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), name, metav1.GetOptions{})
+			crd, err := client.CustomResourceDefinitions().Get(context.TODO(), step.Resource.Name, metav1.GetOptions{})
 			if err != nil {
 				if k8serrors.IsNotFound(err) {
 					return v1alpha1.StepStatusNotPresent, nil
@@ -98,61 +113,161 @@ func (b *builder) NewCRDStep(manifest string, client clientset.Interface, status
 				return v1alpha1.StepStatusCreated, nil
 			}
 		case v1alpha1.StepStatusUnknown, v1alpha1.StepStatusNotPresent:
-			crd, err := crdlib.Serialize(manifest)
+			crd, err := crdlib.UnmarshalV1(step.Resource.Manifest)
 			if err != nil {
 				return v1alpha1.StepStatusUnknown, err
 			}
+			b.logger.Debugf("creating v1 CRD %#v", crd)
 
-			_, err = client.ApiextensionsV1().CustomResourceDefinitions().Create(context.TODO(), crd, metav1.CreateOptions{})
-			if k8serrors.IsAlreadyExists(err) {
-				currentCRD, _ := client.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), crd.GetName(), metav1.GetOptions{})
-				// Compare 2 CRDs to see if it needs to be updatetd
-				if crdlib.NotEqual(currentCRD, crd) {
+			_, createError := client.CustomResourceDefinitions().Create(context.TODO(), crd, metav1.CreateOptions{})
+			if k8serrors.IsAlreadyExists(createError) {
+				currentCRD, _ := client.CustomResourceDefinitions().Get(context.TODO(), crd.GetName(), metav1.GetOptions{})
+				// Compare 2 CRDs to see if it needs to be updated
+				logger.Debugf("\n current crd: %#v \n new crd: %#v \n", currentCRD, crd)
+				if crdlib.V1NotEqual(currentCRD, crd) {
 					// Verify CRD ownership, only attempt to update if
 					// CRD has only one owner
 					// Example: provided=database.coreos.com/v1alpha1/EtcdCluster
-					matchedCSV, err := index.CRDProviderNames(b.csvToProvidedAPIs, crd)
+					matchedCSV, err := index.V1CRDProviderNames(b.csvToProvidedAPIs, crd)
 					if err != nil {
-						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error find matched CSV: %s", name)
+						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error find matched CSV: %s", step.Resource.Name)
 					}
 					crd.SetResourceVersion(currentCRD.GetResourceVersion())
 					if len(matchedCSV) == 1 {
 						logger.Debugf("Found one owner for CRD %v", crd)
 					} else if len(matchedCSV) > 1 {
 						logger.Debugf("Found multiple owners for CRD %v", crd)
 
-						err := EnsureCRDVersions(currentCRD, crd)
+						err := EnsureV1CRDVersions(currentCRD, crd)
 						if err != nil {
-							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error missing existing CRD version(s) in new CRD: %s", name)
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error missing existing CRD version(s) in new CRD: %s", step.Resource.Name)
 						}
 
 						if err = validateV1CRDCompatibility(b.dynamicClient, currentCRD, crd); err != nil {
-							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error validating existing CRs agains new CRD's schema: %s", name)
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error validating existing CRs agains new CRD's schema: %s", step.Resource.Name)
 						}
 					}
 					// Remove deprecated version in CRD storedVersions
 					storeVersions := removeDeprecatedV1StoredVersions(currentCRD, crd)
 					if storeVersions != nil {
 						currentCRD.Status.StoredVersions = storeVersions
-						resultCRD, err := client.ApiextensionsV1().CustomResourceDefinitions().UpdateStatus(context.TODO(), currentCRD, metav1.UpdateOptions{})
+						resultCRD, err := client.CustomResourceDefinitions().UpdateStatus(context.TODO(), currentCRD, metav1.UpdateOptions{})
 						if err != nil {
-							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD's status: %s", name)
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD's status: %s", step.Resource.Name)
 						}
 						crd.SetResourceVersion(resultCRD.GetResourceVersion())
 					}
 					// Update CRD to new version
-					_, err = client.ApiextensionsV1().CustomResourceDefinitions().Update(context.TODO(), crd, metav1.UpdateOptions{})
+					_, err = client.CustomResourceDefinitions().Update(context.TODO(), crd, metav1.UpdateOptions{})
 					if err != nil {
-						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD: %s", name)
+						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD: %s", step.Resource.Name)
 					}
 				}
 				// If it already existed, mark the step as Present.
 				// they were equal - mark CRD as present
 				return v1alpha1.StepStatusPresent, nil
-			} else if err != nil {
+			} else if createError != nil {
 				// Unexpected error creating the CRD.
+				return v1alpha1.StepStatusUnknown, createError
+			}
+			// If no error occured, make sure to wait for the API to become available.
+			return v1alpha1.StepStatusWaitingForAPI, nil
+		}
+		return v1alpha1.StepStatusUnknown, nil
+	}
+}
+
+func (b *builder) NewCRDV1Beta1Step(client apiextensionsv1beta1client.ApiextensionsV1beta1Interface, step *v1alpha1.Step) StepperFunc {
+	return func() (v1alpha1.StepStatus, error) {
+		switch step.Status {
+		case v1alpha1.StepStatusPresent:
+			return v1alpha1.StepStatusPresent, nil
+		case v1alpha1.StepStatusCreated:
+			return v1alpha1.StepStatusCreated, nil
+		case v1alpha1.StepStatusWaitingForAPI:
+			crd, err := client.CustomResourceDefinitions().Get(context.TODO(), step.Resource.Name, metav1.GetOptions{})
+			if err != nil {
+				if k8serrors.IsNotFound(err) {
+					return v1alpha1.StepStatusNotPresent, nil
+				} else {
+					return v1alpha1.StepStatusNotPresent, errorwrap.Wrapf(err, "error finding the %s CRD", crd.Name)
+				}
+			}
+			established, namesAccepted := false, false
+			for _, cdt := range crd.Status.Conditions {
+				switch cdt.Type {
+				case apiextensionsv1beta1.Established:
+					if cdt.Status == apiextensionsv1beta1.ConditionTrue {
+						established = true
+					}
+				case apiextensionsv1beta1.NamesAccepted:
+					if cdt.Status == apiextensionsv1beta1.ConditionTrue {
+						namesAccepted = true
+					}
+				}
+			}
+			if established && namesAccepted {
+				return v1alpha1.StepStatusCreated, nil
+			}
+		case v1alpha1.StepStatusUnknown, v1alpha1.StepStatusNotPresent:
+			crd, err := crdlib.UnmarshalV1Beta1(step.Resource.Manifest)
+			if err != nil {
 				return v1alpha1.StepStatusUnknown, err
 			}
+			b.logger.Debugf("creating v1beta1 CRD %#v", crd)
+
+			_, createError := client.CustomResourceDefinitions().Create(context.TODO(), crd, metav1.CreateOptions{})
+			if k8serrors.IsAlreadyExists(createError) {
+				currentCRD, _ := client.CustomResourceDefinitions().Get(context.TODO(), crd.GetName(), metav1.GetOptions{})
+				// Compare 2 CRDs to see if it needs to be updated
+				logger.Debugf("\n current crd: %#v \n new crd: %#v \n", currentCRD, crd)
+				if crdlib.V1Beta1NotEqual(currentCRD, crd) {
+					b.logger.Debugf("not equal")
+					// Verify CRD ownership, only attempt to update if
+					// CRD has only one owner
+					// Example: provided=database.coreos.com/v1alpha1/EtcdCluster
+					matchedCSV, err := index.V1Beta1CRDProviderNames(b.csvToProvidedAPIs, crd)
+					if err != nil {
+						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error find matched CSV: %s", step.Resource.Name)
+					}
+					crd.SetResourceVersion(currentCRD.GetResourceVersion())
+					if len(matchedCSV) == 1 {
+						logger.Debugf("Found one owner for CRD %v", crd)
+					} else if len(matchedCSV) > 1 {
+						logger.Debugf("Found multiple owners for CRD %v", crd)
+
+						err := EnsureV1Beta1CRDVersions(currentCRD, crd)
+						if err != nil {
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error missing existing CRD version(s) in new CRD: %s", step.Resource.Name)
+						}
+
+						if err = validateV1Beta1CRDCompatibility(b.dynamicClient, currentCRD, crd); err != nil {
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error validating existing CRs agains new CRD's schema: %s", step.Resource.Name)
+						}
+					}
+					// Remove deprecated version in CRD storedVersions
+					storeVersions := removeDeprecatedV1Beta1StoredVersions(currentCRD, crd)
+					if storeVersions != nil {
+						currentCRD.Status.StoredVersions = storeVersions
+						resultCRD, err := client.CustomResourceDefinitions().UpdateStatus(context.TODO(), currentCRD, metav1.UpdateOptions{})
+						if err != nil {
+							return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD's status: %s", step.Resource.Name)
+						}
+						crd.SetResourceVersion(resultCRD.GetResourceVersion())
+					}
+					// Update CRD to new version
+					_, err = client.CustomResourceDefinitions().Update(context.TODO(), crd, metav1.UpdateOptions{})
+					if err != nil {
+						return v1alpha1.StepStatusUnknown, errorwrap.Wrapf(err, "error updating CRD: %s", step.Resource.Name)
+					}
+				}
+				// If it already existed, mark the step as Present.
+				// they were equal - mark CRD as present
+				return v1alpha1.StepStatusPresent, nil
+			} else if createError != nil {
+				// Unexpected error creating the CRD.
+				return v1alpha1.StepStatusUnknown, createError
+			}
 			// If no error occured, make sure to wait for the API to become available.
 			return v1alpha1.StepStatusWaitingForAPI, nil
 		}