Skip to content

Add option to reconcile network policies for operator #1248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Add option to reconcile network policies for operator #1248

wants to merge 7 commits into from

Conversation

frzifus
Copy link
Collaborator

@frzifus frzifus commented Jul 23, 2025
edited
Loading 

$ k get networkpolicies.networking.k8s.io -n tempo-operator-system
NAME                                 POD-SELECTOR                                                                                                                                                              AGE
tempo-operator-allow-dns             app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   50s
tempo-operator-deny-all              app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   50s
tempo-operator-egress-to-apiserver   app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   50s
tempo-operator-ingress-to-metrics    app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   50s
tempo-operator-ingress-webhook       app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   50s

---

$ k get pods -n tempo-operator-system --show-labels               
NAME                                        READY   STATUS    RESTARTS   AGE   LABELS
tempo-operator-controller-9bc4c455b-qhf82   1/1     Running   0          60s   app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager,pod-template-hash=9bc4c455b

@frzifus frzifus force-pushed the networking_operator branch from 30d7b70 to 041ee2c Compare July 23, 2025 14:24
andreasgerstmayr
andreasgerstmayr reviewed Jul 23, 2025
View reviewed changes
@frzifus frzifus force-pushed the networking_operator branch from 041ee2c to eb79693 Compare July 23, 2025 17:40
@frzifus frzifus mentioned this pull request Jul 23, 2025
Draft
@frzifus frzifus force-pushed the networking_operator branch 2 times, most recently from ca64cb9 to 6d6ba02 Compare July 24, 2025 00:23
@frzifus frzifus changed the title Install for operator network policy at startup Add option to reconcile network policies for operator Jul 24, 2025
@frzifus frzifus force-pushed the networking_operator branch from 6d6ba02 to 83b8487 Compare July 24, 2025 00:30
@frzifus frzifus marked this pull request as ready for review July 24, 2025 00:30
@frzifus frzifus requested a review from andreasgerstmayr July 24, 2025 00:31
@codecov-commenter
Copy link

codecov-commenter commented Jul 24, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 93.80531% with 14 lines in your changes missing coverage. Please review.

Project coverage is 58.35%. Comparing base (0b0e615) to head (dcd7f9d).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
internal/controller/tempo/operator_controller.go 53.84% 4 Missing and 2 partials ⚠️
internal/manifests/operator/manifests.go 53.84% 4 Missing and 2 partials ⚠️
cmd/start/main.go 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1248      +/-   ##
==========================================
+ Coverage   57.64%   58.35%   +0.70%     
==========================================
  Files         121      123       +2     
  Lines       11277    11501     +224     
==========================================
+ Hits         6501     6711     +210     
- Misses       4418     4428      +10     
- Partials      358      362       +4
Flag Coverage Δ
unittests 58.35% <93.80%> (+0.70%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@frzifus frzifus force-pushed the networking_operator branch from 83b8487 to 8fbc64b Compare July 24, 2025 01:06
andreasgerstmayr
andreasgerstmayr reviewed Jul 24, 2025
View reviewed changes
andreasgerstmayr
andreasgerstmayr reviewed Jul 24, 2025
View reviewed changes
@frzifus frzifus force-pushed the networking_operator branch from 8fbc64b to 82d73ed Compare July 24, 2025 09:47
@frzifus frzifus requested a review from andreasgerstmayr July 24, 2025 09:47
@frzifus frzifus force-pushed the networking_operator branch from 82d73ed to 48c24fe Compare July 24, 2025 10:04
@frzifus frzifus force-pushed the networking_operator branch from 48c24fe to 5bf39e4 Compare July 24, 2025 14:09
frzifus added 5 commits July 24, 2025 16:09
@frzifus
Install operator network policy at startup
f85e1c4 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus
consider operator network policy during reconcile
7f42f5c 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus
allow dns traffic to kube-dns in kube-system
30ab1a8 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus
reconcile operator network policies on all k8s versions
5226c68 
Only limit the reconcilation on OpenShift

Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus
Add e2e for operator network policies
eed9dff 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus frzifus force-pushed the networking_operator branch from 5bf39e4 to d32a3c8 Compare July 24, 2025 14:09
@frzifus
Copy link
Collaborator Author

frzifus commented Jul 24, 2025

cc @IshwarKanse 😄

@IshwarKanse
Copy link
Contributor

@frzifus

On OCP 4.20, the network policies are not being created by the Tempo Operator. The operator logs the following errors:

{"level":"error","ts":"2025-07-25T04:50:22.632842349Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-deny-all","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T04:50:22.632934809Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-ingress-to-metrics","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T04:50:22.632958357Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-allow-dns","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T04:50:22.632976289Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-egress-to-apiserver","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T04:50:22.632995561Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-ingress-webhook","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T04:50:22.655470609Z","logger":"operator-reconcile","msg":"cannot reconcile operator","error":"failed to create objects for operator: missing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://www.google.com/url?sa=E&source=gmail&q=https://github.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:152\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}

Here are the steps to reproduce the issue:

% oc version 
Client Version: 4.19.0
Kustomize Version: v5.5.0
Server Version: 4.20.0-0.nightly-2025-07-20-021531
Kubernetes Version: v1.33.2

% oc create namespace openshift-tempo-operator
namespace/openshift-tempo-operator created

% oc label namespace openshift-tempo-operator openshift.io/cluster-monitoring="true"
namespace/openshift-tempo-operator labeled

% oc project openshift-tempo-operator

% operator-sdk run bundle --timeout=5m --security-context-config=restricted quay.io/rhn_support_ikanse/tempo-operator-bundle:v0.17.1
INFO[0015] Creating a File-Based Catalog of the bundle "quay.io/rhn_support_ikanse/tempo-operator-bundle:v0.17.1" 
INFO[0018] Generated a valid File-Based Catalog          
INFO[0025] Created registry pod: quay-io-rhn-support-ikanse-tempo-operator-bundle-v0-17-1 
INFO[0026] Created CatalogSource: tempo-operator-catalog 
INFO[0026] OperatorGroup "operator-sdk-og" created       
INFO[0027] Created Subscription: tempo-operator-v0-17-1-sub 
INFO[0037] Approved InstallPlan install-4w54d for the Subscription: tempo-operator-v0-17-1-sub 
INFO[0037] Waiting for ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" to reach 'Succeeded' phase 
INFO[0038]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Pending 
INFO[0040]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: InstallReady 
INFO[0041]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Installing 
INFO[0053]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Succeeded 
INFO[0054] OLM has successfully installed "tempo-operator.v0.17.1" 

% oc get networkpolicies.networking.k8s.io 
No resources found in openshift-tempo-operator namespace.

% oc logs tempo-operator-controller-7f9c475f6-x5zhs | grep -i error
{"level":"error","ts":"2025-07-25T05:00:20.212104549Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-deny-all","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107\[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T05:00:20.212184257Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-ingress-to-metrics","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107\[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T05:00:20.212221662Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-allow-dns","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107\[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T05:00:20.212240731Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-egress-to-apiserver","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107\[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T05:00:20.212259814Z","logger":"operator-reconcile","msg":"failed to configure resource","object_name":"tempo-operator-ingress-webhook","object_kind":"&TypeMeta{Kind:NetworkPolicy,APIVersion:networking.k8s.io/v1,}","error":"missing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile](https://github.com/grafana/tempo-operator/internal/controller/tempo.(*OperatorReconciler).Reconcile)\n\t/workspace/internal/controller/tempo/operator_controller.go:107\[ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://ngithub.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:150\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}
{"level":"error","ts":"2025-07-25T05:00:20.231621265Z","logger":"operator-reconcile","msg":"cannot reconcile operator","error":"failed to create objects for operator: missing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type\nmissing mutate implementation for resource type","stacktrace":"[github.com/grafana/tempo-operator/cmd/start.addDependencies.func1](https://github.com/grafana/tempo-operator/cmd/start.addDependencies.func1)\n\t/workspace/cmd/start/main.go:152\nsigs.k8s.io/controller-runtime/pkg/manager.RunnableFunc.Start\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/manager.go:307\nsigs.k8s.io/controller-runtime/pkg/manager.(*runnableGroup).reconcile.func1\n\t/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/manager/runnable_group.go:226"}

frzifus added 2 commits July 25, 2025 12:44
@frzifus
support mutating network policy
d093516 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus
regenerate config api
dcd7f9d 
Signed-off-by: Benedikt Bongartz <[email protected]>
@frzifus frzifus force-pushed the networking_operator branch from d32a3c8 to dcd7f9d Compare July 25, 2025 10:44
@frzifus
Copy link
Collaborator Author

frzifus commented Jul 25, 2025
edited
Loading

Thanks @IshwarKanse . Should be fixed with: d093516

$ GOOS=linux GOARCH=amd64 ARCH=amd64 IMG_PREFIX=ghcr.io/frzifus OPERATOR_VERSION=0.17.1 BUNDLE_VARIANT=openshift make bundle docker-build docker-push bundle-build bundle-push
$ operator-sdk run bundle --timeout=5m --security-context-config=restricted ghcr.io/frzifus/tempo-operator-bundle:v0.17.1
INFO[0011] Creating a File-Based Catalog of the bundle "ghcr.io/frzifus/tempo-operator-bundle:v0.17.1" 
INFO[0013] Generated a valid File-Based Catalog         
INFO[0023] Created registry pod: ghcr-io-frzifus-tempo-operator-bundle-v0-17-1 
INFO[0023] Created CatalogSource: tempo-operator-catalog 
INFO[0023] OperatorGroup "operator-sdk-og" created      
INFO[0023] Created Subscription: tempo-operator-v0-17-1-sub 
INFO[0035] Approved InstallPlan install-vmhb8 for the Subscription: tempo-operator-v0-17-1-sub 
INFO[0035] Waiting for ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" to reach 'Succeeded' phase 
INFO[0037]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Pending 
INFO[0039]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Installing 
INFO[0054]   Found ClusterServiceVersion "openshift-tempo-operator/tempo-operator.v0.17.1" phase: Succeeded 
INFO[0054] OLM has successfully installed "tempo-operator.v0.17.1" 

$ k get networkpolicies.networking.k8s.io -n openshift-tempo-operator
NAME                                 POD-SELECTOR                                                                                                                                                              AGE
tempo-operator-allow-dns             app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   13s
tempo-operator-deny-all              app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   13s
tempo-operator-egress-to-apiserver   app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   13s
tempo-operator-ingress-to-metrics    app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   13s
tempo-operator-ingress-webhook       app.kubernetes.io/managed-by=operator-lifecycle-manager,app.kubernetes.io/name=tempo-operator,app.kubernetes.io/part-of=tempo-operator,control-plane=controller-manager   12s

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andreasgerstmayr andreasgerstmayr andreasgerstmayr approved these changes

@rubenvp8510 rubenvp8510 rubenvp8510 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@frzifus @codecov-commenter @IshwarKanse @andreasgerstmayr @rubenvp8510