Goto tbr

README.md

@@ -29,7 +29,7 @@ The samples resource offers the following configuration fields:
 - ManagementState
 -- Managed: the operator will update the samples as the configuration dictates
 -- Unmanaged: the operator will ignore updates to the samples resource object and any imagestreams or templates in the openshift namespace
--- Removed: the operator will remove the set of managed imagestreams and templates in the openshift namespace. It will ignore new samples created by the cluster admin or any samples in the skipped lists.  After the removals are complete, the operator will work like it is in the 'Unmanaged' state and ignore any watch events on the sample resources, imagestreams, or templates.  It will operate on secrets to facilitate the 'centos' to 'rhel' switch.  There are some caveats around concurrent creates and removal (see Change behaviors section).
+-- Removed: the operator will remove the set of managed imagestreams and templates in the openshift namespace. It will ignore new samples created by the cluster admin or any samples in the skipped lists.  After the removals are complete, the operator will work like it is in the 'Unmanaged' state and ignore any watch events on the sample resources, imagestreams, or templates.  There are some caveats around concurrent creates and removal (see Config behaviors section).
 - Samples Registry
 -- Override the registry that images are imported from
 - Architecture

pkg/apis/samples/v1/types.go

@@ -424,6 +424,9 @@ func (s *Config) ClusterNeedsCreds() bool {
 		s.Spec.ManagementState == operatorv1.Unmanaged {
 		return false
 	}
+	if s.Status.Conditions == nil {
+		return true
+	}
 	return s.ConditionFalse(ImportCredentialsExist) && (s.Spec.SamplesRegistry == "" || s.Spec.SamplesRegistry == "registry.redhat.io")
 }
 

pkg/stub/handler.go

@@ -274,8 +274,6 @@ func (h *Handler) CreateDefaultResourceIfNeeded(cfg *v1.Config) (*v1.Config, err
 		cfg.Kind = "Config"
 		cfg.APIVersion = v1.GroupName + "/" + v1.Version
 		cfg.Spec.Architectures = append(cfg.Spec.Architectures, v1.X86Architecture)
-		//TODO force use of registry.access.redhat.com until we sort out TBR/registry.redhat.io creds
-		cfg.Spec.SamplesRegistry = "registry.access.redhat.com"
 		cfg.Spec.ManagementState = operatorsv1api.Managed
 		h.AddFinalizer(cfg)
 		// we should get a watch event for the default pull secret, but just in case
@@ -386,10 +384,6 @@ func (h *Handler) CleanUpOpenshiftNamespaceOnDelete(cfg *v1.Config) error {
 		return err
 	}
 
-	//TODO when we start copying secrets from kubesystem to act as the default secret for pulling rhel content
-	// we'll want to delete that one too ... we'll need to put a marking on the secret to indicate we created it
-	// vs. the admin creating it
-
 	return nil
 }
 
@@ -417,8 +411,12 @@ func (h *Handler) Handle(event v1.Event) error {
 			return nil
 		}
 
-		//TODO what do we do about possible missed delete events since we
-		// cannot add a finalizer in our namespace secret
+		// if we miss a delete event in the openshift namespace (since we cannot
+		// add a finalizer in our namespace secret), we our watch
+		// on the kube-system coreos pull secret should still repopulate;
+		// if that gets deleted, the whole cluster is hosed; plus, there is talk
+		// of moving data like that to a special config namespace that is somehow
+		// protected
 
 		cfg, _ := h.crdwrapper.Get(v1.ConfigName)
 		if cfg != nil {