Detect common invalid annotations: e.g. olm.skiprange #568

cdjohnson · 2021-01-21T14:49:15Z

It's a very common problem to accidentally use the annotation olm.skiprange instead of olm.skipRange. It can take days or weeks for a new developer to not understand why their operators will never upgrade to a new channel.

It would be very helpful for new developers if opm <index|registry> add would simply detect some of the most common errors like this.

The text was updated successfully, but these errors were encountered:

cdjohnson · 2021-01-21T15:44:51Z

Discussed in the OLM Feature Planning meeting today a bit. They suggested that this be fixed in the API repo here:
https://github.com/operator-framework/api/tree/master/pkg/validation

cdjohnson · 2021-01-21T15:48:10Z

Need to be careful that the validation doesn't happen in OLM and only in OPM.

Example: If someone already added a bad bundle to the catalog (it's been there for months in production), and then OLM now fails to install the catalog or bundle, that would be bad.

jchunkins · 2021-02-22T21:38:11Z

@cdjohnson Regarding your warning comment:

Need to be careful that the validation doesn't happen in OLM and only in OPM

At the moment ClusterServiceVersionValidator is the validator that is responsible for checking CSV validity. If you do a search for this across all repos in the operator-framework organization like this:

https://github.com/search?q=org%3Aoperator-framework+ClusterServiceVersionValidator&type=code

You will see that the only projects that use this are:

operator-framework/operator-sdk
operator-framework/operator-registry

Given the scope of your concern, we can ignore operator-framework/operator-sdk, leaving only usage within operator-framework/operator-registry.

From within the operator-framework/operator-registry the ClusterServiceVersionValidator is used in function ValidateBundleContent. This is a function that is part of the BundleImageValidator interface. You can see uses of this in this query:

https://github.com/search?q=org%3Aoperator-framework+ValidateBundleContent&type=code

It's used in calls such as:

opm alpha bundle unpack
opm alpha bundle validate

I don't see any initializer or registry-server usage of this validation logic, so I think we're OK with making changes in ClusterServiceVersionValidator as needed.

- update api project to v0.6.1 to pick up validator (and other) changes - indirectly update k8s.io v0.20.1 - add e2e documentation - allow e2e target to use focus flag - allow e2e target to use skip tls flag for local testing - update code paths which support skip tls but did not expose it - add test case and test data for annotation case sensitive validation - update test case to handle multiple errors - add .gitignore for artifacts generated from e2e tests - update vendor Implements operator-framework#568 Signed-off-by: John Hunkins <[email protected]>

- update api project to v0.7.1 to pick up validator (and other) changes - add e2e documentation - allow e2e target to use focus flag - allow e2e target to use skip tls flag for local testing - update code paths which support skip tls but did not expose it - add test case and test data for annotation case sensitive validation - update test case to handle multiple errors - add .gitignore for artifacts generated from e2e tests - update vendor Implements operator-framework#568 Signed-off-by: John Hunkins <[email protected]>

- update api project to v0.7.1 to pick up validator (and other) changes - update code paths which support skip tls but did not expose it - add test case and test data for annotation case sensitive validation - update test case to handle multiple errors - add .gitignore for artifacts generated from e2e tests - use mkcerts for better crossplatform SSL cert generation - create dedicated script for starting regsitry with & without SSL - implement e2e ctx (i.e. context) package - Provision impl for kind servers - Provision impl for kubeconfig (i.e. all other server types) - adjust makefile to account for `kind` build tag - allow e2e target to use focus flag - allow e2e target to use skip tls flag for local testing - adjust test.yml git action workflow to use start_registry script - adjust test.yml git action to remove kind (since its now dynamic) - add e2e documentation for all scenarios - update vendor Implements operator-framework#568 Signed-off-by: John Hunkins <[email protected]>

- update api project to v0.7.1 to pick up validator (and other) changes - update code paths which support skip tls but did not expose it - add test case and test data for annotation case sensitive validation - update test case to handle multiple errors - add .gitignore for artifacts generated from e2e tests - use mkcerts for better crossplatform SSL cert generation - create dedicated script for starting regsitry with & without SSL - implement e2e ctx (i.e. context) package - Provision impl for kind servers - Provision impl for kubeconfig (i.e. all other server types) - adjust makefile to account for `kind` build tag - allow e2e target to use focus flag - allow e2e target to use skip tls flag for local testing - adjust test.yml git action workflow to use start_registry script - adjust test.yml git action to remove kind (since its now dynamic) - add e2e documentation for all scenarios - use regex to determine possible kind control plane names - add --name argument for kind load docker-image call - update vendor Implements operator-framework#568 Signed-off-by: John Hunkins <[email protected]>

- update api project to v0.7.1 to pick up validator (and other) changes - update code paths which support skip tls but did not expose it - add test case and test data for annotation case sensitive validation - update test case to handle multiple errors - add .gitignore for artifacts generated from e2e tests - use mkcerts for better crossplatform SSL cert generation - create dedicated script for starting regsitry with & without SSL - implement e2e ctx (i.e. context) package - Provision impl for kind servers - Provision impl for kubeconfig (i.e. all other server types) - adjust makefile to account for `kind` build tag - allow e2e target to use focus flag - allow e2e target to use skip tls flag for local testing - adjust test.yml git action workflow to use start_registry script - adjust test.yml git action to remove kind (since its now dynamic) - add e2e documentation for all scenarios - use regex to determine possible kind control plane names - add --name argument for kind load docker-image call - update vendor Implements operator-framework/operator-registry#568 Signed-off-by: John Hunkins <[email protected]> Upstream-repository: operator-registry Upstream-commit: 128142ab441fbe501336bddde4954f0623ed1a98

jchunkins mentioned this issue Feb 25, 2021

Expand validation to annotations operator-framework/api#99

Merged

jchunkins mentioned this issue Mar 14, 2021

Update api version, vendor & enhance testing #605

Merged

5 tasks

joelanford added the kind/feature label Apr 1, 2021

joelanford added this to the 1.17.0 milestone Apr 1, 2021

joelanford assigned jchunkins Apr 1, 2021

openshift-merge-robot closed this as completed in #605 Apr 15, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Detect common invalid annotations: e.g. olm.skiprange #568

Detect common invalid annotations: e.g. olm.skiprange #568

cdjohnson commented Jan 21, 2021

cdjohnson commented Jan 21, 2021

cdjohnson commented Jan 21, 2021

jchunkins commented Feb 22, 2021

Detect common invalid annotations: e.g. olm.skiprange #568

Detect common invalid annotations: e.g. olm.skiprange #568

Comments

cdjohnson commented Jan 21, 2021

cdjohnson commented Jan 21, 2021

cdjohnson commented Jan 21, 2021

jchunkins commented Feb 22, 2021