Bump OLM version to 0.6.0

0.6.0 includes updates and fixes for kube 1.11

roles/olm/files/01-alm-operator.serviceaccount.yaml

@@ -3,9 +3,7 @@
 kind: ServiceAccount
 apiVersion: v1
 metadata:
-  name: alm-operator-serviceaccount
+  name: olm-operator-serviceaccount
   namespace: operator-lifecycle-manager
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 imagePullSecrets:
 - name: coreos-pull-secret

roles/olm/files/02-alm-operator.rolebinding.yaml

@@ -3,14 +3,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: alm-operator-binding
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
+  name: olm-operator-binding-operator-lifecycle-manager
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: cluster-admin
 subjects:
 - kind: ServiceAccount
-  name: alm-operator-serviceaccount
+  name: olm-operator-serviceaccount
   namespace: operator-lifecycle-manager

roles/olm/files/03-clusterserviceversion.crd.yaml

@@ -3,27 +3,49 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: clusterserviceversion-v1s.app.coreos.com
+  name: clusterserviceversions.operators.coreos.com
   annotations:
     displayName: Operator Version
     description: Represents an Operator that should be running on the cluster, including requirements and install strategy.
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
   names:
-    plural: clusterserviceversion-v1s
-    singular: clusterserviceversion-v1
-    kind: ClusterServiceVersion-v1
-    listKind: ClusterServiceVersionList-v1
-  group: app.coreos.com
+    plural: clusterserviceversions
+    singular: clusterserviceversion
+    kind: ClusterServiceVersion
+    listKind: ClusterServiceVersionList
+    shortNames:
+    - csv
+    categories:
+    - all
+    - olm
+  additionalPrinterColumns:
+  - name: Display
+    type: string
+    description: The name of the CSV
+    JSONPath: .spec.displayName
+  - name: Version
+    type: string
+    description: The version of the CSV
+    JSONPath: .spec.version
+  - name: Replaces
+    type: string
+    description: The name of a CSV that this one replaces
+    JSONPath: .spec.replaces
+  - name: Phase
+    type: string
+    JSONPath: .status.phase
+  group: operators.coreos.com
   version: v1alpha1
+  versions:
+    - name: v1alpha1
+      served: true
+      storage: true
   scope: Namespaced
+  subresources:
+    # status enables the status subresource.
+    status: {}
   validation:
     openAPIV3Schema:
-      type: object
-      description: Represents a single version of the operator software
-      required:
-      - spec
       properties:
         spec:
           type: object
@@ -137,7 +159,7 @@ spec:
                   description: Label key:value pairs to match directly
                 matchExpressions:
                   type: array
-                  descriptions: A set of expressions to match against the resource.
+                  description: A set of expressions to match against the resource.
                   items:
                     allOf:
                       - type: object
@@ -411,3 +433,6 @@ spec:
                                         - patch
                                         - delete
                                         - deletecollection
+        status:
+          type: object
+          description: Status for a ClusterServiceVersion

roles/olm/files/05-catalogsource.crd.yaml

@@ -3,21 +3,42 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: catalogsource-v1s.app.coreos.com
+  name: catalogsources.operators.coreos.com
   annotations:
     displayName: CatalogSource
     description: A source configured to find packages and updates.
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
-  group: app.coreos.com
+  group: operators.coreos.com
   version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
   scope: Namespaced
   names:
-    plural: catalogsource-v1s
-    singular: catalogsource-v1
-    kind: CatalogSource-v1
-    listKind: CatalogSourceList-v1
+    plural: catalogsources
+    singular: catalogsource
+    kind: CatalogSource
+    listKind: CatalogSourceList
+    categories:
+    - all
+    - olm
+  additionalPrinterColumns:
+  - name: Name
+    type: string
+    description: The pretty name of the catalog
+    JSONPath: .spec.displayName
+  - name: Type
+    type: string
+    description: The type of the catalog
+    JSONPath: .spec.sourceType
+  - name: Publisher
+    type: string
+    description: The publisher of the catalog
+    JSONPath: .spec.publisher
+  - name: Age
+    type: date
+    JSONPath: .metadata.creationTimestamp
   validation:
     openAPIV3Schema:
       type: object
@@ -27,10 +48,9 @@ spec:
       properties:
         spec:
           type: object
-          description: Spec for a subscription
+          description: Spec for a catalog source.
           required:
           - sourceType
-          - name
           properties:
             sourceType:
               type: string
@@ -40,11 +60,15 @@ spec:
 
             configMap:
               type: string
-              string: The name of a ConfigMap that holds the entries for an in-memory catalog.
+              description: The name of a ConfigMap that holds the entries for an in-memory catalog.
 
-            name:
+            displayName:
               type: string
-              description: Name of this catalog source
+              description: Pretty name for display
+
+            publisher:
+              type: string
+              description: The name of an entity that publishes this catalog
 
             secrets:
               type: array

roles/olm/files/06-installplan.crd.yaml

@@ -3,27 +3,47 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: installplan-v1s.app.coreos.com
+  name: installplans.operators.coreos.com
   annotations:
     displayName: Install Plan
     description: Represents a plan to install and resolve dependencies for Cluster Services
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
-  group: app.coreos.com
+  group: operators.coreos.com
   version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
   scope: Namespaced
   names:
-    plural: installplan-v1s
-    singular: installplan-v1
-    kind: InstallPlan-v1
-    listKind: InstallPlanList-v1
+    plural: installplans
+    singular: installplan
+    kind: InstallPlan
+    listKind: InstallPlanList
+    categories:
+    - all
+    - olm
+  additionalPrinterColumns:
+  - name: CSV
+    type: string
+    description: The first CSV in the list of clusterServiceVersionNames
+    JSONPath: .spec.clusterServiceVersionNames[0]
+  - name: Source
+    type: string
+    description: The catalog source for the specified CSVs.
+    JSONPath: .spec.source
+  - name: Approval
+    type: string
+    description: The approval mode
+    JSONPath: .spec.approval
+  - name: Approved
+    type: boolean
+    JSONPath: .spec.approved
+  subresources:
+    # status enables the status subresource.
+    status: {}
   validation:
     openAPIV3Schema:
-      type: object
-      description: Document which defines the desire and current state of an installation of a Cluster Service
-      required:
-      - spec
       properties:
         spec:
           type: object
@@ -32,29 +52,27 @@ spec:
           - clusterServiceVersionNames
           - approval
           properties:
+            source:
+              type: string
+              description: Name of the preferred CatalogSource
+            sourceNamespace:
+              type: string
+              description: Namespace that contains the preffered CatalogSource
             clusterServiceVersionNames:
               type: array
               description: A list of the names of the Cluster Services
               items:
                 type: string
-            approval:
-              type: string
-              enum:
-              - Automatic
-              - Manual
-              - Update-Only # Will only apply an update if it updates existing packages only and doesn't add any new ones
-            approved:
-              type: boolean
-      anyOf:
-        - properties:
-          approval: 
-            enum: 
-              - Manual
-          required:
-            - approved
-        - properties:
-          approval:
-            enum:
-              - Automatic
-              - Update-Only
-          required: []
+          anyOf:
+            - properties:
+                approval:
+                  enum:
+                    - Manual
+                approved:
+                  type: boolean
+              required:
+                - approved
+            - properties:
+                approval:
+                  enum:
+                    - Automatic

roles/olm/files/07-subscription.crd.yaml

@@ -3,27 +3,44 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: subscription-v1s.app.coreos.com
+  name: subscriptions.operators.coreos.com
   annotations:
     displayName: Subscription
     description: Subcribes service catalog to a source and channel to recieve updates for packages.
-  labels:
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
-  group: app.coreos.com
+  group: operators.coreos.com
   version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
   scope: Namespaced
   names:
-    plural: subscription-v1s
-    singular: subscription-v1
-    kind: Subscription-v1
-    listKind: SubscriptionList-v1
+    plural: subscriptions
+    singular: subscription
+    kind: Subscription
+    listKind: SubscriptionList
+    categories:
+    - all
+    - olm
+  additionalPrinterColumns:
+  - name: Package
+    type: string
+    description: The package subscribed to
+    JSONPath: .spec.name
+  - name: Source
+    type: string
+    description: The catalog source for the specified package
+    JSONPath: .spec.source
+  - name: Channel
+    type: string
+    description: The channel of updates to subscribe to
+    JSONPath: .spec.channel
+  subresources:
+    # status enables the status subresource.
+    status: {}
   validation:
     openAPIV3Schema:
-      type: object
-      description: Represents a subscription to a source and channel
-      required:
-      - spec
       properties:
         spec:
           type: object
@@ -35,15 +52,21 @@ spec:
             source:
               type: string
               description: Name of a CatalogSource that defines where and how to find the channel
-
+            sourceNamespace:
+              type: string
+              description: The Kubernetes namespace where the CatalogSource used is located
             name:
               type: string
               description: Name of the package that defines the application
-
             channel:
               type: string
               description: Name of the channel to track
-            
             startingCSV:
               type: string
               description: Name of the AppType that this subscription tracks
+            installPlanApproval:
+              type: string
+              description: Approval mode for emitted InstallPlans
+              enum:
+              - Manual
+              - Automatic

roles/olm/files/10-ocs.catalogsource.yaml

@@ -0,0 +1,16 @@
+##---
+# Source: olm/templates/10-ocs.catalogsource.yaml
+
+#! validate-crd: ./deploy/chart/templates/05-catalogsource.crd.yaml
+#! parse-kind: CatalogSource
+apiVersion: operators.coreos.com/v1alpha1
+kind: CatalogSource
+metadata:
+  name: ocs
+  namespace: operator-lifecycle-manager
+spec:
+  sourceType: internal
+  configMap: ocs
+  displayName: Open Cloud Services
+  publisher: Red Hat
+

roles/olm/files/12-alm-operator.deployment.yaml

@@ -1,13 +1,12 @@
 ##---
 # Source: olm/templates/12-alm-operator.deployment.yaml
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: alm-operator
   namespace: operator-lifecycle-manager
   labels:
     app: alm-operator
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
   strategy:
     type: RollingUpdate
@@ -20,12 +19,12 @@ spec:
       labels:
         app: alm-operator
     spec:
-      serviceAccountName: alm-operator-serviceaccount
+      serviceAccountName: olm-operator-serviceaccount
       containers:
         - name: alm-operator
           command:
-          - /bin/alm
-          image: quay.io/coreos/olm@sha256:d19b64d801a08fd4838ed4bd9752712688ac9f2a26fab89bcb4f28b1bbdcab16
+          - /bin/olm
+          image: quay.io/coreos/olm@sha256:44b445850b3e612c062424c3727bb85048ec8e71407b39985786d29aa20f5c79
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080

roles/olm/files/13-catalog-operator.deployment.yaml

@@ -1,13 +1,12 @@
 ##---
 # Source: olm/templates/13-catalog-operator.deployment.yaml
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: catalog-operator
   namespace: operator-lifecycle-manager
   labels:
     app: catalog-operator
-    tectonic-operators.coreos.com/managed-by: tectonic-x-operator
 spec:
   strategy:
     type: RollingUpdate
@@ -20,7 +19,7 @@ spec:
       labels:
         app: catalog-operator
     spec:
-      serviceAccountName: alm-operator-serviceaccount
+      serviceAccountName: olm-operator-serviceaccount
       containers:
         - name: catalog-operator
           command:
@@ -28,7 +27,7 @@ spec:
           - '-namespace'
           - operator-lifecycle-manager
           - '-debug'
-          image: quay.io/coreos/catalog@sha256:299a9cd6b34c9ccb601d6fffa8b6a633658165510940ed8c5481ce6acdad46b1
+          image: quay.io/coreos/catalog@sha256:20886d49205aa8d8fd53f1c85fad6a501775226da25ef14f51258b7066e91064
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080

roles/olm/files/20-aggregated-edit.clusterrole.yaml

@@ -0,0 +1,14 @@
+##---
+# Source: olm/templates/20-aggregated-edit.clusterrole.yaml
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: aggregate-olm-edit
+  labels:
+    # Add these permissions to the "admin" and "edit" default roles.
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+rules:
+- apiGroups: ["operators.coreos.com"]
+  resources: ["*"]
+  verbs: ["*"]

roles/olm/files/20-aggregated.clusterrole.yaml

@@ -0,0 +1,26 @@
+##---
+# Source: olm/templates/20-aggregated.clusterrole.yaml
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: aggregate-olm-edit
+  labels:
+    # Add these permissions to the "admin" and "edit" default roles.
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+rules:
+- apiGroups: ["operators.coreos.com"]
+  resources: ["*"]
+  verbs: ["*"]
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: aggregate-olm-view
+  labels:
+    # Add these permissions to the "view" default roles
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+rules:
+- apiGroups: ["operators.coreos.com"]
+  resources: ["*"]
+  verbs: ["get", "list", "watch"]

roles/olm/files/21-aggregated-view.clusterrole.yaml

@@ -0,0 +1,13 @@
+##---
+# Source: olm/templates/21-aggregated-view.clusterrole.yaml
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: aggregate-olm-view
+  labels:
+    # Add these permissions to the "view" default roles
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+rules:
+- apiGroups: ["operators.coreos.com"]
+  resources: ["*"]
+  verbs: ["get", "list", "watch"]

roles/olm/tasks/install.yaml

@@ -17,77 +17,77 @@
     src: "{{ item }}"
     dest: "{{ mktemp.stdout }}"
   with_fileglob: files/*.yaml
-- name: Apply alm-operator-serviceaccount ServiceAccount manifest
+- name: Apply olm-operator-serviceaccount ServiceAccount manifest
   oc_obj:
     state: present
     kind: ServiceAccount
-    name: alm-operator-serviceaccount
+    name: olm-operator-serviceaccount
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/01-alm-operator.serviceaccount.yaml"
 
-- name: Apply alm-operator-binding ClusterRoleBinding manifest
+- name: Apply olm-operator-binding-operator-lifecycle-manager ClusterRoleBinding manifest
   oc_obj:
     state: present
     kind: ClusterRoleBinding
-    name: alm-operator-binding
+    name: olm-operator-binding-operator-lifecycle-manager
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/02-alm-operator.rolebinding.yaml"
 
-- name: Apply clusterserviceversion-v1s.app.coreos.com CustomResourceDefinition manifest
+- name: Apply clusterserviceversions.operators.coreos.com CustomResourceDefinition manifest
   oc_obj:
     state: present
     kind: CustomResourceDefinition
-    name: clusterserviceversion-v1s.app.coreos.com
+    name: clusterserviceversions.operators.coreos.com
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/03-clusterserviceversion.crd.yaml"
 
-- name: Apply catalogsource-v1s.app.coreos.com CustomResourceDefinition manifest
+- name: Apply catalogsources.operators.coreos.com CustomResourceDefinition manifest
   oc_obj:
     state: present
     kind: CustomResourceDefinition
-    name: catalogsource-v1s.app.coreos.com
+    name: catalogsources.operators.coreos.com
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/05-catalogsource.crd.yaml"
 
-- name: Apply installplan-v1s.app.coreos.com CustomResourceDefinition manifest
+- name: Apply installplans.operators.coreos.com CustomResourceDefinition manifest
   oc_obj:
     state: present
     kind: CustomResourceDefinition
-    name: installplan-v1s.app.coreos.com
+    name: installplans.operators.coreos.com
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/06-installplan.crd.yaml"
 
-- name: Apply subscription-v1s.app.coreos.com CustomResourceDefinition manifest
+- name: Apply subscriptions.operators.coreos.com CustomResourceDefinition manifest
   oc_obj:
     state: present
     kind: CustomResourceDefinition
-    name: subscription-v1s.app.coreos.com
+    name: subscriptions.operators.coreos.com
     namespace: operator-lifecycle-manager
     files:
       - "{{ mktemp.stdout }}/07-subscription.crd.yaml"
 
-- name: Apply tectonic-ocs ConfigMap manifest
+- name: Apply ocs ConfigMap manifest
   oc_obj:
     state: present
     kind: ConfigMap
-    name: tectonic-ocs
+    name: ocs
     namespace: operator-lifecycle-manager
     files:
-      - "{{ mktemp.stdout }}/08-tectonicocs.configmap.yaml"
+      - "{{ mktemp.stdout }}/08-ocs.configmap.yaml"
 
-- name: Apply tectonic-ocs CatalogSource-v1 manifest
+- name: Apply ocs CatalogSource manifest
   oc_obj:
     state: present
-    kind: CatalogSource-v1
-    name: tectonic-ocs
+    kind: CatalogSource
+    name: ocs
     namespace: operator-lifecycle-manager
     files:
-      - "{{ mktemp.stdout }}/10-tectonicocs.catalogsource.yaml"
+      - "{{ mktemp.stdout }}/10-ocs.catalogsource.yaml"
 
 - name: Apply alm-operator Deployment manifest
   oc_obj:
@@ -107,20 +107,29 @@
     files:
       - "{{ mktemp.stdout }}/13-catalog-operator.deployment.yaml"
 
-- name: Apply upstream-components ConfigMap manifest
+- name: Apply aggregate-olm-edit ClusterRole manifest
   oc_obj:
     state: present
-    kind: ConfigMap
-    name: upstream-components
+    kind: ClusterRole
+    name: aggregate-olm-edit
+    namespace: operator-lifecycle-manager
+    files:
+      - "{{ mktemp.stdout }}/20-aggregated-edit.clusterrole.yaml"
+
+- name: Apply aggregate-olm-edit ClusterRole manifest
+  oc_obj:
+    state: present
+    kind: ClusterRole
+    name: aggregate-olm-edit
     namespace: operator-lifecycle-manager
     files:
-      - "{{ mktemp.stdout }}/18-upstreamcomponents.configmap.yaml"
+      - "{{ mktemp.stdout }}/20-aggregated.clusterrole.yaml"
 
-- name: Apply upstream-components CatalogSource-v1 manifest
+- name: Apply aggregate-olm-view ClusterRole manifest
   oc_obj:
     state: present
-    kind: CatalogSource-v1
-    name: upstream-components
+    kind: ClusterRole
+    name: aggregate-olm-view
     namespace: operator-lifecycle-manager
     files:
-      - "{{ mktemp.stdout }}/19-upstreamcomponents.catalogsource.yaml"
+      - "{{ mktemp.stdout }}/21-aggregated-view.clusterrole.yaml"