operator-framework
Include CSV annotations to pass Preflight's RequiredAnnotations test
Feature Request
Describe the problem you need a feature to resolve.
Latest versions of openshift-preflight includes a new test, called RequiredAnnotations, where preflight checks if operator's CSV includes the following infrastructure features annotations:
# Example CSV with infrastructure feature annotations
apiVersion: operators.coreos.com/v1alpha1
kind: ClusterServiceVersion
metadata:
annotations:
features.operators.openshift.io/disconnected: "true"
features.operators.openshift.io/fips-compliant: "false"
features.operators.openshift.io/proxy-aware: "false"
features.operators.openshift.io/tls-profiles: "false"
features.operators.openshift.io/token-auth-aws: "false"
features.operators.openshift.io/token-auth-azure: "false"
features.operators.openshift.io/token-auth-gcp: "false"
If any of these annotations is not present, this preflight test fails, impacting in Red Hat's operator certification.
The problem is, operators built with operator-sdk doesn't include these annotations by default, so they must be added manually.
Describe the solution you'd like.
Include these 7 annotations in the CSV, at least with a default value (false), so that users can modify them if required. In this way, preflight's RequiredAnnotations test would successfully pass.
Since this is a downstream specific requirement, I don't think it makes sense to add into this upstream project. The intent is for operator authors to be mindful of these annotations, if they were included in scaffolding, no one would ever change them.
hi @acornett21 I believe setting default labels could be beneficial. The idea is to allow partners to easily modify the default values if needed, rather than having to search everywhere for the labels they should add.
hey @tkrishtop the issue is that this is an upstream project, it's not specific to OpenShift, or certification centric in any way. This project isn't opinionated for specific/different downstream implementations.