Skip to content

DNM - Add cyborg validation job#1143

Open
amoralej wants to merge 9 commits into
openstack-k8s-operators:mainfrom
amoralej:add-cyborg-2
Open

DNM - Add cyborg validation job#1143
amoralej wants to merge 9 commits into
openstack-k8s-operators:mainfrom
amoralej:add-cyborg-2

Conversation

@amoralej

@amoralej amoralej commented Jun 29, 2026

Copy link
Copy Markdown

amoralej added 5 commits June 29, 2026 10:20
Using operator-sdk command:

operator-sdk create api --group cyborg --version v1beta1 --kind Cyborg --resource --controller
operator-sdk create api --group cyborg --version v1beta1 --kind CyborgAPI --resource --controller
operator-sdk create api --group cyborg --version v1beta1 --kind CyborgConductor --resource --controller

Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Define CRD specs for Cyborg, CyborgAPI and CyborgConductor resources:
- Add CyborgSpec with DB, RabbitMQ, Keystone and TLS configuration
- Add CyborgAPISpec and CyborgConductorSpec with configSecret,
  replicas, resources, nodeSelector and TLS fields
- Implement defaulting and validation webhooks for all three CRDs
- Register CRDs in the operator scheme
- Update CRD YAML manifests and CSV for OLM

Reconcile and configuration logic will be created in next commits.

Assisted-By: Claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Add full reconcile logic for the Cyborg CR:
- Manage RBAC resources (ServiceAccount, Role, RoleBinding)
- Validate input password secret and RabbitMQ TransportURL secret
- Create MariaDB database and run DB sync job via a batch Job
- Register Cyborg service in Keystone
- Create a sub-level secret aggregating DB credentials, transport URL
  and service password to be consumed by CyborgAPI and CyborgConductor
- Track readiness via structured conditions on CyborgStatus
- Add functional tests covering the full reconcile flow

Assisted-By: Claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Add full reconcile logic for the CyborgConductor CR:
- Validate input from the config secret created by the Cyborg controller
- Generate conductor config from templates (00-default.conf)
- Create a StatefulSet to run cyborg-conductor pods
- Track readiness (ReadyCount, conditions, hash, topology)
- Expose IsReady and topology helpers on CyborgConductor type
- Update CyborgConductorStatus with structured conditions and hash
- Extend Cyborg controller to propagate conductor and check readiness upwards
- Add functional tests for the conductor reconcile loop

Assisted-By: Claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Add full reconcile logic for the CyborgAPI CR:
- Validate input from config secret provided by the Cyborg controller
- Render WSGI/httpd and cyborg-api configuration templates
- Create a StatefulSet for cyborg-api pods with TLS support
- Register Keystone endpoints (public and internal) for the API
- Track readiness (ReadyCount, conditions, hash, topology)
- Expose IsReady and topology helpers on CyborgAPI type
- Extend Cyborg controller to create CyborgAPI and check readiness upwards
- Add functional tests covering the full API reconcile flow

Assisted-By: Claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
@openshift-ci openshift-ci Bot requested review from abays and jamepark4 June 29, 2026 09:46
@openshift-ci

openshift-ci Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: amoralej

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@amoralej amoralej force-pushed the add-cyborg-2 branch 4 times, most recently from 4b0a4bb to b748e25 Compare June 30, 2026 07:14
amoralej added 3 commits June 30, 2026 11:12
Deployment using httpd is not longer supported in kolla upstream images
since 2026.1 release [1].

Until there are proper S2I container images in the
openstack-k8s-operators namespace, use cyborg images from master branch
created using source to image proof of concept [2] pushed to amoralej
personal quay repo.

Also adjusting the location of the wsgi script for non-kolla images.

[1] https://review.opendev.org/c/openstack/kolla/+/986488
[2] https://github.com/amoralej/s2i-openstack-containers/

Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Add an end-to-end kuttl test suite for the Cyborg operator:
- Cleanup step to delete any pre-existing Cyborg CR before the test
- Deploy step creating a full Cyborg CR (cyborg-kuttl)
- Assert step verifying all conditions are True on Cyborg, CyborgAPI,
  CyborgConductor and MariaDBDatabase CRs
- Error step covering missing-dependency failure scenarios
- Register cyborg container images (api, conductor, agent) as default
  RELATED_IMAGE env vars in the manager deployment
- Enable ENABLE_CYBORG=true in the CI webhook deploy script

Assisted-By: Claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
The Cyborg controller now generates a `{name}-agent-config` secret
containing the rendered configuration for the cyborg-agent service
running on EDPM compute nodes. This secret is consumed by the
edpm-ansible cyborg role to configure the agent on the dataplane.

The shared 00-default.conf template is updated to guard the
[database] section with a conditional, allowing reuse for the
agent config without a separate template.

Assisted-By: claude
Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
This patch is adding a new job to deploy cyborg in the controlplane
and dataplane when any change in the content related to cyborg is detected.

Signed-off-by: Alfredo Moralejo <amoralej@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant