Certified Operator Build Guide
Search…
Certified Operator Build Guide
Introduction
What is an Operator?
Pre-Requisites
Helm Operators
Building a Helm Operator
Using a Single Image Variable (Red Hat Marketplace)
Dockerfile Requirements
Update the Controller Manager
Building and Pushing Image
Ansible Operators
Building an Ansible Operator
Golang Operator Gotcha's
Writing to the Status Subresource
OpenShift Deployment
Operator Metadata
Installing an OpenShift Environment
Deploying onto OpenShift
Troubleshooting and Resources
Creating an Ansible Role From a Helm Chart
Security Context Constraints
Connect Metadata Test Results
Red Hat Marketplace Requirements
Appendix
What if I've already published a Community Operator?
Community Operators
AWS OpenShift 4 Cluster Quick Start Guide
Using Third Party Network Operators with OpenShift
Bundle Maintenance After Migration
Frequently Asked Questions (FAQ)
Multi-Arch Operator Certification
Powered By GitBook
Dockerfile Requirements
The Dockerfile can be found in the main directory of your operator project. For Certified Operator Images Dockerfile requirements are as follows:
  1. 1.
    You must configure the required labels (name, maintainer, vendor, version, release, summary)
  2. 2.
    Software license(s) must be included within the image.
Although typically labels and licenses are not required to successfully build a running image, they are required for the Red Hat build service and scanner.
Below is an example Dockerfile for a Helm Operator which includes the aforementioned requirements:
Dockerfile
# Build the manager binary
FROM registry.redhat.io/openshift4/ose-helm-operator:v4.7
​
### Required OpenShift Labels
LABEL name="Wordpress Operator" \
vendor="Bitnami" \
version="v0.0.1" \
release="1" \
summary="This is an example of a wordpress helm operator." \
description="This operator will deploy wordpress to the cluster."
​
# Required Licenses
COPY licenses /licenses
​
ENV HOME=/opt/helm
COPY watches.yaml ${HOME}/watches.yaml
COPY helm-charts ${HOME}/helm-charts
WORKDIR ${HOME}
​
A few things to note about the Dockerfile above:
  • The default FROM line produced by the SDK needs to be replaced with the line listed above.
  • This Dockerfile contains all of the required labels. These labels must be manually added (name, vendor, version, release, summary, and description).
  • This Dockerfile also references a licenses/ directory, which needs to be manually added to the root of the project. This directory must include the software license(s) of your project.
Your project directory structure should look similar to the hierarchy below. Note the location of the licenses directory.
wordpress-operator
.
├── charts
│   └── mariadb
│   ├── Chart.yaml
│   ├── files
│   │   └── docker-entrypoint-initdb.d
│   │   └── README.md
│   ├── OWNERS
│   ├── README.md
│   ├── templates
│   │   ├── _helpers.tpl
│   │   ├── initialization-configmap.yaml
│   │   ├── master-configmap.yaml
│   │   ├── master-pdb.yaml
│   │   ├── master-statefulset.yaml
│   │   ├── master-svc.yaml
│   │   ├── NOTES.txt
│   │   ├── rolebinding.yaml
│   │   ├── role.yaml
│   │   ├── secrets.yaml
│   │   ├── serviceaccount.yaml
│   │   ├── servicemonitor.yaml
│   │   ├── slave-configmap.yaml
│   │   ├── slave-pdb.yaml
│   │   ├── slave-statefulset.yaml
│   │   ├── slave-svc.yaml
│   │   ├── test-runner.yaml
│   │   └── tests.yaml
│   ├── values-production.yaml
│   ├── values.schema.json
│   └── values.yaml
├── Chart.yaml
├── config
│   ├── crd
│   │   ├── bases
│   │   │   └── example.com_wordpresses.yaml
│   │   └── kustomization.yaml
│   ├── default
│   │   ├── kustomization.yaml
│   │   └── manager_auth_proxy_patch.yaml
│   ├── manager
│   │   ├── kustomization.yaml
│   │   └── manager.yaml
│   ├── prometheus
│   │   ├── kustomization.yaml
│   │   └── monitor.yaml
│   ├── rbac
│   │   ├── auth_proxy_client_clusterrole.yaml
│   │   ├── auth_proxy_role_binding.yaml
│   │   ├── auth_proxy_role.yaml
│   │   ├── auth_proxy_service.yaml
│   │   ├── kustomization.yaml
│   │   ├── leader_election_role_binding.yaml
│   │   ├── leader_election_role.yaml
│   │   ├── role_binding.yaml
│   │   ├── role.yaml
│   │   ├── wordpress_editor_role.yaml
│   │   └── wordpress_viewer_role.yaml
│   ├── samples
│   │   ├── example_v1alpha1_wordpress.yaml
│   │   └── kustomization.yaml
│   └── scorecard
│   ├── bases
│   │   └── config.yaml
│   ├── kustomization.yaml
│   └── patches
│   ├── basic.config.yaml
│   └── olm.config.yaml
├── Dockerfile
├── helm-charts
│   └── wordpress
│   ├── charts
│   ├── Chart.yaml
│   ├── templates
│   │   ├── deployment.yaml
│   │   ├── _helpers.tpl
│   │   ├── hpa.yaml
│   │   ├── ingress.yaml
│   │   ├── NOTES.txt
│   │   ├── serviceaccount.yaml
│   │   ├── service.yaml
│   │   └── tests
│   │   └── test-connection.yaml
│   └── values.yaml
├── licenses
│   └── license.txt
├── Makefile
├── PROJECT
├── README.md
├── requirements.lock
├── requirements.yaml
├── templates
│   ├── deployment.yaml
│   ├── externaldb-secrets.yaml
│   ├── _helpers.tpl
│   ├── ingress.yaml
│   ├── NOTES.txt
│   ├── pvc.yaml
│   ├── secrets.yaml
│   ├── servicemonitor.yaml
│   ├── svc.yaml
│   ├── tests
│   │   └── test-mariadb-connection.yaml
│   └── tls-secrets.yaml
├── values.schema.json
├── values.yaml
└── watches.yaml
Previous
Using a Single Image Variable (Red Hat Marketplace)
Next
Update the Controller Manager
Last modified 1yr ago
Copy link