Deploy ToolHive Operator into OpenShift (#1063) #1253
Conversation
RoddieKieley
commented
Aug 1, 2025
RoddieKieley
commented
* Update helm chart resources and seccompProfile type values for OKD environment.
* Update MCPServer Deployment with check for XDG_CONFIG_HOME and HOME env vars being set.
* Add OpenShift environment detection by way of route v1 API availability or OPENSHIFT_OPERATOR env var override.
Signed-off-by: Roddie Kieley <rkieley@redhat.com>
|
When running go-task operator-test I observed the following problem first:
As well as a number of test failures that didn't seem all associated with the changes in this PR. I passed the terminal output through cursor -> o3 with a request to write the content out to markdown which I'm attaching: I utilized the 'Option B' Fix for the "shell" issue above and that worked locally for me on Fedora 42. Not sure how other environment friendly that is however so not including it in the PR itself. Either way feedback welcome and would be curious if you've had any luck with OKD @jhrozek ? |
|
For awareness, I will be deploying OpenShift into our environment next week for @jhrozek to play around with ToolHive installations |
|
Hey @ChrisJBurns could you also suggest a default strategy for the XDG_CONFIG_HOME env vars? ATM we're hardcoding |
There was a problem hiding this comment.
Thank you for the patch @RoddieKieley ! We'll work with @ChrisJBurns on setting up the OKD cluster so we can test properly.
| defaultRetryInterval = 3 * time.Second | ||
| ) | ||
|
|
||
| var isOpenShift *bool = nil |
There was a problem hiding this comment.
(Not needed to include the PR, we can iterate on the patches in subsequent PRs as well)
I wonder if using sync.Once would be cleaner than using a global variable?
| break | ||
| } | ||
|
|
||
| time.Sleep(defaultRetryInterval) |
There was a problem hiding this comment.
Should we consider using ExponentialBackoff from k8s.io/apimachinery/pkg/util/wait?
(Again, can be done later)
| podTemplateSpec = ensurePodTemplateConfig(podTemplateSpec, containerLabels) | ||
| isOpenShift := false | ||
| // Get a config to talk to the apiserver | ||
| cfg, err := clientconfig.GetConfig() |
There was a problem hiding this comment.
I wonder if we should use rest.InClusterConfig here?
| func ensureRequiredEnvVars(env []corev1.EnvVar) []corev1.EnvVar { | ||
| // Check for the existence of the XDG_CONFIG_HOME and HOME environment variables | ||
| // and set them to /tmp if they don't exist | ||
| xdgConfigHomeFound := false |
There was a problem hiding this comment.
@ChrisJBurns do we have a ticket to ensure the proxy runner doesn't write any files? I think in general the proxy runner should be able to run with read-only filesystem
|
@RoddieKieley good news! Thanks to @ChrisJBurns we have an OKD cluster now 🚀 |
