diff --git a/k8s/operator/helm/templates/00_olm.yaml b/k8s/operator/helm/templates/00_olm.yaml index 186c9ace866..de9c5e30478 100644 --- a/k8s/operator/helm/templates/00_olm.yaml +++ b/k8s/operator/helm/templates/00_olm.yaml @@ -228,4 +228,55 @@ metadata: spec: targetNamespaces: - {{ .Values.olmNamespace }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: csv-deleter + namespace: {{ .Values.olmNamespace }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded,hook-failed +spec: + template: + spec: + restartPolicy: Never + serviceAccountName: olm-operator-serviceaccount + containers: + - name: trigger-csv-finalizer + image: ghcr.io/pixie-io/pixie-oss-pixie-dev-public-curl:multiarch-7.87.0@sha256:f7f265d5c64eb4463a43a99b6bf773f9e61a50aaa7cefaf564f43e42549a01dd + command: + - /bin/sh + - -c + - | + NAMESPACE="{{ .Values.olmOperatorNamespace }}" + API_SERVER="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT" + CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt + TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) + + DELETE_STATUS=$(curl --cacert $CA_CERT \ + -H "Authorization: Bearer $TOKEN" \ + -X DELETE -s \ + -o /dev/null -w "%{http_code}" \ + $API_SERVER/api/v1/namespaces/$NAMESPACE) + + if [ "$DELETE_STATUS" -ne 200 ] && [ "$DELETE_STATUS" -ne 202 ]; then + echo "Failed to initiate deletion for namespace $NAMESPACE. HTTP status code: $DELETE_STATUS" + exit 1 + fi + + echo "Waiting for finalizer in $NAMESPACE to complete..." + while true; do + STATUS=$(curl --cacert $CA_CERT \ + -H "Authorization: Bearer $TOKEN" \ + -o /dev/null -w "%{http_code}" -s \ + $API_SERVER/api/v1/namespaces/$NAMESPACE) + if [ "$STATUS" = "404" ]; then + echo "Namespace $NAMESPACE finalizer completed." + break + else + echo "Finalizer still running in $NAMESPACE. Retrying in 5 seconds..." + sleep 5 + fi + done {{- end}}