21.2. quay-operator
Note:
- Only supported on OCP-4.2 or newer
- UI supported on OCP-4.3 or newer
Added:
- Enhanced logic for Quay Configuration route
- Quay SSL Certificate uses TLS secret type
- Updated example Quay Ecosystem Custom Resource examples
- Retrofitted how external access is specified and managed
- New Schema for defining externalAccess as a field in QuayEcoystem
- Support for additional external access types (LoadBalancer and Ingress)
- Add additional roles to CSV to manage ingresses.
- Always use Port 8443 for Quay Config App’s health probes.
- The Quay Config App now continues running by default.
- The Redis and Hostname configuration are marked "Read Only" in the Quay Configuration App.
- Support for managing superusers.
- Add ability to inject certificates, and any other file, into the Quay and Clair secrets.
- (OpenShift) SCC management refinement. Removal of SCCs when QuayEcosystem is deleted through the use of finalizers.
- Certificates and other secrets are now mounted in a way that is compatible with Quay and Quay’s Config App.
- The operator now verifies the configuration for the Hostname, Redis, and Postgres when Quay’s configuration secret is changed.
Fixed:
- Resolved issues with GitHub Actions CI/CD pipeline
- Resolved issue when specifying multiple replicas of a given component
- The "Repo Mirror" pod is now health-checked using the correct port.
Known Issues:
- Configuring Storage Geo-Replication for Azure in the CR causes the deployment to fail.
- The Hostname is set to an IP Address when using Load Balancers on GCP which causes the self-signed certificate validation to fail in Quay’s Config Application.
- Using the Postgres or Redis images from Dockerhub will fail.
- For advanced persistance configurations, Quay’s PROXY_STORAGE feature is not exposed through the CR and can only be managed through Quay’s Config app.
- Quay’s Config App will always using TLS; it is not possible to configure it as HTTP-only in the CR.
- Node Ports do not currently work.
- Cloudfront cannot be properly configured using the CR. It can be managed using Quay’s configuration app.
- This version of the operator cannot be used for an automatic upgrade due to schema changes in the CR.