Fixed permissions for ServiceMonitor objects

[jpkrohling]

This PR fixes the permissions problems related to the creation of ServiceMonitor objects. After this PR, this is how a Jaeger Operator bootstrap looks like:

$ kubectl logs jaeger-operator-798b484d4b-zssb6 -f
time="2019-12-17T10:05:19Z" level=info msg=Versions arch=amd64 identity=openshift-marketplace.jaeger-operator jaeger=1.15.1 jaeger-operator=v1.15.1-29-g08132f63 operator-sdk=v0.12.0 os=linux version=go1.13.4
time="2019-12-17T10:05:23Z" level=info msg="Auto-detected the platform" platform=openshift
time="2019-12-17T10:05:23Z" level=info msg="Automatically adjusted the 'es-provision' flag" es-provision=no
time="2019-12-17T10:05:23Z" level=info msg="Automatically adjusted the 'kafka-provision' flag" kafka-provision=no
time="2019-12-17T10:05:23Z" level=info msg="The service account running this operator does not have the role 'system:auth-delegator', consider granting it for additional capabilities"

If the pod is killed and a new operator is started in the same namespace, the following is seen:

$ kubectl logs -f jaeger-operator-798b484d4b-tdfrg
time="2019-12-17T10:11:33Z" level=info msg=Versions arch=amd64 identity=openshift-marketplace.jaeger-operator jaeger=1.15.1 jaeger-operator=v1.15.1-29-g08132f63 operator-sdk=v0.12.0 os=linux version=go1.13.4
time="2019-12-17T10:11:37Z" level=info msg="Auto-detected the platform" platform=openshift
time="2019-12-17T10:11:37Z" level=info msg="Automatically adjusted the 'es-provision' flag" es-provision=no
time="2019-12-17T10:11:37Z" level=info msg="Automatically adjusted the 'kafka-provision' flag" kafka-provision=no
time="2019-12-17T10:11:37Z" level=info msg="The service account running this operator does not have the role 'system:auth-delegator', consider granting it for additional capabilities"
time="2019-12-17T10:11:44Z" level=warning msg="could not create ServiceMonitor object" error="servicemonitors.monitoring.coreos.com \"jaeger-operator-metrics\" already exists"

Fixes #804.

Signed-off-by: Juraci Paixão Kröhling [email protected]

[jpkrohling]

@jkandasa I tested this on a real OpenShift 4.2.2 cluster, but would you please also give this one a test?

[jkandasa]

@jpkrohling sure, can you please share the image details?

[jpkrohling]

Yes, sorry. Here it is: quay.io/jpkroehling/jaeger-operator:Bootstrap-warnings-1

[jpkrohling]

@pavolloffay, @objectiser I think this one should be included for 1.16.0. Given that it only adds permissions, I'd say that the risk of breaking things is low.

[jpkrohling]

I'm merging, but I'm ready to go back to this in case @jkandasa finds any problems.

[jkandasa]

@jpkrohling I installed this operator,

Initial log:

time="2019-12-17T15:44:53Z" level=info msg=Versions arch=amd64 identity=openshift-operators.jaeger-operator jaeger=1.15.1 jaeger-operator=v1.15.1-29-g08132f63 operator-sdk=v0.12.0 os=linux version=go1.13.4
time="2019-12-17T15:44:57Z" level=info msg="Auto-detected the platform" platform=openshift
time="2019-12-17T15:44:57Z" level=info msg="Automatically adjusted the 'es-provision' flag" es-provision=yes
time="2019-12-17T15:44:57Z" level=info msg="Automatically adjusted the 'kafka-provision' flag" kafka-provision=no
time="2019-12-17T15:44:57Z" level=info msg="The service account running this operator does not have the role 'system:auth-delegator', consider granting it for additional capabilities"

I killed the pod and the log from recreated pod:

time="2019-12-17T15:46:39Z" level=info msg=Versions arch=amd64 identity=openshift-operators.jaeger-operator jaeger=1.15.1 jaeger-operator=v1.15.1-29-g08132f63 operator-sdk=v0.12.0 os=linux version=go1.13.4
time="2019-12-17T15:46:43Z" level=info msg="Auto-detected the platform" platform=openshift
time="2019-12-17T15:46:43Z" level=info msg="Automatically adjusted the 'es-provision' flag" es-provision=yes
time="2019-12-17T15:46:43Z" level=info msg="Automatically adjusted the 'kafka-provision' flag" kafka-provision=no
time="2019-12-17T15:46:43Z" level=info msg="The service account running this operator does not have the role 'system:auth-delegator', consider granting it for additional capabilities"
time="2019-12-17T15:46:49Z" level=warning msg="could not create ServiceMonitor object" error="servicemonitors.monitoring.coreos.com \"jaeger-operator-metrics\" already exists"

I deployed all-in-one jaeger service and see the following error message. I do not see any impact on jaeger service deployment. Keep on reporting this error

time="2019-12-17T15:46:39Z" level=info msg=Versions arch=amd64 identity=openshift-operators.jaeger-operator jaeger=1.15.1 jaeger-operator=v1.15.1-29-g08132f63 operator-sdk=v0.12.0 os=linux version=go1.13.4
time="2019-12-17T15:46:43Z" level=info msg="Auto-detected the platform" platform=openshift
time="2019-12-17T15:46:43Z" level=info msg="Automatically adjusted the 'es-provision' flag" es-provision=yes
time="2019-12-17T15:46:43Z" level=info msg="Automatically adjusted the 'kafka-provision' flag" kafka-provision=no
time="2019-12-17T15:46:43Z" level=info msg="The service account running this operator does not have the role 'system:auth-delegator', consider granting it for additional capabilities"
time="2019-12-17T15:46:49Z" level=warning msg="could not create ServiceMonitor object" error="servicemonitors.monitoring.coreos.com \"jaeger-operator-metrics\" already exists"
time="2019-12-17T15:47:25Z" level=info msg="Storage type not provided. Falling back to 'memory'" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:26Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:24.893052246 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:53Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:27.302253329 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:54Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:54.364018319 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:55Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:55.433833947 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:56Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:56.501854464 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:57Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:57.573294156 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:58Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:58.638006756 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:47:59Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:47:59.704821032 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:00Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:00.76602494 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:02Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:02.108547694 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:04Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:04.732970349 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:09Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:09.915670434 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:20Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:20.216807852 +0000 UTC" instance=jaegerqe namespace=jkandasa
time="2019-12-17T15:48:40Z" level=error msg="failed to store the running status into the current CustomResource" error="the server could not find the requested resource (put jaegers.jaegertracing.io jaegerqe)" execution="2019-12-17 15:48:40.762705942 +0000 UTC" instance=jaegerqe namespace=jkandasa