quay · openshift-merge-bot · Jun 25, 2025 · Jun 4, 2025 · Jun 4, 2025 · Jun 6, 2025
diff --git a/apis/quay/v1/quayregistry_types.go b/apis/quay/v1/quayregistry_types.go
@@ -86,6 +86,11 @@ var supportsVolumeOverride = []ComponentKind{
 	ComponentClairPostgres,
 }
 
+var supportsStorageClassOverride = []ComponentKind{
+	ComponentPostgres,
+	ComponentClairPostgres,
+}
+
 var supportsEnvOverride = []ComponentKind{
 	ComponentQuay,
 	ComponentClair,
@@ -148,7 +153,9 @@ type Component struct {
 // Override describes configuration overrides for the given managed component
 type Override struct {
 	VolumeSize *resource.Quantity `json:"volumeSize,omitempty"`
-	Env        []corev1.EnvVar    `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name"`
+	// StorageClassName is the name of the StorageClass to use for the PVC.
+	StorageClassName *string         `json:"storageClassName,omitempty"`
+	Env              []corev1.EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name"`
 	// +nullable
 	Replicas    *int32            `json:"replicas,omitempty"`
 	Affinity    *corev1.Affinity  `json:"affinity,omitempty"`
@@ -209,6 +216,8 @@ const (
 	ConditionReasonMonitoringComponentDependencyError    ConditionReason = "MonitoringComponentDependencyError"
 	ConditionReasonConfigInvalid                         ConditionReason = "ConfigInvalid"
 	ConditionReasonComponentOverrideInvalid              ConditionReason = "ComponentOverrideInvalid"
+	ConditionReasonPVCPending                            ConditionReason = "PVCPending"
+	ConditionReasonPVCProvisioningFailed                 ConditionReason = "PVCProvisioningFailed"
 )
 
 // Condition is a single condition of a QuayRegistry.
@@ -509,6 +518,7 @@ func ValidateOverrides(quay *QuayRegistry) error {
 
 		hasaffinity := hasAffinity(component)
 		hasvolume := component.Overrides.VolumeSize != nil
+		hasstorageclass := component.Overrides.StorageClassName != nil
 		hasreplicas := component.Overrides.Replicas != nil
 		hasresources := component.Overrides.Resources != nil
 		hasenvvar := len(component.Overrides.Env) > 0
@@ -541,6 +551,13 @@ func ValidateOverrides(quay *QuayRegistry) error {
 			)
 		}
 
+		if hasstorageclass && !ComponentSupportsOverride(component.Kind, "storageClassName") {
+			return fmt.Errorf(
+				"component %s does not support storageClassName overrides",
+				component.Kind,
+			)
+		}
+
 		if hasenvvar && !ComponentSupportsOverride(component.Kind, "env") {
 			return fmt.Errorf(
 				"component %s does not support env overrides",
@@ -734,6 +751,8 @@ func ComponentSupportsOverride(component ComponentKind, override string) bool {
 	switch override {
 	case "volumeSize":
 		components = supportsVolumeOverride
+	case "storageClassName":
+		components = supportsStorageClassOverride
 	case "env":
 		components = supportsEnvOverride
 	case "replicas":
@@ -777,26 +796,29 @@ func GetReplicasOverrideForComponent(quay *QuayRegistry, kind ComponentKind) *in
 	return nil
 }
 
-// GetVolumeSizeOverrideForComponent returns the volume size overrides set by the user for the
-// provided component. Returns nil if not set.
+// GetVolumeSizeOverrideForComponent returns the volume size override for a given component kind.
 func GetVolumeSizeOverrideForComponent(
 	quay *QuayRegistry, kind ComponentKind,
 ) (qt *resource.Quantity) {
 	for _, component := range quay.Spec.Components {
-		if component.Kind != kind {
-			continue
+		if component.Kind == kind && component.Overrides != nil && component.Overrides.VolumeSize != nil {
+			return component.Overrides.VolumeSize
 		}
+	}
+	return nil
+}
 
-		if component.Overrides != nil && component.Overrides.VolumeSize != nil {
-			qt = component.Overrides.VolumeSize
+// GetStorageClassNameOverrideForComponent returns the StorageClass override for a given component kind.
+func GetStorageClassNameOverrideForComponent(quay *QuayRegistry, kind ComponentKind) *string {
+	for _, component := range quay.Spec.Components {
+		if component.Kind == kind && component.Overrides != nil && component.Overrides.StorageClassName != nil {
+			return component.Overrides.StorageClassName
 		}
-		return
 	}
-	return
+	return nil
 }
 
-// GetResourceOverridesForComponent returns the resource overrides set by the user for the
-// provided component. Returns nil if not set.
+// GetResourceOverridesForComponent returns the resource overrides for a given component kind.
 func GetResourceOverridesForComponent(
 	quay *QuayRegistry, kind ComponentKind,
 ) (resources *Resources) {

diff --git a/apis/quay/v1/quayregistry_types_test.go b/apis/quay/v1/quayregistry_types_test.go
@@ -481,6 +481,26 @@ var validateOverridesTests = []struct {
 		},
 		errors.New("component postgres does not support affinity overrides"),
 	},
+	{
+		"InvalidStorageClassNameOverride",
+		QuayRegistry{
+			Spec: QuayRegistrySpec{
+				Components: []Component{
+					{Kind: "postgres", Managed: true},
+					{Kind: "clairpostgres", Managed: true},
+					{Kind: "redis", Managed: true, Overrides: &Override{StorageClassName: ptr.To("foo")}},
+					{Kind: "clair", Managed: true},
+					{Kind: "objectstorage", Managed: true},
+					{Kind: "route", Managed: true},
+					{Kind: "tls", Managed: true},
+					{Kind: "horizontalpodautoscaler", Managed: true},
+					{Kind: "mirror", Managed: true},
+					{Kind: "monitoring", Managed: true},
+				},
+			},
+		},
+		errors.New("component redis does not support storageClassName overrides"),
+	},
 }
 
 func TestValidOverrides(t *testing.T) {

diff --git a/apis/quay/v1/zz_generated.deepcopy.go b/apis/quay/v1/zz_generated.deepcopy.go
diff --git a/bundle/manifests/quayregistries.crd.yaml b/bundle/manifests/quayregistries.crd.yaml
@@ -980,6 +980,10 @@ spec:
                                 quantity) pairs.
                               type: object
                           type: object
+                        storageClassName:
+                          description: StorageClassName is the name of the StorageClass
+                            to use for the PVC.
+                          type: string
                         volumeSize:
                           anyOf:
                           - type: integer

diff --git a/config/crd/bases/quay.redhat.com_quayregistries.yaml b/config/crd/bases/quay.redhat.com_quayregistries.yaml
@@ -980,6 +980,10 @@ spec:
                                 quantity) pairs.
                               type: object
                           type: object
+                        storageClassName:
+                          description: StorageClassName is the name of the StorageClass
+                            to use for the PVC.
+                          type: string
                         volumeSize:
                           anyOf:
                           - type: integer

diff --git a/config/samples/overrides.quayregistry.yaml b/config/samples/overrides.quayregistry.yaml
@@ -0,0 +1,24 @@
+apiVersion: quay.redhat.com/v1
+kind: QuayRegistry
+metadata:
+  name: registry
+  namespace: quay
+spec:
+  configBundleSecret: config-bundle-secret
+  components:
+    - kind: objectstorage
+      managed: false
+    - kind: route
+      managed: false
+    - kind: tls
+      managed: false
+    - kind: clair
+      managed: false
+    - kind: postgres
+      managed: true
+      overrides:
+        storageClassName: "local-path"
+    - kind: clairpostgres
+      managed: true
+      overrides:
+        storageClassName: "local-path"
diff --git a/controllers/quay/quayregistry_controller.go b/controllers/quay/quayregistry_controller.go
@@ -753,7 +753,7 @@ func (r *QuayRegistryReconciler) Reconcile(ctx context.Context, req ctrl.Request
 				v1.ConditionTypeRolloutBlocked,
 				metav1.ConditionTrue,
 				v1.ConditionReasonComponentCreationFailed,
-				fmt.Sprintf("error creating object: %s", err),
+				fmt.Sprintf("error creating/updating object %s %s: %s", obj.GetObjectKind().GroupVersionKind().Kind, obj.GetName(), err.Error()),
 			)
 		}
 	}

diff --git a/e2e/resource_overrides/00-assert.yaml b/e2e/resource_overrides/00-assert.yaml
@@ -47,4 +47,4 @@ spec:
               memory: 300Mi
             requests:
               cpu: 300m
-              memory: 300Mi
+              memory: 300Mi
diff --git a/e2e/resource_overrides/00-create-quay-registry.yaml b/e2e/resource_overrides/00-create-quay-registry.yaml
@@ -33,4 +33,4 @@ spec:
             memory: 300Mi
           requests:
             cpu: 300m
-            memory: 300Mi
+            memory: 300Mi
diff --git a/e2e/storageclass_overrides/00-assert.yaml b/e2e/storageclass_overrides/00-assert.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: skynet-clair-postgres-15
+spec:
+  storageClassName: local-path
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: skynet-quay-postgres-13
+spec:
+  storageClassName: local-path
diff --git a/e2e/storageclass_overrides/00-create-quay-registry.yaml b/e2e/storageclass_overrides/00-create-quay-registry.yaml
@@ -0,0 +1,15 @@
+apiVersion: quay.redhat.com/v1
+kind: QuayRegistry
+metadata:
+  name: skynet
+spec:
+  configBundleSecret: config-bundle-secret
+  components:
+    - kind: postgres
+      managed: true
+      overrides:
+        storageClassName: local-path
+    - kind: clairpostgres
+      managed: true
+      overrides:
+        storageClassName: local-path
diff --git a/go.mod b/go.mod
@@ -15,6 +15,7 @@ require (
 	github.com/tidwall/sjson v1.2.3
 	go.uber.org/zap v1.25.0
 	golang.org/x/net v0.24.0
+	golang.org/x/text v0.14.0
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
 	k8s.io/api v0.28.3
@@ -111,7 +112,6 @@ require (
 	golang.org/x/sync v0.7.0 // indirect
 	golang.org/x/sys v0.19.0 // indirect
 	golang.org/x/term v0.19.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.20.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect

diff --git a/main.go b/main.go
@@ -17,6 +17,7 @@ limitations under the License.
 package main
 
 import (
+	"context"
 	"crypto/tls"
 	"flag"
 	"os"
@@ -36,6 +37,7 @@ import (
 
 	quay "github.com/quay/quay-operator/apis/quay/v1"
 	quaycontroller "github.com/quay/quay-operator/controllers/quay"
+	corev1 "k8s.io/api/core/v1"
 	// +kubebuilder:scaffold:imports
 )
 
@@ -148,6 +150,21 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "QuayRegistryStatus")
 		os.Exit(1)
 	}
+
+	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &corev1.Event{}, "involvedObject.uid", func(rawObj client.Object) []string {
+		event, ok := rawObj.(*corev1.Event)
+		if !ok {
+			return nil
+		}
+		if event.InvolvedObject.UID == "" {
+			return nil
+		}
+		return []string{string(event.InvolvedObject.UID)}
+	}); err != nil {
+		setupLog.Error(err, "unable to set up field indexer for Event involvedObject.uid")
+		os.Exit(1)
+	}
+
 	// +kubebuilder:scaffold:builder
 
 	setupLog.Info("starting manager")

diff --git a/pkg/cmpstatus/clairpostgres.go b/pkg/cmpstatus/clairpostgres.go
@@ -2,23 +2,17 @@ package cmpstatus
 
 import (
 	"context"
-	"fmt"
 	"time"
 
-	appsv1 "k8s.io/api/apps/v1"
-	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	qv1 "github.com/quay/quay-operator/apis/quay/v1"
 )
 
-// ClairPostgres checks a quay registry clairpostgres component status. In order to evaluate the status for the
-// clair component we need to verify if clairpostgres succeed.
+// ClairPostgres checks a quay registry clairpostgres component status.
 type ClairPostgres struct {
 	Client client.Client
-	deploy deploy
 }
 
 // Name returns the component name this entity checks for health.
@@ -27,11 +21,9 @@ func (c *ClairPostgres) Name() string {
 }
 
 // Check verifies if the clairpostgres deployment associated with provided quay registry
-// were created and rolled out as expected.
-func (c *ClairPostgres) Check(ctx context.Context, reg qv1.QuayRegistry) (qv1.Condition, error) {
-	var zero qv1.Condition
-
-	if !qv1.ComponentIsManaged(reg.Spec.Components, qv1.ComponentClairPostgres) {
+// was created and rolled out as expected, also checking its PVC status dynamically.
+func (c *ClairPostgres) Check(ctx context.Context, quay qv1.QuayRegistry) (qv1.Condition, error) {
+	if !qv1.ComponentIsManaged(quay.Spec.Components, qv1.ComponentClairPostgres) {
 		return qv1.Condition{
 			Type:           qv1.ComponentClairPostgresReady,
 			Status:         metav1.ConditionTrue,
@@ -41,50 +33,12 @@ func (c *ClairPostgres) Check(ctx context.Context, reg qv1.QuayRegistry) (qv1.Co
 		}, nil
 	}
 
-	depname := fmt.Sprintf("%s-%s", reg.Name, "clair-postgres")
-	nsn := types.NamespacedName{
-		Namespace: reg.Namespace,
-		Name:      depname,
-	}
-
-	var dep appsv1.Deployment
-	if err := c.Client.Get(ctx, nsn, &dep); err != nil {
-		if errors.IsNotFound(err) {
-			msg := fmt.Sprintf("Deployment %s not found", depname)
-			return qv1.Condition{
-				Type:           qv1.ComponentClairPostgresReady,
-				Status:         metav1.ConditionFalse,
-				Reason:         qv1.ConditionReasonComponentNotReady,
-				Message:        msg,
-				LastUpdateTime: metav1.NewTime(time.Now()),
-			}, nil
-		}
-		return zero, err
-	}
-
-	if !qv1.Owns(reg, &dep) {
-		msg := fmt.Sprintf("Deployment %s not owned by QuayRegistry", depname)
-		return qv1.Condition{
-			Type:           qv1.ComponentClairPostgresReady,
-			Status:         metav1.ConditionFalse,
-			Reason:         qv1.ConditionReasonComponentNotReady,
-			Message:        msg,
-			LastUpdateTime: metav1.NewTime(time.Now()),
-		}, nil
-	}
-
-	cond := c.deploy.check(dep)
-	if cond.Status != metav1.ConditionTrue {
-		// if the deployment is in a faulty state bails out immediately.
-		cond.Type = qv1.ComponentClairPostgresReady
-		return cond, nil
-	}
-
-	return qv1.Condition{
-		Type:           qv1.ComponentClairPostgresReady,
-		Reason:         qv1.ConditionReasonComponentReady,
-		Status:         metav1.ConditionTrue,
-		Message:        "ClairPostgres component healthy",
-		LastUpdateTime: metav1.NewTime(time.Now()),
-	}, nil
+	return CheckDatabaseDeploymentAndPVCStatus(
+		ctx,
+		c.Client,
+		quay,
+		qv1.ComponentClairPostgres,
+		"clair-postgres",
+		qv1.ComponentClairPostgresReady,
+	)
 }