Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

📖 initial personas draft #1824

Merged
merged 2 commits into from
Mar 3, 2025
Merged

📖 initial personas draft #1824

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f0df800
initial personas draft
grokspawn Feb 28, 2025
753cf8b
review updates
grokspawn Mar 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
103 changes: 103 additions & 0 deletions docs/draft/project/personas.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
# OLM Personas

This document attempts to identify essential roles in the OLM lifecycle and associate the duties logically performed by each role. Though some roles can be (and even may typically be) performed by the same actor, they are logically distinct roles with different goals.

OLM roles are broadly categorized here as **Producers** or **Consumers**, indicating whether that role typically is producing content for use in the ecosystem or is using (consuming) content.

# Consumers
## Cluster Admin
*Who is it?*

This role encompasses the basic full-permissions-required creation/maintenance of a cluster, and any non-OLM-ecosystem activities, such as creating, scaling, and upgrading a cluster.

*What does it do?*

- Creates cluster
- Scales cluster
- Miscellaneous Cluster Administration
- Upgrades cluster

## Cluster Extension Admin
*Who is it?*

This role encompasses privileged operations required for OLMv1 and associated operators to deploy workloads to the cluster. This role may exist as a set of activities executed by a cluster admin, but also may operate independently of that role, depending on the necessary privileges.
Here `extension` represents any individual OLMv1 installable, including (but not limited to) `registry+v1` bundles.

*What does it do?*

- Creates enabling infrastructure for extension lifecycle (service accounts, etc.)
- Installs extensions
- Upgrades extensions
- Removes extensions
- Browses extensions offered in installed `ClusterCatalogs`
- Derives minimum privilege for installation
- filters visibility on installable extensions
- Verifies that extension health is detectable to desired sensors

## Cluster Catalog Admin
*Who is it?*

This role encompasses the control of `ClusterCatalogs` on the running cluster. This role may exist as a set of activities executed by a cluster admin, but also may operate independently of that role, depending on the necessary privileges. This role is a collaboration with **Catalog Curators** and may also interact with **Catalog Manipulators**

*What does it do?*

- Adds/removes/updates catalogs
- Enables/disables catalogs
- Configures pull secrets necessary to access extensions from catalogs

## Cluster Monitors
*Who is it?*

This role represents any actor which monitors the status of the cluster and installed workloads. This may include
- Platform status
- Extension health
- Diagnostic notifications


# Producers
## Extension Author
*Who is it?*

This role encompasses folks who want to create an extension. It interacts with other **Producer** roles by generating a _catalog contribution_ to make extensions available on-cluster to **Cluster Extension Admins**. For example, a catalog contribution for a registry+v1 bundle is one/more bundle image and the upgrade graph expressed in [FBC](https://olm.operatorframework.io/docs/reference/file-based-catalogs/).

*What does it do?*
- Creates extension
- Builds/releases extension
- Validates extension
- Adjusts upgrade graph
- Publishes artifacts (i.e. images for registry+v1 bundle)

## Contribution Curator
*Who is it?*

This role is responsible for taking catalog contributions from **Extension Authors**, applying any changes necessary for publication, and supplying the resulting artifacts to the **Catalog Curator**. This role is frequently fulfilled by different developers than **Extension Authors**.

*What does it do?*
- Validates contributions
- Publishes contributions to registry

## Catalog Curator
*Who is it?*

This role is responsible for publishing a catalog index image to be used by **Consumers** to make workloads available on-cluster. Typically this role operates over multiple extensions, versions, and versioned releases of the final, published catalog.

*What does it do?*
- Aggregates contributions
- Validates aggregate catalog
- Publishes aggregate catalog

## Catalog Manipulator
*Who is it?*

This role is a general category for users who consume published catalogs and re-publish them in some way. Possible use-cases include
- Restricting available extension versions
- Providing enclave services to disconnected environments
- Reducing catalog size by restricting the number of included extensions

*What does it do?*
- Filters content
- Defines content access mapping to new environments (if modified)
- Provides catalog access in restricted environments