Prevent csv-finalizer Job from being included in operator release yam…

…ls (#2063)

Summary: Prevent csv-finalizer Job from being included in operator
release yamls

#2059 introduced a new Job that fixed helm's uninstall issues caused by
OLM's recent csv-finalizer addition. This properly addressed the helm
issues in #1917, however, it
broke the `px` cli install process since the Job wasn't excluded from
the operator release yamls. This results in `px-operator` namespace
termination as the cli is trying to deploy the vizier since the Job runs
unconditionally.

This change also renames the `deleter_role.yaml` file since it seems to
be accidentally included in the operator release yamls. Please see
testing done for how this was determined to be extraneous.

Relevant Issues: #1917

Type of change: /kind bug

Test Plan: Verified the following
- [x] `helm template` includes the `csv-finalizer` job
```
# Create dummy Chart.yaml to appease helm
$ helm template --set deployOLM=true  k8s/operator/helm/ | grep 'csv-deleter'
# Source: pixie/templates/csv-deleter.yaml
  name: csv-deleter
```
- [x] `bazel build k8s/operator:operator_templates` no longer includes
the `csv-finalizer` job or the `deleter_role.yaml`
```
$ tar -tf bazel-bin/k8s/operator/operator_templates.tar
yamls/
yamls/crds/
yamls/crds/olm_crd.yaml
yamls/crds/vizier_crd.yaml
yamls/templates/
yamls/templates/00_olm.yaml
yamls/templates/01_px_olm.yaml
yamls/templates/02_catalog.yaml
yamls/templates/03_subscription.yaml
yamls/templates/04_vizier.yaml
```
- [x] Verified deleter role is excluded from `px deploy`'s extracted
yaml.
[This](https://github.com/pixie-io/pixie/blob/9effb349be7a42f8b45ca8fce6cbfdac619349ac/src/utils/shared/artifacts/yamls.go#L165-L170)
code excludes anything that isn't a "crd" file or is isn't numerically
prefixed, which means the deleter role isn't included for `px` cli
deploys
```
$ px deploy --operator_version=0.1.7-pre-z1.0 -e . --deploy_key=<deploy_key>
$ tree pixie_yamls/
pixie_yamls/
├── 00_olm_crd.yaml
├── 01_vizier_crd.yaml
├── 02_olm.yaml
├── 03_px_olm.yaml
├── 04_catalog.yaml
├── 05_subscription.yaml
└── 06_vizier.yaml

1 directory, 7 files
```

---------

Signed-off-by: Dom Del Nano <[email protected]>

k8s/operator/helm/templates/00_olm.yaml

@@ -228,55 +228,4 @@ metadata:
 spec:
   targetNamespaces:
     - {{ .Values.olmNamespace }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: csv-deleter
-  namespace: {{ .Values.olmNamespace }}
-  annotations:
-    "helm.sh/hook": pre-delete
-    "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
-spec:
-  template:
-    spec:
-      restartPolicy: Never
-      serviceAccountName: olm-operator-serviceaccount
-      containers:
-        - name: trigger-csv-finalizer
-          image: ghcr.io/pixie-io/pixie-oss-pixie-dev-public-curl:multiarch-7.87.0@sha256:f7f265d5c64eb4463a43a99b6bf773f9e61a50aaa7cefaf564f43e42549a01dd
-          command:
-            - /bin/sh
-            - -c
-            - |
-              NAMESPACE="{{ .Values.olmOperatorNamespace }}"
-              API_SERVER="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
-              CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
-              TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
-
-              DELETE_STATUS=$(curl --cacert $CA_CERT \
-                                    -H "Authorization: Bearer $TOKEN" \
-                                    -X DELETE -s \
-                                    -o /dev/null -w "%{http_code}" \
-                                    $API_SERVER/api/v1/namespaces/$NAMESPACE)
-
-              if [ "$DELETE_STATUS" -ne 200 ] && [ "$DELETE_STATUS" -ne 202 ]; then
-                echo "Failed to initiate deletion for namespace $NAMESPACE. HTTP status code: $DELETE_STATUS"
-                exit 1
-              fi
-
-              echo "Waiting for finalizer in $NAMESPACE to complete..."
-              while true; do
-                STATUS=$(curl --cacert $CA_CERT \
-                              -H "Authorization: Bearer $TOKEN" \
-                              -o /dev/null -w "%{http_code}" -s \
-                              $API_SERVER/api/v1/namespaces/$NAMESPACE)
-                if [ "$STATUS" = "404" ]; then
-                  echo "Namespace $NAMESPACE finalizer completed."
-                  break
-                else
-                  echo "Finalizer still running in $NAMESPACE. Retrying in 5 seconds..."
-                  sleep 5
-                fi
-              done
 {{- end}}

k8s/operator/helm/templates/csv-deleter.yaml

@@ -0,0 +1,53 @@
+{{if .Values.deployOLM}}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: csv-deleter
+  namespace: {{ .Values.olmNamespace }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+spec:
+  template:
+    spec:
+      restartPolicy: Never
+      serviceAccountName: olm-operator-serviceaccount
+      containers:
+        - name: trigger-csv-finalizer
+          image: ghcr.io/pixie-io/pixie-oss-pixie-dev-public-curl:multiarch-7.87.0@sha256:f7f265d5c64eb4463a43a99b6bf773f9e61a50aaa7cefaf564f43e42549a01dd
+          command:
+            - /bin/sh
+            - -c
+            - |
+              NAMESPACE="{{ .Values.olmOperatorNamespace }}"
+              API_SERVER="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
+              CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+              TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
+
+              DELETE_STATUS=$(curl --cacert $CA_CERT \
+                                    -H "Authorization: Bearer $TOKEN" \
+                                    -X DELETE -s \
+                                    -o /dev/null -w "%{http_code}" \
+                                    $API_SERVER/api/v1/namespaces/$NAMESPACE)
+
+              if [ "$DELETE_STATUS" -ne 200 ] && [ "$DELETE_STATUS" -ne 202 ]; then
+                echo "Failed to initiate deletion for namespace $NAMESPACE. HTTP status code: $DELETE_STATUS"
+                exit 1
+              fi
+
+              echo "Waiting for finalizer in $NAMESPACE to complete..."
+              while true; do
+                STATUS=$(curl --cacert $CA_CERT \
+                              -H "Authorization: Bearer $TOKEN" \
+                              -o /dev/null -w "%{http_code}" -s \
+                              $API_SERVER/api/v1/namespaces/$NAMESPACE)
+                if [ "$STATUS" = "404" ]; then
+                  echo "Namespace $NAMESPACE finalizer completed."
+                  break
+                else
+                  echo "Finalizer still running in $NAMESPACE. Retrying in 5 seconds..."
+                  sleep 5
+                fi
+              done
+{{- end}}