more descriptive upgrade contstraint policy constants

api/v1alpha1/clusterextension_types.go

@@ -33,15 +33,15 @@ type CRDUpgradeSafetyPolicy string
 const (
 	// The extension will only upgrade if the new version satisfies
 	// the upgrade constraints set by the package author.
-	UpgradeConstraintPolicyEnforce UpgradeConstraintPolicy = "Enforce"
+	UpgradeConstraintPolicyCatalogProvided UpgradeConstraintPolicy = "CatalogProvided"
 
 	// Unsafe option which allows an extension to be
 	// upgraded or downgraded to any available version of the package and
 	// ignore the upgrade path designed by package authors.
 	// This assumes that users independently verify the outcome of the changes.
 	// Use with caution as this can lead to unknown and potentially
 	// disastrous results such as data loss.
-	UpgradeConstraintPolicyIgnore UpgradeConstraintPolicy = "Ignore"
+	UpgradeConstraintPolicySelfCertified UpgradeConstraintPolicy = "SelfCertified"
 )
 
 // ClusterExtensionSpec defines the desired state of ClusterExtension
@@ -323,22 +323,22 @@ type CatalogSource struct {
 	// the upgrade path(s) defined in the catalog are enforced for the package
 	// referenced in the packageName field.
 	//
-	// Allowed values are: ["Enforce", "Ignore"].
+	// Allowed values are: ["CatalogProvided", "SelfCertified"].
 	//
-	// When this field is set to "Enforce", automatic upgrades will only occur
+	// When this field is set to "CatalogProvided", automatic upgrades will only occur
 	// when upgrade constraints specified by the package author are met.
 	//
-	// When this field is set to "Ignore", the upgrade constraints specified by
+	// When this field is set to "SelfCertified", the upgrade constraints specified by
 	// the package author are ignored. This allows for upgrades and downgrades to
 	// any version of the package. This is considered a dangerous operation as it
 	// can lead to unknown and potentially disastrous outcomes, such as data
 	// loss. It is assumed that users have independently verified changes when
 	// using this option.
 	//
-	// If unspecified, the default value is "Enforce".
+	// If unspecified, the default value is "CatalogProvided".
 	//
-	//+kubebuilder:validation:Enum:=Enforce;Ignore
-	//+kubebuilder:default:=Enforce
+	//+kubebuilder:validation:Enum:=CatalogProvided;SelfCertified
+	//+kubebuilder:default:=CatalogProvided
 	//+optional
 	UpgradeConstraintPolicy UpgradeConstraintPolicy `json:"upgradeConstraintPolicy,omitempty"`
 }

config/base/crd/bases/olm.operatorframework.io_clusterextensions.yaml

@@ -330,28 +330,28 @@ spec:
                         type: object
                         x-kubernetes-map-type: atomic
                       upgradeConstraintPolicy:
-                        default: Enforce
+                        default: CatalogProvided
                         description: |-
                           upgradeConstraintPolicy is an optional field that controls whether
                           the upgrade path(s) defined in the catalog are enforced for the package
                           referenced in the packageName field.
 
-                          Allowed values are: ["Enforce", "Ignore"].
+                          Allowed values are: ["CatalogProvided", "SelfCertified"].
 
-                          When this field is set to "Enforce", automatic upgrades will only occur
+                          When this field is set to "CatalogProvided", automatic upgrades will only occur
                           when upgrade constraints specified by the package author are met.
 
-                          When this field is set to "Ignore", the upgrade constraints specified by
+                          When this field is set to "SelfCertified", the upgrade constraints specified by
                           the package author are ignored. This allows for upgrades and downgrades to
                           any version of the package. This is considered a dangerous operation as it
                           can lead to unknown and potentially disastrous outcomes, such as data
                           loss. It is assumed that users have independently verified changes when
                           using this option.
 
-                          If unspecified, the default value is "Enforce".
+                          If unspecified, the default value is "CatalogProvided".
                         enum:
-                        - Enforce
-                        - Ignore
+                        - CatalogProvided
+                        - SelfCertified
                         type: string
                       version:
                         description: |-

docs/drafts/upgrade-support.md

@@ -42,17 +42,17 @@ spec:
   packageName: <package_name>
   serviceAccount:
     name: <service_account>
-  upgradeConstraintPolicy: Ignore
+  upgradeConstraintPolicy: SelfCertified
   version: "<version_or_version_range>"
 ```
 
 where setting the `upgradeConstraintPolicy` to:
 
-`Ignore`
+`SelfCertified`
 :   Does not limit the next version to the set of successors, and instead allows for any downgrade, sidegrade, or upgrade.
 
-`Enforce`
-:   Only allows the next version to come from the successors list. This is the default value. If the `upgradeConstraintPolicy` parameter is not defined in an extension's CR, then the policy is set to `Enforce` by default.
+`CatalogProvided`
+:   Only allows the next version to come from the successors list. This is the default value. If the `upgradeConstraintPolicy` parameter is not defined in an extension's CR, then the policy is set to `CatalogProvided` by default.
 
 ## Upgrades
 
@@ -74,11 +74,11 @@ You must verify and perform upgrades manually in cases where automatic upgrades
 
 **Warning:** If you want to force an upgrade manually, you must thoroughly verify the outcome before applying any changes to production workloads. Failure to test and verify the upgrade might lead to catastrophic consequences such as data loss.
 
-As a package admin, if you must upgrade or downgrade to version that might be incompatible with the currently installed version, you can set the `.spec.upgradeConstraintPolicy` field to `Ignore` on the relevant `ClusterExtension` resource.
+As a package admin, if you must upgrade or downgrade to version that might be incompatible with the currently installed version, you can set the `.spec.upgradeConstraintPolicy` field to `SelfCertified` on the relevant `ClusterExtension` resource.
 
-If you set the field to `Ignore`, no upgrade constraints are set on the package. As a result, you can change the version to any version available in the catalogs for a given package.
+If you set the field to `SelfCertified`, no upgrade constraints are set on the package. As a result, you can change the version to any version available in the catalogs for a given package.
 
-Example `ClusterExtension` with `.spec.upgradeConstraintPolicy` field set to `Ignore`:
+Example `ClusterExtension` with `.spec.upgradeConstraintPolicy` field set to `SelfCertified`:
 
 ```yaml
 apiVersion: olm.operatorframework.io/v1alpha1
@@ -91,7 +91,7 @@ spec:
     catalog:
       packageName: argocd-operator
       version: 0.6.0
-      upgradeConstraintPolicy: Ignore
+      upgradeConstraintPolicy: SelfCertified
   install:
     namespace: argocd
     serviceAccout:

internal/resolve/catalog.go

@@ -83,7 +83,7 @@ func (r *CatalogResolver) Resolve(ctx context.Context, ext *ocv1alpha1.ClusterEx
 			predicates = append(predicates, filter.InMastermindsSemverRange(versionRangeConstraints))
 		}
 
-		if ext.Spec.Source.Catalog.UpgradeConstraintPolicy != ocv1alpha1.UpgradeConstraintPolicyIgnore && installedBundle != nil {
+		if ext.Spec.Source.Catalog.UpgradeConstraintPolicy != ocv1alpha1.UpgradeConstraintPolicySelfCertified && installedBundle != nil {
 			successorPredicate, err := filter.SuccessorsOf(installedBundle, packageFBC.Channels...)
 			if err != nil {
 				return fmt.Errorf("error finding upgrade edges: %w", err)