The only update instructions for ECK that i've found are just kubectl apply -f and you're good to go. It's not that simple. For example I install the operator in specific namespaces because I don't want the operator to have access to all the namespaces. So when I do an update to CRDs it's going to update the CRDs for all the different operators in the various namespaces. I've tried to separate the install for different namespaces but it's not easy when the yaml has part CRDs that apply to all namespaces and then the actual operator install with roles, etc that are tied to a specific namespace.
It would be helpful if there was upgrade instructions for people that run the operator in specific namespaces.
As more people are aware of the security implications of CRDS and choose to run the operator in specific namespaces more people will have this problem.
My specific problem is I'm upgrading to 1.2.1 and I saw there are new Kinds 'Beats' and so now I need to update the CRDs but I don't want to adversely affect anything. And I may have a scenario where one operator in namespace A is running operator v 1.1.1 and another one say operator B is running operator 1.2.1. If I update the CRDs will they both be ok? And I have to dig through the yaml to separate the CRDs from the Operator and roles because the CRDs apply to globally but the Operator and roles are applied at the namespace level. Again this is all done for security reasons. I'd love to just run kubectl apply -f all-in-one and be done with it. But if I allow the operator to have global access I'm told that's a big security hole.