[CECO-662] Add registry options in admission controller

[kisungyi92]

What does this PR do?

A brief description of the change being made with this pull request.

• This PR is for adding registry option in admissionController config so the customer can add custom registry based on needs.

Motivation

What inspired you to submit this pull request?

• This PR is inspired by : Registry setting is not inherited by admission controller for library injection #924

Additional Notes

Anything else we should know when reviewing?

Minimum Agent Versions

Are there minimum versions of the Datadog Agent and/or Cluster Agent required?

Agent: v7.51.0
Cluster Agent: v7.51.0

Describe your test plan

Test label overrides with < 1.7.0. (e.g. 1.6.0)

• Create DDA with spec.global.registry to “public.ecr.aws/datadog”.

spec:
  global:
    registry : public.ecr.aws/datadog

This configuration is applied for all agent image deployment, However, the init container image created by admission controller wasn’t affected by it.

In agent image deployment,

Containers:
  agent:
    Image:         public.ecr.aws/datadog/agent:7.53.0

But not in sidecar container image.

e.g. init container by admission controller - Library injection.

• follows default registry.

Init Containers:
  datadog-lib-js-init:
    Container ID:  
    Image:         gcr.io/datadoghq/dd-lib-js-init:latest

• Update the operator 1.7.0+.

Scenario 1

spec.global.registry will now be affected to not only all agent images but also admission controller sidecar container image.This will end up adding an environment variable : DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY in the cluster agent.

• Check the environment variable has been applied properly :

DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY:                gcr.io/datadoghq

Scenario 2

Depending on the use-case, init container image can only be edited by specifying “spec.features.admissionController.registry”.

This will take precedence over spec.global.registry. (which means, If both spec.global.registry and spec.features.admissionController.registry are set, second one will be applied for init container.)

• Add below parameter :

  features:
    admissionController:
      registry: asia.gcr.io/datadoghq

• Check the environment variable has been applied properly :
  • Take a look at the registry name If the features.admissionController.registry takes precedence.

DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY:                asia.gcr.io/datadoghq

• Lastly, check with test application If the sidecar container image has been applied correctly.

Init Containers:
  datadog-lib-js-init:
    Image:         asia.gcr.io/datadoghq/dd-lib-js-init:latest

Checklist

• PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
• PR has a milestone or the qa/skip-qa label

[github-actions]

This pull request does not contain a valid label. Please add one of the following labels: bug, enhancement, refactoring, documentation, tooling, dependencies

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 58.93%. Comparing base (0cf699a) to head (20f596d).
Report is 9 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1181      +/-   ##
==========================================
- Coverage   59.55%   58.93%   -0.63%     
==========================================
  Files         174      175       +1     
  Lines       21559    21941     +382     
==========================================
+ Hits        12839    12930      +91     
- Misses       7941     8227     +286     
- Partials      779      784       +5     

Flag	Coverage Δ
unittests	58.93% <100.00%> (-0.63%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
apis/datadoghq/v2alpha1/datadogagent_types.go	100.00% <ø> (ø)
...atadogagent/feature/admissioncontroller/feature.go	77.69% <100.00%> (+1.91%)	⬆️

... and 3 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0cf699a...20f596d. Read the comment docs.

[rtrieu]

Minor suggestion but otherwise looks good!

[khewonc]

Can you add tests for setting the registry field in the feature_test.go file?

[kisungyi92]

Test code file for AC has been added.

[kisungyi92]

This variable is correspond to "clusterAgent.admissionController.containerRegistry" in helm chart.

[kisungyi92]

/mergequeue

[dd-devflow]

⚠️

Action not found: mergequeue

If you need support, contact us on Slack #devflow!

[kisungyi92]

/merge

[dd-devflow]

❌ MergeQueue

You are not allowed to use the merge queue towards main.

If you need support, contact us on Slack #devflow with those details!