-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generalizing Container Registry config for Cluster builds( Kaniko ) #1892
Comments
@balopat @tejal29 @priyawadhwa |
Thank you @venkatk-25 for opening this proposal up. I think this scheme would be sufficient to cover all major registries that I can think of. It looks like for the sake of simplicity, you've used a string map for environment variables declaration. What about using an array of v1 EnvVar type? This will allow defining environment variables from existing secrets/configmaps/etc. What do you think? |
@azaiter, thought of it but since the schema didn't use the kube types anywhere, so wasn't sure but yes it makes perfect sense |
@venkatk-25 this is great and good candidate to put it in docs/design_proposals |
@tejal29 its not clear whether the proposal should be file in docs/design_proposals or description in PR from README. Can you clarify it, so I can create it accordingly. |
raised PR #1906 |
Thank you for the idea! I'm closing this issue as it's been open a while, and no progress seems to be being made on it. If someone feels strongly about this, feel free to comment here or re-raise an issue referencing this one. |
This proposal is to generalize the Registry configuration for kaniko pod, so that in future registries supported by kaniko can be supported seamlessly.
Current Scenario:
Kaniko supports 2 types of registries GCR and Docker, with former being mandatory always.
The implementation itself is repository specific and not extensible as we need to keep adding more logic for every new type of repository and keep maintaining compatibilty with registries/credhelpers.
The current looks like below( I have kept only required pieces from original code snippet):
Breaking down the requirements and generalizing:
If you observe the above piece of configuration, you will see both creds have same 2 fields, SecretName/SecretPath.
When we look into how they behave differently, we can observe the differences between them as follows:
If we can generalize the above points, then any configuration(GCR/ER/private registry/S3/GCS, etc..) breaks down to following steps:
New Proposal:
The same above can be re-configured in a more generic way as follows:
How different configurations fit into this scheme:
GCR/GCS
current scheme:
new scheme:
Private Registry:
current scheme:
new scheme:
ECR:
current scheme: None
new scheme( pushing-to-amazon-ecr) :
Pros :
Cons:
The text was updated successfully, but these errors were encountered: