From 3b93fb6ce85c090fe87d93414c92d89a48cec922 Mon Sep 17 00:00:00 2001 From: "Alex Ellis (OpenFaaS Ltd)" Date: Wed, 25 Oct 2023 21:03:25 +0100 Subject: [PATCH] Update Go version for builds Signed-off-by: Alex Ellis (OpenFaaS Ltd) --- Dockerfile | 4 ++-- GUIDE.md | 4 ---- LICENSE | 2 +- README.md | 36 +++++++++++++++++------------------- go.mod | 4 ++-- go.sum | 2 ++ hack/install-buildx.sh | 39 --------------------------------------- hack/install-docker.sh | 14 -------------- 8 files changed, 24 insertions(+), 81 deletions(-) delete mode 100755 hack/install-buildx.sh delete mode 100755 hack/install-docker.sh diff --git a/Dockerfile b/Dockerfile index 1ca5e14..2e0f51f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.19 as builder +FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.21 as builder ARG TARGETPLATFORM ARG BUILDPLATFORM @@ -22,7 +22,7 @@ COPY controllers/ controllers/ # Build RUN echo flags=${Version} ${GitCommit} RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \ - GO111MODULE=on go build -ldflags "-s -w -X main.Release=${Version} -X main.SHA=${GitCommit}" -a -o /usr/bin/controller + GO111MODULE=on go build -ldflags "-s -w -X main.Release=${Version} -X main.SHA=${GitCommit}" -o /usr/bin/controller # Refer to https://github.com/GoogleContainerTools/distroless for more details FROM --platform=${BUILDPLATFORM:-linux/amd64} gcr.io/distroless/static:nonroot diff --git a/GUIDE.md b/GUIDE.md index 6948acc..56c1085 100644 --- a/GUIDE.md +++ b/GUIDE.md @@ -11,10 +11,6 @@ ## Usage -This tool requires time and effort to maintain. - -If you use it at work, [become a sponsor](https://github.com/sponsors/alexellis). - ### Option A) Configuration with kubectl Apply the YAML for the manifest. diff --git a/LICENSE b/LICENSE index 1a73452..1810636 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 Alex Ellis +Copyright (c) 2023 OpenFaaS Ltd, Alex Ellis Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 90e8b0a..2b3dc9a 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,19 @@ [![CI status](https://github.com/alexellis/registry-creds/actions/workflows/ci-only.yaml/badge.svg)](https://github.com/alexellis/registry-creds/actions/workflows/ci-only.yaml) -This operator can be used to propagate a single ImagePullSecret to all namespaces within your cluster, so that images can be pulled with authentication. +This operator can be used to propagate a single ImagePullSecret to all namespaces within your cluster, so that images are pulled using authentication. -### Why is this operator required? +See also: [ROADMAP.md](/ROADMAP.md) + +### Use-case: Propagate a private registry secret to all namespaces + +The second use-case for this operator is to take an authentication token which is required to pull images from a private registry, and to make sure it's available and configured for each and every namespace. + +For example, if you were running a multi-tenant service, where customers had their own namespaces, and every Pod was pulled from a common private registry. You could use this operator to automate what would otherwise be a manual and error-prone process. -The primary reason for creating this operator, is to make it easier for users of Kubernetes to consume images from the Docker Hub after [recent pricing and rate-limiting changes](https://www.docker.com/pricing) were brought in, an authenticated account is now required to pull images. +### Use-case: Docker Hub Rate Limits + +The original need for this operator, was to make it easier for users of Kubernetes to consume images from the Docker Hub after [recent pricing and rate-limiting changes](https://www.docker.com/pricing) were brought in, an authenticated account is now required to pull images. These are the limits as understood at time of writing: @@ -25,24 +33,14 @@ The normal process is as follows, which becomes tedious and repetitive when you * Create a secret * Edit your service account, and add the name of the secret to `imagePullSecrets` -See also: [ROADMAP.md](/ROADMAP.md) - -## Getting started +## Getting Started -### Set up your sponsorship - -This tool requires time and effort to maintain, so if you use it at work, you should become a sponsor on GitHub: - -* [Set-up a sponsorship now](https://github.com/sponsors/alexellis) - -It's up to you to choose a tier or a custom amount based upon the value and time saving of the tool, plus its maintainance. - -Alternative approaches are available if you don't agree to these terms. +* [Install the tool](GUIDE.md) -### Install & configure the tool +## Support is for sponsors only -* [Install the tool](GUIDE.md) +Support is only offered to my [GitHub Sponsors](https://github.com/sponsors/alexellis). If you're sponsoring @alexellis or @openfaas on GitHub, then feel raise a GitHub issue to propose changes, new features and to request help with usage. -### Support +## License -[Sponsors](https://github.com/sponsors/alexellis) may raise a GitHub issue to propose changes, new features and to request help with usage. +MIT diff --git a/go.mod b/go.mod index 89e10b6..8d06fa2 100644 --- a/go.mod +++ b/go.mod @@ -1,9 +1,9 @@ module alexellis/registry-creds -go 1.18 +go 1.20 require ( - github.com/go-logr/logr v1.2.3 + github.com/go-logr/logr v1.2.4 github.com/pkg/errors v0.9.1 k8s.io/api v0.26.1 k8s.io/apimachinery v0.26.1 diff --git a/go.sum b/go.sum index 804f9c3..507232e 100644 --- a/go.sum +++ b/go.sum @@ -85,6 +85,8 @@ github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbV github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= diff --git a/hack/install-buildx.sh b/hack/install-buildx.sh deleted file mode 100755 index 324be54..0000000 --- a/hack/install-buildx.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -# Source: https://www.docker.com/blog/multi-arch-build-what-about-travis/ -if [ -n "$DEBUG" ]; then - set -x -fi - -set -o errexit -set -o nounset -set -o pipefail - -export DOCKER_CLI_EXPERIMENTAL=enabled - -if ! docker buildx 2>&1 >/dev/null; then - echo "buildx not available. Docker 19.03 or higher is required with experimental features enabled" - exit 1 -fi - -# We can skip setup if the current builder already has multi-arch -# AND if it isn't the docker driver, which doesn't work -current_builder="$(docker buildx inspect)" -# linux/amd64, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/386, linux/arm/v7, linux/arm/v6 -if ! grep -q "^Driver: docker$" <<<"${current_builder}" && \ - grep -q "linux/amd64" <<<"${current_builder}" && \ - grep -q "linux/arm" <<<"${current_builder}" && \ - grep -q "linux/arm64" <<<"${current_builder}"; then - exit 0 -fi - -# Ensure qemu is in binfmt_misc -# Docker desktop already has these in versions recent enough to have buildx -# We only need to do this setup on linux hosts -if [ "$(uname)" == 'Linux' ]; then - # NOTE: this is pinned to a digest for a reason! - docker run --rm --privileged multiarch/qemu-user-static@sha256:28ebe2e48220ae8fd5d04bb2c847293b24d7fbfad84f0b970246e0a4efd48ad6 --reset -p yes -fi - -# Ensure we use a builder that can leverage it (the default on linux will not) -docker buildx create --use --name=multiarch --node multiarch diff --git a/hack/install-docker.sh b/hack/install-docker.sh deleted file mode 100755 index 3ff5150..0000000 --- a/hack/install-docker.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -# Source: https://www.docker.com/blog/multi-arch-build-what-about-travis/ - -sudo rm -rf /var/lib/apt/lists/* -curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - -sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) edge" -sudo apt-get update -qy -sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce -mkdir -vp ~/.docker/cli-plugins/ -curl --silent -L "https://github.com/docker/buildx/releases/download/v0.3.0/buildx-v0.3.0.linux-amd64" > ~/.docker/cli-plugins/docker-buildx -chmod a+x ~/.docker/cli-plugins/docker-buildx -sudo systemctl start docker -