New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add example using oc new-app instead of apb push #257
Conversation
| NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD | ||
| asb-1338 asb-1338-ansible-service-broker.172.17.0.1.nip.io asb port-1338 reencrypt None | ||
|
|
||
| $ curl -H "Authorization: Bearer $(oc whoami -t)" -k -X POST https://asb-1338-ansible-service-broker.172.17.0.1.nip.io/ansible-service-broker/v2/bootstrap |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we call out the privileges required of the logged in user so their token is sufficient to talk to Broker?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 good call, added a link to our docs.
|
@akostadinov please take a look at the documentation workaround @dymurray proposes. Do you see any other issues or concerns we should address for a local developer who does not have docker access? Our thought is to get a first pass of this working, then come back to fine tune the experience. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good stuff!
Generally I'll just suggest using "service bundle" instead of "apb" except when you mean the apb tool.
docs/developers.md
Outdated
|
|
||
| * Step 2: Populate the internal OCP registry with our built APB image | ||
|
|
||
| This is what is normally handled by `apb push`. In order to build our image without using Docker, we will take advantage of the source-to-image functionality of OpenShift. By default, the Automation Broker is configured to look at the `openshift` namespace for published APBs. The `openshift` namespace is detailed in our documentation as a namespace which exposes it's images/imagestreams to be available to any authenticated user on the cluster. We will take advantage of this by using `oc new-app` in namespace `openshift` to build our image. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/it's/its/
docs/developers.md
Outdated
|
|
||
| If a developer meets any of these criteria, then we suggest the following workflow to publish images to the internal OCP registry so that the Automation Broker can bootstrap the image. This section will show you how to do these steps with the APB tooling and without. | ||
|
|
||
| * Step 1: Ensure the base64 encoded spec is a label on the Dockerfile |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor suggestion, but I think of this as being "in" the Dockerfile, not "on". It's not a property of the file, but part of its contents.
|
@dymurray , hi, do I understand correctly that one needs to:
Just want to make sure I understand correctly. Other than that, I think this looks good. Would be ideal if at some point @jianzhangbjz, FYI, maybe we can use more the OpenShift workflow in testing and low number of |
|
@akostadinov Yes, you're right. Thank you for your information. |
|
@akostadinov You do not need to run as Can you clarify what you meant by:
Are you referring to different permissioning levels? |
|
@dymurray , do you know which permissions would be enough? Perhaps we need do document them. wrt |
|
@akostadinov Yes I linked the permission documentation in this PR actually. And I see about your second point. Yes I think its worth filing an issue that we can trivially support this functionality with a new command in the tooling, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK
|
@mhrivnak is this good to merge now? |
No description provided.