fix(image):allow image customization

- add patch to kustomization template to inject env for configStore to identify - update deployment manifest yamls Signed-off-by: Steven Zou <szou@vmware.com>
goharbor · Dec 16, 2020 · 62fa943 · 62fa943
1 parent 5bf5566
commit 62fa943
Show file tree

Hide file tree

Showing 19 changed files with 330 additions and 39 deletions.
diff --git a/controllers/goharbor/harborcluster/ctrl_setup.go b/controllers/goharbor/harborcluster/ctrl_setup.go
@@ -65,16 +65,22 @@ func (r *Reconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) err
 		k8s.WithLog(r.Log.WithName("cache")),
 		k8s.WithScheme(mgr.GetScheme()),
 		k8s.WithDClient(k8s.WrapDClient(dClient)),
-		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())))
+		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())),
+		k8s.WithConfigStore(r.ConfigStore),
+	)
 	r.DatabaseCtrl = database.NewDatabaseController(ctx,
 		k8s.WithLog(r.Log.WithName("database")),
 		k8s.WithScheme(mgr.GetScheme()),
 		k8s.WithDClient(k8s.WrapDClient(dClient)),
-		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())))
+		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())),
+		k8s.WithConfigStore(r.ConfigStore),
+	)
 	r.StorageCtrl = storage.NewMinIOController(ctx,
 		k8s.WithLog(r.Log.WithName("storage")),
 		k8s.WithScheme(mgr.GetScheme()),
-		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())))
+		k8s.WithClient(k8s.WrapClient(ctx, mgr.GetClient())),
+		k8s.WithConfigStore(r.ConfigStore),
+	)
 	r.HarborCtrl = harbor.NewHarborController(ctx,
 		k8s.WithLog(r.Log.WithName("harbor")),
 		k8s.WithScheme(mgr.GetScheme()),
@@ -89,9 +95,10 @@ func (r *Reconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager) err
 // New HarborCluster reconciler.
 func New(ctx context.Context, name string, configStore *configstore.Store) (commonCtrl.Reconciler, error) {
 	return &Reconciler{
-		Name:    name,
-		Version: application.GetVersion(ctx),
-		Log:     ctrl.Log.WithName(application.GetName(ctx)).WithName("controller").WithValues("controller", name),
+		Name:        name,
+		Version:     application.GetVersion(ctx),
+		ConfigStore: configStore,
+		Log:         ctrl.Log.WithName(application.GetName(ctx)).WithName("controller").WithValues("controller", name),
 	}, nil
 }
 

diff --git a/manifests/cluster/deployment.yaml b/manifests/cluster/deployment.yaml
@@ -13764,6 +13764,28 @@ spec:
         command:
         - /manager
         env:
+        - name: CORE_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-core:v2.1.2
+        - name: JOBSERVICE_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-jobservice:v2.1.2
+        - name: PORTAL_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-portal:v2.1.2
+        - name: REGISTRYCTL_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-registryctl:v2.1.2
+        - name: REGISTRY_DOCKER_IMAGE
+          value: quay.io/goharbor/registry-photon:v2.1.2
+        - name: CHARTMUSEUM_DOCKER_IMAGE
+          value: quay.io/goharbor/chartmuseum-photon:v2.1.2
+        - name: NOTARYSERVER_DOCKER_IMAGE
+          value: quay.io/goharbor/notary-server-photon:v2.1.2
+        - name: NOTARYSIGNER_DOCKER_IMAGE
+          value: quay.io/goharbor/notary-signer-photon:v2.1.2
+        - name: TRIVY_DOCKER_IMAGE
+          value: quay.io/goharbor/trivy-adapter-photon:v2.1.2
+        - name: HARBORCLUSTER_STORAGE_IMAGE
+          value: quay.io/goharbor/minio:RELEASE.2020-08-13T02-39-50Z
+        - name: HARBORCLUSTER_CACHE_IMAGE
+          value: quay.io/goharbor/redis:5.0-alpine
         - name: NAMESPACE
           valueFrom:
             fieldRef:

diff --git a/manifests/cluster/kustomization.yaml b/manifests/cluster/kustomization.yaml
@@ -18,6 +18,11 @@ resources:
   - github.com/zalando/postgres-operator/manifests?ref=v1.5.0 # postgresql operator
   - github.com/minio/operator?ref=v3.0.13 # minIO storage operator
 
+# If you have to override the image path, uncomment this patch and also change the image paths in the patch/patches-images.yaml file.
+# Then rebuild.
+patchesStrategicMerge:
+- patch/images.yaml
+
 patchesJson6902:
   - target:
       kind: Namespace

diff --git a/manifests/cluster/patch/images.yaml b/manifests/cluster/patch/images.yaml
@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: harbor-operator
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        env:
+          - name: CORE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-core:v2.1.2
+          - name: JOBSERVICE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-jobservice:v2.1.2
+          - name: PORTAL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-portal:v2.1.2
+          - name: REGISTRYCTL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-registryctl:v2.1.2
+          - name: REGISTRY_DOCKER_IMAGE
+            value: quay.io/goharbor/registry-photon:v2.1.2
+          - name: CHARTMUSEUM_DOCKER_IMAGE
+            value: quay.io/goharbor/chartmuseum-photon:v2.1.2
+          - name: NOTARYSERVER_DOCKER_IMAGE
+            value: quay.io/goharbor/notary-server-photon:v2.1.2
+          - name: NOTARYSIGNER_DOCKER_IMAGE
+            value: quay.io/goharbor/notary-signer-photon:v2.1.2
+          - name: TRIVY_DOCKER_IMAGE
+            value: quay.io/goharbor/trivy-adapter-photon:v2.1.2
+          - name: HARBORCLUSTER_STORAGE_IMAGE
+            value: quay.io/goharbor/minio:RELEASE.2020-08-13T02-39-50Z
+          - name: HARBORCLUSTER_CACHE_IMAGE
+            value: quay.io/goharbor/redis:5.0-alpine
diff --git a/manifests/commons/kustomization.yaml b/manifests/commons/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+patchesStrategicMerge:
+  - patches-images.yaml
diff --git a/manifests/commons/patches-images.yaml b/manifests/commons/patches-images.yaml
@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: harbor-operator
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        env:
+          - name: CORE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-core:v2.1.2
+          - name: JOBSERVICE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-jobservice:v2.1.2
+          - name: PORTAL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-portal:v2.1.2
+          - name: REGISTRYCTL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-registryctl:v2.1.2
+          - name: REGISTRY_DOCKER_IMAGE
+            value: quay.io/goharbor/registry-photon:v2.1.2
diff --git a/manifests/harbor/deployment.yaml b/manifests/harbor/deployment.yaml
@@ -2460,9 +2460,17 @@ spec:
                   minIOSpec:
                     description: inCLuster options.
                     properties:
+                      redirect:
+                        description: Determine if the redirection of minio storage is disabled.
+                        properties:
+                          disable:
+                            description: Disable the redirect. Default is false
+                            type: boolean
+                        type: object
                       replicas:
                         description: Supply number of replicas. For standalone mode, supply 1. For distributed mode, supply 4 to 16 drives (should be even). Note that the operator does not support upgrading from standalone to distributed mode.
                         format: int32
+                        minimum: 1
                         type: integer
                       resources:
                         description: If provided, use these requests and limit for cpu/memory resource allocation
@@ -2621,6 +2629,7 @@ spec:
                       volumesPerServer:
                         description: Number of persistent volumes that will be attached per server
                         format: int32
+                        minimum: 1
                         type: integer
                     required:
                     - replicas
@@ -11603,12 +11612,8 @@ rules:
   resources:
   - harborclusters
   verbs:
-  - create
-  - delete
   - get
   - list
-  - patch
-  - update
   - watch
 - apiGroups:
   - goharbor.io
@@ -11623,8 +11628,12 @@ rules:
   resources:
   - harbors
   verbs:
+  - create
+  - delete
   - get
   - list
+  - patch
+  - update
   - watch
 - apiGroups:
   - goharbor.io
@@ -12155,6 +12164,28 @@ spec:
         command:
         - /manager
         env:
+        - name: CORE_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-core:v2.1.2
+        - name: JOBSERVICE_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-jobservice:v2.1.2
+        - name: PORTAL_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-portal:v2.1.2
+        - name: REGISTRYCTL_DOCKER_IMAGE
+          value: quay.io/goharbor/harbor-registryctl:v2.1.2
+        - name: REGISTRY_DOCKER_IMAGE
+          value: quay.io/goharbor/registry-photon:v2.1.2
+        - name: CHARTMUSEUM_DOCKER_IMAGE
+          value: quay.io/goharbor/chartmuseum-photon:v2.1.2
+        - name: NOTARYSERVER_DOCKER_IMAGE
+          value: quay.io/goharbor/notary-server-photon:v2.1.2
+        - name: NOTARYSIGNER_DOCKER_IMAGE
+          value: quay.io/goharbor/notary-signer-photon:v2.1.2
+        - name: TRIVY_DOCKER_IMAGE
+          value: quay.io/goharbor/trivy-adapter-photon:v2.1.2
+        - name: HARBORCLUSTER_STORAGE_IMAGE
+          value: quay.io/goharbor/minio:RELEASE.2020-08-13T02-39-50Z
+        - name: HARBORCLUSTER_CACHE_IMAGE
+          value: quay.io/goharbor/redis:5.0-alpine
         - name: NAMESPACE
           valueFrom:
             fieldRef:
@@ -12166,15 +12197,15 @@ spec:
             port: ready
         name: manager
         ports:
-        - containerPort: 5000
-          name: ready
-          protocol: TCP
         - containerPort: 9443
           name: webhook-server
           protocol: TCP
         - containerPort: 8080
           name: metrics
           protocol: TCP
+        - containerPort: 5000
+          name: ready
+          protocol: TCP
         readinessProbe:
           httpGet:
             path: /readyz
@@ -12187,21 +12218,21 @@ spec:
             cpu: 300m
             memory: 200Mi
         volumeMounts:
-        - mountPath: /etc/harbor-operator
-          name: configuration-templates
-          readOnly: true
         - mountPath: /tmp/k8s-webhook-server/serving-certs
           name: cert
           readOnly: true
+        - mountPath: /etc/harbor-operator
+          name: configuration-templates
+          readOnly: true
       terminationGracePeriodSeconds: 10
       volumes:
-      - configMap:
-          name: config-template
-        name: configuration-templates
       - name: cert
         secret:
           defaultMode: 420
           secretName: webhook-server-cert
+      - configMap:
+          name: config-template
+        name: configuration-templates
 ---
 apiVersion: cert-manager.io/v1alpha2
 kind: Certificate

diff --git a/manifests/harbor/kustomization.yaml b/manifests/harbor/kustomization.yaml
@@ -15,6 +15,11 @@ resources:
   - namespace.yaml
   - ../../config/default # harbor operator
 
+# If you have to override the image path, uncomment this patch and also change the image paths in the patch/patches-images.yaml file.
+# Then rebuild.
+patchesStrategicMerge:
+  - patch/images.yaml
+
 images:
   - name: goharbor/harbor-operator
     newName: goharbor/harbor-operator

diff --git a/manifests/harbor/patch/images.yaml b/manifests/harbor/patch/images.yaml
@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: harbor-operator
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        env:
+          - name: CORE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-core:v2.1.2
+          - name: JOBSERVICE_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-jobservice:v2.1.2
+          - name: PORTAL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-portal:v2.1.2
+          - name: REGISTRYCTL_DOCKER_IMAGE
+            value: quay.io/goharbor/harbor-registryctl:v2.1.2
+          - name: REGISTRY_DOCKER_IMAGE
+            value: quay.io/goharbor/registry-photon:v2.1.2
+          - name: CHARTMUSEUM_DOCKER_IMAGE
+            value: quay.io/goharbor/chartmuseum-photon:v2.1.2
+          - name: NOTARYSERVER_DOCKER_IMAGE
+            value: quay.io/goharbor/notary-server-photon:v2.1.2
+          - name: NOTARYSIGNER_DOCKER_IMAGE
+            value: quay.io/goharbor/notary-signer-photon:v2.1.2
+          - name: TRIVY_DOCKER_IMAGE
+            value: quay.io/goharbor/trivy-adapter-photon:v2.1.2
+          - name: HARBORCLUSTER_STORAGE_IMAGE
+            value: quay.io/goharbor/minio:RELEASE.2020-08-13T02-39-50Z
+          - name: HARBORCLUSTER_CACHE_IMAGE
+            value: quay.io/goharbor/redis:5.0-alpine
diff --git a/pkg/cluster/controllers/cache/image.go b/pkg/cluster/controllers/cache/image.go
@@ -0,0 +1,33 @@
+// Copyright Project Harbor Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cache
+
+const (
+	DefaultCacheImage = "redis:5.0-alpine"
+	ConfigImageKey    = "cache-image"
+)
+
+// GetImage returns the configured image via configstore or default one.
+func (rm *redisResourceManager) GetImage() string {
+	image, err := rm.configStore.GetItemValue(ConfigImageKey)
+	if err != nil {
+		// Just logged
+		rm.logger.V(5).Error(err, "get cache image error", "image-key", ConfigImageKey)
+
+		image = DefaultCacheImage
+	}
+
+	return image
+}
diff --git a/pkg/cluster/controllers/cache/redis.go b/pkg/cluster/controllers/cache/redis.go
@@ -8,6 +8,7 @@ import (
 	"github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha2"
 	"github.com/goharbor/harbor-operator/pkg/cluster/lcm"
 	"github.com/goharbor/harbor-operator/pkg/k8s"
+	"github.com/ovh/configstore"
 	redisOp "github.com/spotahome/redis-operator/api/redisfailover/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -33,7 +34,8 @@ func NewRedisController(ctx context.Context, opts ...k8s.Option) lcm.Controller
 		Client:          ctrlOpts.Client,
 		Log:             ctrlOpts.Log,
 		Scheme:          ctrlOpts.Scheme,
-		ResourceManager: NewResourceManager(),
+		ResourceManager: NewResourceManager(ctrlOpts.ConfigStore, ctrlOpts.Log),
+		ConfigStore:     ctrlOpts.ConfigStore,
 	}
 }
 
@@ -47,6 +49,7 @@ type RedisController struct {
 	Scheme             *runtime.Scheme
 	RedisConnect       *RedisConnect
 	ResourceManager    ResourceManager
+	ConfigStore        *configstore.Store
 	expectCR, actualCR runtime.Object
 }