Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add imageRegistryCredentials handler #174

Merged
merged 12 commits into from
Sep 28, 2023
Merged

feat: add imageRegistryCredentials handler #174

merged 12 commits into from
Sep 28, 2023

Conversation

dkoshkin
Copy link
Contributor

This is big boy 😬
Adds a handler to set image registry credentials on the Cluster using Kubelet image credential provider
and dynamic credential provider.

      - name: clusterConfig
        value:
          imageRegistryCredentials:
            url: https://my-registry.io
            secret: my-registry-credentials

This handler also expects a Secret with keys username and password to already exist. Alternatively we can simplify this and expect an existing Secret as CAPI SecretFileSource that the handler doesn't need to read/write the Secret. But that didn't seem right as the format of the Secret would need to be very specific to the dynamic credential provider project.

Also verified by create a docker cluster and checking the KubeadmConfig

@dkoshkin dkoshkin marked this pull request as ready for review September 22, 2023 21:38
@dkoshkin dkoshkin force-pushed the dkoshkin/feat-image-registry branch 5 times, most recently from d9a4499 to 30ca4ad Compare September 25, 2023 23:17
@dkoshkin dkoshkin closed this Sep 27, 2023
@dkoshkin dkoshkin reopened this Sep 27, 2023
@dkoshkin
Copy link
Contributor Author

Tested with a private image in a Docker cluster:

Events:
  Type     Reason                  Age                From               Message
  ----     ------                  ----               ----               -------
  Normal   Scheduled               42s                default-scheduler  Successfully assigned default/nginx to docker-quick-start-md-0-krcqf-25k4v-r5k84
  Warning  FailedCreatePodSandBox  41s                kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "9b29e435643db3670bc4185f354708dc719157d6f1e2de121f86a992ebac1ba2": plugin type="calico" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/
  Normal   SandboxChanged          27s (x2 over 41s)  kubelet            Pod sandbox changed, it will be killed and re-created.
  Normal   Pulling                 26s                kubelet            Pulling image "dkoshkin/nginx:stable"
  Normal   Pulled                  9s                 kubelet            Successfully pulled image "dkoshkin/nginx:stable" in 9.280283022s (16.86162273s including waiting)
  Normal   Created                 9s                 kubelet            Created container nginx
  Normal   Started                 9s                 kubelet            Started container nginx

jimmidyson
jimmidyson reviewed Sep 28, 2023
View reviewed changes
api/v1alpha1/clusterconfig_types.go Show resolved Hide resolved
api/v1alpha1/clusterconfig_types.go Outdated Show resolved Hide resolved
api/v1alpha1/clusterconfig_types.go Outdated Show resolved Hide resolved
api/v1alpha1/clusterconfig_types.go Outdated Show resolved Hide resolved
@dkoshkin
Copy link
Contributor Author

Thank you @jimmidyson for the thorough review and the fixups!

@jimmidyson
Copy link
Member

jimmidyson commented Sep 28, 2023
edited
Loading

@dkoshkin Can we remove the do not merge label or are you still testing stuff out?

@dkoshkin
Copy link
Contributor Author

dkoshkin commented Sep 28, 2023
edited
Loading

🚢 thanks again @jimmidyson for the fixups, if you're happy with this lets merge

@jimmidyson jimmidyson merged commit 853d3a8 into main Sep 28, 2023
10 checks passed
@jimmidyson jimmidyson deleted the dkoshkin/feat-image-registry branch September 28, 2023 15:13
@github-actions github-actions bot mentioned this pull request Sep 28, 2023
Merged
dkoshkin pushed a commit that referenced this pull request Oct 19, 2023
@github-actions
build(main): release 0.2.0 (#170)
0bccd2d 
🤖 I have created a release *beep* *boop*
---


## 0.2.0 (2023-10-19)

<!-- Release notes generated using configuration in .github/release.yaml
at main -->

## What's Changed
### Exciting New Features 🎉
* feat: AWS cluster config patch by @jimmidyson in
#172
* feat: Combine generic variables with provider specific variables by
@jimmidyson in
#173
* feat: Use external patch for Docker provider custom image by
@jimmidyson in
#188
* feat: vendor infrastructure provider APIs by @dkoshkin in
#190
* feat: Introduce scheme and decoder helpers by @jimmidyson in
#191
* feat: add imageRegistryCredentials handler by @dkoshkin in
#174
* feat: Deploy default clusterclasses via helm by @jimmidyson in
#198
* feat: Add Calico CNI AWS ingress rules by @jimmidyson in
#206
* feat: CAPA v2.2.4 by @jimmidyson in
#211
* feat: Add worker configs var and handler by @dkoshkin in
#208
* feat: adds aws ebs config by @faiq in
#192
* feat: add AWS IAM instance profile patch by @dkoshkin in
#216
* feat: Calico 3.26.3 by @jimmidyson in
#218
* feat: add AWS instance type patch by @dkoshkin in
#217
* feat: variables and patches for AWS AMI spec by @supershal in
#225
* feat: add VPC ID and Subnet IDs patch by @dkoshkin in
#220
* feat: deploy AWS CPI by @faiq in
#229
### Fixes 🔧
* fix: bring back missing docker handlers by @dkoshkin in
#187
* fix: typo in docker cluster config api by @supershal in
#205
* fix: move provider fields under aws and docker by @dkoshkin in
#204
* fix: Correctly set external cloud provider for AWS by @jimmidyson in
#210
* fix: Adds AWS Calico installation configmap by @jimmidyson in
#212
* fix: Ensure CNI ingress rules are added to AWSCluster by @jimmidyson
in #213
* fix: Reduce log verbosity for http proxy variable not found by
@jimmidyson in
#214
* fix: Don't set AWS region as required by @dkoshkin in
#219
### Other Changes
* build: Add example files to release artifacts by @jimmidyson in
#169
* build: Add AWS clusterclass example by @jimmidyson in
#162
* refactor: Move generic handlers into generic directory by @jimmidyson
in #171
* ci: Simplify shell configuration by setting defaults by @jimmidyson in
#184
* build: Disable fortify hardener to enable local debugging by
@jimmidyson in
#186
* docs: Add more details about single var by @jimmidyson in
#185
* refactor: Move meta handlers to provider packages by @jimmidyson in
#193
* refactor: Use consistent decoder in mutators by @jimmidyson in
#196
* build: Suppress devbox envrc update notification by @jimmidyson in
#197
* build: Consistent behaviour in addons update scripts by @jimmidyson in
#207
* build: Allow past year in license header by @jimmidyson in
#209
* build: Increase golangci-lint timeout for slower GHA runners by
@jimmidyson in
#222
* refactor: Always use unstructured in patch generators by @jimmidyson
in #221
* build: Update tools by @jimmidyson in
#223
* refactor: Remove usage of non-meta handlers by @dkoshkin in
#226

## New Contributors
* @supershal made their first contribution in
#205

**Full Changelog**:
v0.1.2...v0.2.0

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions github-actions bot mentioned this pull request Dec 14, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jimmidyson jimmidyson jimmidyson approved these changes

@mhrabovcin mhrabovcin Awaiting requested review from mhrabovcin

@faiq faiq Awaiting requested review from faiq

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dkoshkin @jimmidyson