-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add imageRegistryCredentials handler #174
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dkoshkin
commented
Sep 22, 2023
dkoshkin
commented
Sep 22, 2023
dkoshkin
commented
Sep 22, 2023
jimmidyson
reviewed
Sep 25, 2023
jimmidyson
reviewed
Sep 25, 2023
d9a4499
to
30ca4ad
Compare
This will be implemented in a different PR
30ca4ad
to
fd5c35f
Compare
dkoshkin
commented
Sep 27, 2023
...n/imageregistries/credentials/templates/kubelet-image-credential-provider-config.yaml.gotmpl
Outdated
Show resolved
Hide resolved
dkoshkin
commented
Sep 27, 2023
...utation/imageregistries/credentials/templates/dynamic-credential-provider-config.yaml.gotmpl
Outdated
Show resolved
Hide resolved
67b4aaf
to
e1e3793
Compare
Tested with a private image in a Docker cluster:
|
e1e3793
to
85a73d5
Compare
85a73d5
to
cb229e7
Compare
jimmidyson
reviewed
Sep 28, 2023
jimmidyson
approved these changes
Sep 28, 2023
Thank you @jimmidyson for the thorough review and the fixups! |
…at-image-registry
250a992
to
5bbfb67
Compare
@dkoshkin Can we remove the |
🚢 thanks again @jimmidyson for the fixups, if you're happy with this lets merge |
dkoshkin
pushed a commit
that referenced
this pull request
Oct 19, 2023
🤖 I have created a release *beep* *boop* --- ## 0.2.0 (2023-10-19) <!-- Release notes generated using configuration in .github/release.yaml at main --> ## What's Changed ### Exciting New Features 🎉 * feat: AWS cluster config patch by @jimmidyson in #172 * feat: Combine generic variables with provider specific variables by @jimmidyson in #173 * feat: Use external patch for Docker provider custom image by @jimmidyson in #188 * feat: vendor infrastructure provider APIs by @dkoshkin in #190 * feat: Introduce scheme and decoder helpers by @jimmidyson in #191 * feat: add imageRegistryCredentials handler by @dkoshkin in #174 * feat: Deploy default clusterclasses via helm by @jimmidyson in #198 * feat: Add Calico CNI AWS ingress rules by @jimmidyson in #206 * feat: CAPA v2.2.4 by @jimmidyson in #211 * feat: Add worker configs var and handler by @dkoshkin in #208 * feat: adds aws ebs config by @faiq in #192 * feat: add AWS IAM instance profile patch by @dkoshkin in #216 * feat: Calico 3.26.3 by @jimmidyson in #218 * feat: add AWS instance type patch by @dkoshkin in #217 * feat: variables and patches for AWS AMI spec by @supershal in #225 * feat: add VPC ID and Subnet IDs patch by @dkoshkin in #220 * feat: deploy AWS CPI by @faiq in #229 ### Fixes 🔧 * fix: bring back missing docker handlers by @dkoshkin in #187 * fix: typo in docker cluster config api by @supershal in #205 * fix: move provider fields under aws and docker by @dkoshkin in #204 * fix: Correctly set external cloud provider for AWS by @jimmidyson in #210 * fix: Adds AWS Calico installation configmap by @jimmidyson in #212 * fix: Ensure CNI ingress rules are added to AWSCluster by @jimmidyson in #213 * fix: Reduce log verbosity for http proxy variable not found by @jimmidyson in #214 * fix: Don't set AWS region as required by @dkoshkin in #219 ### Other Changes * build: Add example files to release artifacts by @jimmidyson in #169 * build: Add AWS clusterclass example by @jimmidyson in #162 * refactor: Move generic handlers into generic directory by @jimmidyson in #171 * ci: Simplify shell configuration by setting defaults by @jimmidyson in #184 * build: Disable fortify hardener to enable local debugging by @jimmidyson in #186 * docs: Add more details about single var by @jimmidyson in #185 * refactor: Move meta handlers to provider packages by @jimmidyson in #193 * refactor: Use consistent decoder in mutators by @jimmidyson in #196 * build: Suppress devbox envrc update notification by @jimmidyson in #197 * build: Consistent behaviour in addons update scripts by @jimmidyson in #207 * build: Allow past year in license header by @jimmidyson in #209 * build: Increase golangci-lint timeout for slower GHA runners by @jimmidyson in #222 * refactor: Always use unstructured in patch generators by @jimmidyson in #221 * build: Update tools by @jimmidyson in #223 * refactor: Remove usage of non-meta handlers by @dkoshkin in #226 ## New Contributors * @supershal made their first contribution in #205 **Full Changelog**: v0.1.2...v0.2.0 --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is big boy 😬
Adds a handler to set image registry credentials on the Cluster using Kubelet image credential provider
and dynamic credential provider.
This handler also expects a Secret with keys
username
andpassword
to already exist. Alternatively we can simplify this and expect an existing Secret as CAPI SecretFileSource that the handler doesn't need to read/write the Secret. But that didn't seem right as the format of the Secret would need to be very specific to the dynamic credential provider project.Also verified by create a docker cluster and checking the
KubeadmConfig