Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Manager image patch #101

Merged
merged 12 commits into from May 1, 2019

Conversation

Projects
None yet
4 participants
@ctab
Copy link
Member

commented Apr 29, 2019

Removing the image patch file from the repo and adding a template that can be used. Right now the repo's patch file has Max's image name and that gets overwritten with your own when you run make deploy.

I couldn't find a way to make the patch file optional (kustomize throws an error if it's not there) so make deploy creates a dummy file with an empty comment for now. Down the line hopefully we can figure out a better way.

ctab and others added some commits Apr 27, 2019

example manager image patch
Signed-off-by: Craig Tabita <ctab@google.com>
Update readme (#99)
* Update gitignore to not ignore logs packages

Signed-off-by: Max Smythe <smythe@google.com>

* Explicitly include vendor directory

Signed-off-by: Max Smythe <smythe@google.com>

* No need to run dep ensure

Signed-off-by: Max Smythe <smythe@google.com>

* No need to install dep

Signed-off-by: Max Smythe <smythe@google.com>

* Fix error in explicit inclusion of all vendor subpackages

Signed-off-by: Max Smythe <smythe@google.com>

* Remove vistigial config/default/manager_image_patch.yaml

Signed-off-by: Max Smythe <smythe@google.com>

* Add requirement that user have cluster-admin rolebinding to install instructions

Signed-off-by: Max Smythe <smythe@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Update readme
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
Signed-off-by: Craig Tabita <ctab@google.com>
manager image patch
Signed-off-by: Craig Tabita <ctab@google.com>
manager image patch
Signed-off-by: Craig Tabita <ctab@google.com>

@ctab ctab force-pushed the ctab:manager-image-patch branch from 9efa568 to 6eea024 Apr 29, 2019

ctab added some commits Apr 29, 2019

move patch file back to original location
Signed-off-by: Craig Tabita <ctab@google.com>

@ctab ctab force-pushed the ctab:manager-image-patch branch from 5360928 to 376fc0f Apr 29, 2019

rm empty image patch file
Signed-off-by: Craig Tabita <ctab@google.com>
Show resolved Hide resolved Makefile
README.md Outdated
If you want to deploy a released version of Gatekeeper in your cluster with a prebuilt image, then first copy the following kustomize configuration patch:

```sh
cp config/manager_image_patch_template.yaml config/manager_image_patch.yaml

This comment has been minimized.

Copy link
@ritazh

ritazh Apr 30, 2019

Contributor

Prebuilt Image here refers to a published image as part of a release we have previous cut. For example: quay.io/open-policy-agent/gatekeeper:v3.0.0

This deployment yaml https://raw.githubusercontent.com/open-policy-agent/gatekeeper/master/deploy/gatekeeper-constraint.yaml should work out of the box, without any modification. If you want to build you own image, then there are two options:

  1. Follow this to deploy head using Make
  2. Replace the gatekeeper image in gatekeeper-constraint.yaml with your own image.

This comment has been minimized.

Copy link
@ritazh

ritazh Apr 30, 2019

Contributor

Don't think this step is needed if user is using a prebuilt image.

This comment has been minimized.

Copy link
@ctab

ctab Apr 30, 2019

Author Member

Thanks @ritazh, I wasn't sure since I've only been doing the make deploy process. I'll remove this then.

ctab added some commits Apr 30, 2019

check in image patch file, go back to sed in makefile
Signed-off-by: Craig Tabita <ctab@google.com>
fix gitignore
Signed-off-by: Craig Tabita <ctab@google.com>
add patch file to make file
Signed-off-by: Craig Tabita <ctab@google.com>
@maxsmythe

This comment has been minimized.

Copy link
Contributor

commented Apr 30, 2019

Getting close.

The biggest use-case we haven't met is someone who downloads a blank repository. Currently if you were to delete manager_image_patch.yaml (to simulate a fresh repo) and run make deploy, the kustomize command would fail.

We should test for non-existence of manager_image_patch.yaml in the deploy rule, and write an empty patch if so. This would cause the above scenario to succeed.

add touch to make deploy
Signed-off-by: Craig Tabita <ctab@google.com>
@ctab

This comment has been minimized.

Copy link
Member Author

commented May 1, 2019

@maxsmythe Good call. I added a touch line to the deploy rule to address that.

@maxsmythe

This comment has been minimized.

Copy link
Contributor

commented May 1, 2019

LGTM

@maxsmythe maxsmythe merged commit 548bba7 into open-policy-agent:master May 1, 2019

3 checks passed

DCO DCO
Details
cla/linuxfoundation ctab authorized
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@ctab ctab deleted the ctab:manager-image-patch branch Jun 12, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.