-
Notifications
You must be signed in to change notification settings - Fork 88
/
troubleshoot.go
199 lines (173 loc) · 8.09 KB
/
troubleshoot.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
package registry
import (
"encoding/base64"
"fmt"
"path"
"strings"
"github.com/pkg/errors"
kotsregistry "github.com/replicatedhq/kots/pkg/docker/registry"
"github.com/replicatedhq/kots/pkg/registry/types"
kotsv1beta1 "github.com/replicatedhq/kotskinds/apis/kots/v1beta1"
troubleshootv1beta2 "github.com/replicatedhq/troubleshoot/pkg/apis/troubleshoot/v1beta2"
"github.com/replicatedhq/troubleshoot/pkg/collect"
)
// UpdateCollectorSpecsWithRegistryData takes an array of collectors and some environment data (local registry info and license, etc)
// any image that needs to be rewritten to be compatible with the local registry settings or proxy pull
// will be updated and replaced in the spec. any required image pull secret will be automatically
// inserted into the spec
// an error is returned if anything failed, but the collectors param can always be used after calling (assuming no error)
//
// local registry always overwrites images
// proxy registry only overwrites private images
func UpdateCollectorSpecsWithRegistryData(collectors []*troubleshootv1beta2.Collect, localRegistryInfo types.RegistrySettings, installation kotsv1beta1.Installation, license *kotsv1beta1.License, kotsApplication *kotsv1beta1.Application) ([]*troubleshootv1beta2.Collect, error) {
if localRegistryInfo.IsValid() {
updatedCollectors, err := updateCollectorsWithLocalRegistryData(collectors, localRegistryInfo, installation, license)
if err != nil {
return nil, errors.Wrap(err, "failed to update collectors with local registry info")
}
return updatedCollectors, nil
}
updatedCollectors, err := updateCollectorsWithProxyRegistryData(collectors, localRegistryInfo, installation, license, kotsApplication)
if err != nil {
return nil, errors.Wrap(err, "failed to update collectors with replicated registry info")
}
return updatedCollectors, nil
}
func updateCollectorsWithLocalRegistryData(collectors []*troubleshootv1beta2.Collect, localRegistryInfo types.RegistrySettings, installation kotsv1beta1.Installation, license *kotsv1beta1.License) ([]*troubleshootv1beta2.Collect, error) {
updatedCollectors := []*troubleshootv1beta2.Collect{}
makeImagePullSecret := func(namespace string) (*troubleshootv1beta2.ImagePullSecrets, error) {
pullSecrets, err := kotsregistry.PullSecretForRegistries([]string{localRegistryInfo.Hostname}, localRegistryInfo.Username, localRegistryInfo.Password, namespace, "")
if err != nil {
return nil, err
}
imagePullSecret := &troubleshootv1beta2.ImagePullSecrets{
SecretType: "kubernetes.io/dockerconfigjson",
Data: map[string]string{
".dockerconfigjson": base64.StdEncoding.EncodeToString(pullSecrets.AdminConsoleSecret.Data[".dockerconfigjson"]),
},
}
return imagePullSecret, nil
}
for _, c := range collectors {
collector := troubleshootv1beta2.GetCollector(c)
if collector == nil {
continue
}
if imageRunner, ok := collector.(collect.ImageRunner); ok {
newImage := rewriteImage(localRegistryInfo.Hostname, localRegistryInfo.Namespace, imageRunner.GetImage())
imageRunner.SetImage(newImage)
imagePullSecret, err := makeImagePullSecret(imageRunner.GetNamespace())
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for image runner")
}
imageRunner.SetImagePullSecret(imagePullSecret)
} else if podSpecRunner, ok := collector.(collect.PodSpecRunner); ok {
imagePullSecret, err := makeImagePullSecret(podSpecRunner.GetNamespace())
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for pod runner")
}
podSpecRunner.SetImagePullSecret(imagePullSecret)
podSpec := podSpecRunner.GetPodSpec()
for i := range podSpec.InitContainers {
podSpec.InitContainers[i].Image = rewriteImage(localRegistryInfo.Hostname, localRegistryInfo.Namespace, podSpec.InitContainers[i].Image)
}
for i := range podSpec.Containers {
podSpec.Containers[i].Image = rewriteImage(localRegistryInfo.Hostname, localRegistryInfo.Namespace, podSpec.Containers[i].Image)
}
} else if c.RegistryImages != nil {
imagePullSecret, err := makeImagePullSecret(c.RegistryImages.Namespace)
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for registry images collector")
}
c.RegistryImages.ImagePullSecrets = imagePullSecret
images := []string{}
for _, knownImage := range installation.Spec.KnownImages {
image := rewriteImage(localRegistryInfo.Hostname, localRegistryInfo.Namespace, knownImage.Image)
images = append(images, image)
}
c.RegistryImages.Images = images
}
updatedCollectors = append(updatedCollectors, c)
}
return updatedCollectors, nil
}
func updateCollectorsWithProxyRegistryData(collectors []*troubleshootv1beta2.Collect, localRegistryInfo types.RegistrySettings, installation kotsv1beta1.Installation, license *kotsv1beta1.License, kotsApplication *kotsv1beta1.Application) ([]*troubleshootv1beta2.Collect, error) {
updatedCollectors := []*troubleshootv1beta2.Collect{}
registryProxyInfo := kotsregistry.GetRegistryProxyInfo(license, &installation, kotsApplication)
makeImagePullSecret := func(namespace string) (*troubleshootv1beta2.ImagePullSecrets, error) {
pullSecrets, err := kotsregistry.PullSecretForRegistries(registryProxyInfo.ToSlice(), license.Spec.LicenseID, license.Spec.LicenseID, namespace, "")
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for proxy registry")
}
imagePullSecret := &troubleshootv1beta2.ImagePullSecrets{
SecretType: "kubernetes.io/dockerconfigjson",
Data: map[string]string{
".dockerconfigjson": base64.StdEncoding.EncodeToString(pullSecrets.AdminConsoleSecret.Data[".dockerconfigjson"]),
},
}
return imagePullSecret, nil
}
rewrite := func(image string) string {
registryHost := strings.Split(image, "/")[0]
if registryHost == registryProxyInfo.Registry {
// if it's the replicated registry, no change, just add image pull secret
return image
}
tag := strings.Split(image, ":")
image = kotsregistry.MakeProxiedImageURL(registryProxyInfo.Proxy, license.Spec.AppSlug, image)
if len(tag) > 1 {
image = fmt.Sprintf("%s:%s", image, tag[len(tag)-1])
}
return image
}
// for all known private images, rewrite to the replicated proxy and add license image pull secret
for _, c := range collectors {
collector := troubleshootv1beta2.GetCollector(c)
if collector == nil {
continue
}
// all collectors that include images in the spec should have an if / else statement here
if imageRunner, ok := collector.(collect.ImageRunner); ok {
for _, knownImage := range installation.Spec.KnownImages {
image := imageRunner.GetImage()
if knownImage.Image != image || !knownImage.IsPrivate {
continue
}
imageRunner.SetImage(rewrite(image))
imagePullSecret, err := makeImagePullSecret(imageRunner.GetNamespace())
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for image runner")
}
imageRunner.SetImagePullSecret(imagePullSecret)
}
} else if podsSpecRunner, ok := collector.(collect.PodSpecRunner); ok {
podSpec := podsSpecRunner.GetPodSpec()
for _, knownImage := range installation.Spec.KnownImages {
for i, container := range podSpec.InitContainers {
if knownImage.Image != container.Image || !knownImage.IsPrivate {
continue
}
podSpec.InitContainers[i].Image = rewrite(container.Image)
}
for i, container := range podSpec.Containers {
if knownImage.Image != container.Image || !knownImage.IsPrivate {
continue
}
podSpec.Containers[i].Image = rewrite(container.Image)
}
}
imagePullSecret, err := makeImagePullSecret(podsSpecRunner.GetNamespace())
if err != nil {
return nil, errors.Wrap(err, "failed to generate pull secret for image runner")
}
podsSpecRunner.SetImagePullSecret(imagePullSecret)
}
updatedCollectors = append(updatedCollectors, c)
}
return updatedCollectors, nil
}
func rewriteImage(newHost string, newNamespace string, image string) string {
imageParts := strings.Split(image, "/")
imageNameWithOptionalTag := imageParts[len(imageParts)-1]
return path.Join(newHost, newNamespace, imageNameWithOptionalTag)
}