diff --git a/.buildkite/verify-overlays.sh b/.buildkite/verify-overlays.sh index 3b36151d..b9002c45 100755 --- a/.buildkite/verify-overlays.sh +++ b/.buildkite/verify-overlays.sh @@ -4,7 +4,7 @@ set -eu pushd "$(dirname "${BASH_SOURCE[0]}")"/.. OVERLAYS=() -mapfile -t OVERLAYS < <(find examples -maxdepth 1 -type d ! -name '.*' ! -name 'monitoring' ! -name 'ingress-controller' ! -name 'examples' -printf '%f\n') +mapfile -t OVERLAYS < <(find examples -maxdepth 1 -type d ! -name '.*' ! -name 'demo' ! -name 'monitoring' ! -name 'ingress-controller' ! -name 'examples' -printf '%f\n') for O in "${OVERLAYS[@]}"; do echo "<<<< GENERATING ${O} OVERLAY >>>>>" diff --git a/components/resources/imagepullsecrets/kustomization.yaml b/components/resources/imagepullsecrets/kustomization.yaml new file mode 100644 index 00000000..41fa9cb5 --- /dev/null +++ b/components/resources/imagepullsecrets/kustomization.yaml @@ -0,0 +1,33 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +patches: + - patch: |- + - op: add + path: /spec/template/spec/imagePullSecrets + value: + name: IMAGE_PULL_SECRET_NAME + target: + group: apps + kind: StatefulSet|Deployment|DaemonSet + version: v1 +replacements: + - source: + fieldPath: data.IMAGE_PULL_SECRET_NAME + kind: ConfigMap + name: sourcegraph-kustomize-build-config + targets: + - fieldPaths: + - spec.template.spec.imagePullSecrets.name + select: + group: apps + kind: Deployment + - fieldPaths: + - spec.template.spec.imagePullSecrets.name + select: + group: apps + kind: StatefulSet + - fieldPaths: + - spec.template.spec.imagePullSecrets.name + select: + group: apps + kind: DaemonSet diff --git a/examples/demo/private-registry/buildConfig.yaml b/examples/demo/private-registry/buildConfig.yaml new file mode 100644 index 00000000..939669ce --- /dev/null +++ b/examples/demo/private-registry/buildConfig.yaml @@ -0,0 +1,35 @@ +################################################################################################ +# [BUILD CONFIGURATIONS] +# Some components read the configuration values in this file during the Kustomize build-process +# +# HOW TO USE: +# Enter the configuration values as instructed by components used in your kustomization.yaml +# Always refer to the component’s documentation or comments before updating +################################################################################################ +apiVersion: v1 +kind: ConfigMap +metadata: + annotations: + description: Some components read the configuration values from the "data" field below during the build process. You only need to update this file if you are using components that require specific CONFIG_KEYS. If no components in your overlay require extra configuration, no update is necessary. + labels: + deploy: sourcegraph + name: sourcegraph-kustomize-build-config +data: + # example: + EXAMPLE_CONFIG_KEY: example + #-------- Update config options below ---------# + # AWS_MANAGED_CERT_ARN: __placeholder__ + # GKE_MANAGED_CERT_NAME: __placeholder__ + # HOST_DOMAIN: __placeholder__ + # NEW_REDIS_CACHE_ENDPOINT: __placeholder__ + # NEW_REDIS_STORE_ENDPOINT: __placeholder__ + PRIVATE_REGISTRY: my-private-registry.io + IMAGE_PULL_SECRET_NAME: secret-registry-key + # SSD_NODE_PATH: __placeholder__ + # STORAGECLASS_NAME: __placeholder__ + # STORAGECLASS_PROVISIONER: __placeholder__ + # STORAGECLASS_PARAM_TYPE: __placeholder__ + # TLS_HOST: __placeholder__ + # TLS_INGRESS_CLASS_NAME: __placeholder__ + # TLS_CLUSTER_ISSUER: __placeholder__ + # TLS_SECRET_NAME: __placeholder__ diff --git a/examples/demo/private-registry/kustomization.yaml b/examples/demo/private-registry/kustomization.yaml new file mode 100644 index 00000000..cc9bcce5 --- /dev/null +++ b/examples/demo/private-registry/kustomization.yaml @@ -0,0 +1,14 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: ns-sourcegraph +# Run all services with default values +resources: + # [REQUIRED: BUILD CONFIG] Update this file when using components that have "CONFIG KEYS" + - buildConfig.yaml # -- Update the CONFIG Key values in buildConfig.yaml when instructed + - ../../base/sourcegraph + - ../../base/monitoring +components: + - ../../components/resources/namespace + - ../../components/monitoring/tracing + - ../../components/enable/private-registry + - ../../components/resources/imagepullsecrets diff --git a/instances/template/buildConfig.template.yaml b/instances/template/buildConfig.template.yaml index e3ec7e4d..347370f2 100644 --- a/instances/template/buildConfig.template.yaml +++ b/instances/template/buildConfig.template.yaml @@ -24,6 +24,7 @@ data: # NEW_REDIS_CACHE_ENDPOINT: __placeholder__ # NEW_REDIS_STORE_ENDPOINT: __placeholder__ # PRIVATE_REGISTRY: __placeholder__ + # PRIVATE_REGISTRY_SECRET_KEY: __placeholder__ # SSD_NODE_PATH: __placeholder__ # STORAGECLASS_NAME: __placeholder__ # STORAGECLASS_PROVISIONER: __placeholder__ diff --git a/instances/template/kustomization.template.yaml b/instances/template/kustomization.template.yaml index a2188d56..9a7c5045 100644 --- a/instances/template/kustomization.template.yaml +++ b/instances/template/kustomization.template.yaml @@ -159,6 +159,9 @@ components: # - ../../components/enable/private-registry # -- Update images name to private registry name # CONFIG KEYS: PRIVATE_REGISTRY # + # - ../../components/resources/imagepullsecrets # -- Add imagePullSecrets field to all resources + # CONFIG KEYS: IMAGE_PULL_SECRET_NAME + # # ------------------------------------------------------------------------ # Permission Configurations # IMPORTANT: Keep the components below as the LAST components