Skip to content

Commit

Permalink
config: remove placeholder secret (#793)
Browse files Browse the repository at this point in the history 
- config: remove placeholder secret

in order to make the installation of Cartographer in carvel-based
packaging easier, we used to have this secret that gets filled by
secretgen-controller as part of the set of objects shipped in the
release, but given that it's such a packaging-specific detail, here we
get rid of it favoring `package-for-cartographer` as the location for
doing so.

see vmware-tanzu/package-for-cartographer#23 for
the PR where that addition of a secret to the package takes place (file:
src/cartographer/config/overlays/image-pull-secret.yaml)


- docs: remove placeholder secret

when installing cartographer, such object is not included anymore, so it
wouldn't show up in the list of objects that kapp is managing


- packaging: remove everything packaging related

any carvel packaging related to cartographer now takes place under
`vmware-tanzu/package-for-cartographer`, so, get rid of this leftover.


- hack: remove registry authentication

we used to bring up the registry with authentication enabled so that we
could be sure that the packaging work was right w/ regards to providing
credentials via secretgen's placeholder secrets, but now that such
responsability has shifted towards the packaging efforts under
`vmware-tanzu/package-for-cartographer`, we can now get rid of this
requirement from this repository


- hack: remove registry creds from examples setup

with the registry used by those not requiring any more auth, we can get
rid of those credentials from the setup.


- hack: remove references to registry-auth

with the removal of the need for authenticating against the registry
where we publish the release of cartographer, we can now skip all the
references to the previously `hack/registry-auth` directory where a
secretexport was placed for the credentials to the local registry

Signed-off-by: Ciro S. Costa <ciroscosta@vmware.com>
  • Loading branch information
Ciro S. Costa committed Apr 7, 2022
1 parent 9b7d058 commit 68b5b4b
Show file tree
Hide file tree
Showing 14 changed files with 1 addition and 307 deletions.
14 changes: 0 additions & 14 deletions config/manager/deployment.yaml
View file
Expand Up @@ -19,18 +19,6 @@ kind: Namespace
metadata:
name: cartographer-system

---
apiVersion: v1
kind: Secret
metadata:
name: private-registry-credentials
namespace: cartographer-system
annotations:
secretgen.carvel.dev/image-pull-secret: ""
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: e30K

---
apiVersion: apps/v1
kind: Deployment
Expand All @@ -51,8 +39,6 @@ spec:
app: cartographer-controller
spec:
serviceAccount: cartographer-controller
imagePullSecrets:
- name: private-registry-credentials
volumes:
- name: cert
secret:
Expand Down
1 change: 0 additions & 1 deletion hack/registry-auth/htpasswd
View file

This file was deleted.

35 changes: 0 additions & 35 deletions hack/registry-auth/secret.yaml
View file

This file was deleted.

21 changes: 0 additions & 21 deletions hack/registry-auth/values.yaml
View file

This file was deleted.

35 changes: 1 addition & 34 deletions hack/setup.sh
View file
Expand Up @@ -35,7 +35,6 @@ readonly CERT_MANAGER_VERSION=1.5.3
readonly KAPP_CONTROLLER_VERSION=0.32.0
readonly KNATIVE_SERVING_VERSION=0.26.0
readonly KPACK_VERSION=0.5.1
readonly SECRETGEN_CONTROLLER_VERSION=0.6.0
readonly SOURCE_CONTROLLER_VERSION=0.17.0
readonly TEKTON_VERSION=0.30.0
readonly GIT_SERVE_VERSION=0.0.5
Expand All @@ -55,7 +54,6 @@ main() {
start_local_cluster
install_cert_manager
install_kapp_controller
install_secretgen_controller
;;

cartographer)
Expand Down Expand Up @@ -125,8 +123,7 @@ install_cartographer() {
./hack/release.sh

ytt --ignore-unknown-comments \
--data-value registry="$REGISTRY" \
-f ./hack/registry-auth |
--data-value registry="$REGISTRY" |
kapp deploy -a cartographer --yes \
-f ./release \
-f-
Expand Down Expand Up @@ -178,28 +175,13 @@ display_vars() {
start_registry() {
log "starting registry"

echo -e "\n\nregistry credentials:\n
username: admin
password: admin
"

env DOCKER_USERNAME=admin \
DOCKER_PASSWORD=admin \
DOCKER_REGISTRY="$REGISTRY" \
DOCKER_CONFIG="$DOCKER_CONFIG" \
"$DIR/docker-login.sh"

docker container inspect $REGISTRY_CONTAINER_NAME &>/dev/null && {
echo "registry already exists"
return
}

docker run \
--detach \
-v "$DIR/registry-auth:/auth" \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
--name "$REGISTRY_CONTAINER_NAME" \
--publish "${REGISTRY_PORT}":5000 \
registry:2
Expand Down Expand Up @@ -280,13 +262,6 @@ install_kapp_controller() {
kapp deploy --yes -a kapp-controller -f-
}

install_secretgen_controller() {
ytt --ignore-unknown-comments \
-f "$DIR/overlays/remove-resource-requests-from-deployments.yaml" \
-f https://github.com/vmware-tanzu/carvel-secretgen-controller/releases/download/v$SECRETGEN_CONTROLLER_VERSION/release.yml |
kapp deploy --yes -a secretgen-controller -f-
}

install_knative_serving() {
ytt --ignore-unknown-comments \
-f https://github.com/knative/serving/releases/download/v$KNATIVE_SERVING_VERSION/serving-core.yaml \
Expand All @@ -313,15 +288,11 @@ setup_example_sc() {
-f "$DIR/../examples/shared" \
-f "$DIR/../examples/$test_name/values.yaml" \
--data-value registry.server="$REGISTRY" \
--data-value registry.username=admin \
--data-value registry.password=admin \
--data-value image_prefix="$REGISTRY/example-$test_name-")
kapp deploy --yes -a "example-$test_name" \
-f <(ytt --ignore-unknown-comments \
-f "$DIR/../examples/$test_name" \
--data-value registry.server="$REGISTRY" \
--data-value registry.username=admin \
--data-value registry.password=admin \
--data-value workload_name="$test_name" \
--data-value image_prefix="$REGISTRY/example-$test_name-")
}
Expand Down Expand Up @@ -471,16 +442,12 @@ setup_source_to_gitops() {
-f "$DIR/../examples/shared" \
-f "$DIR/../examples/$test_name/values.yaml" \
--data-value registry.server="$REGISTRY" \
--data-value registry.username=admin \
--data-value registry.password=admin \
--data-value image_prefix="$REGISTRY/example-$test_name-")

kapp deploy --yes -a "example-$test_name" \
-f <(ytt --ignore-unknown-comments \
-f "$DIR/../examples/$test_name" \
--data-value registry.server="$REGISTRY" \
--data-value registry.username=admin \
--data-value registry.password=admin \
--data-value workload_name="$test_name" \
--data-value image_prefix="$REGISTRY/example-$test_name-" \
--data-value source_repo.url="https://github.com/kontinue/hello-world" \
Expand Down
1 change: 0 additions & 1 deletion hack/upgrade-test.sh
View file
Expand Up @@ -79,7 +79,6 @@ install_cartographer_from_current_commit() {

ytt --ignore-unknown-comments \
--data-value registry="$REGISTRY" \
-f "$DIR/registry-auth" \
-f "$DIR/overlays/remove-resource-requests-from-deployments.yaml" \
-f release/cartographer.yaml |
kapp deploy --yes -a cartographer -f-
Expand Down
32 changes: 0 additions & 32 deletions packaging/objects/kapp-secret-ignore.yaml
View file

This file was deleted.

1 change: 0 additions & 1 deletion packaging/overlays/.gitkeep
View file

This file was deleted.

20 changes: 0 additions & 20 deletions packaging/overlays/strip-status.yaml
View file

This file was deleted.

34 changes: 0 additions & 34 deletions packaging/package-install.yaml
View file

This file was deleted.

40 changes: 0 additions & 40 deletions packaging/package-metadata.yaml
View file

This file was deleted.

50 changes: 0 additions & 50 deletions packaging/package.yaml
View file

This file was deleted.

0 comments on commit 68b5b4b

Please sign in to comment.