From 44f6a9ada945943a9ac4a26a47fed8a44d5ce992 Mon Sep 17 00:00:00 2001 From: Akhil Mohan Date: Tue, 12 Jan 2021 12:58:04 +0530 Subject: [PATCH] feat(pool, volume): add image pull secrets to pool and volume deployment (#225) * add a method to get image pull secrets from env * add image pull secrets to pool and volume pods Signed-off-by: Akhil Mohan --- go.mod | 2 +- go.sum | 4 +- .../cstorvolumeconfig/deployment.go | 1 + pkg/cspc/algorithm/build_deploy.go | 1 + .../openebs/api/v2/pkg/kubernetes/core/pod.go | 10 +++++ .../api/v2/pkg/kubernetes/core/secret.go | 42 +++++++++++++++++++ .../github.com/openebs/api/v2/pkg/util/env.go | 10 ++++- vendor/modules.txt | 2 +- 8 files changed, 67 insertions(+), 5 deletions(-) create mode 100644 vendor/github.com/openebs/api/v2/pkg/kubernetes/core/secret.go diff --git a/go.mod b/go.mod index fb031ee6..43b0d828 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/imdario/mergo v0.3.8 // indirect github.com/onsi/ginkgo v1.12.0 github.com/onsi/gomega v1.9.0 - github.com/openebs/api/v2 v2.1.0 + github.com/openebs/api/v2 v2.2.0 github.com/pkg/errors v0.9.1 github.com/spf13/cobra v0.0.5 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 61d0ebf4..ffbafebd 100644 --- a/go.sum +++ b/go.sum @@ -387,8 +387,8 @@ github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zM github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runtime-spec v1.0.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.3.1-0.20190929122143-5215b1806f52/go.mod h1:+BLncwf63G4dgOzykXAxcmnFlUaOlkDdmw/CqsW6pjs= -github.com/openebs/api/v2 v2.1.0 h1:2DPzT93t2r76MXTUGbTCcBIhM5x+KXDsC04cNossMLU= -github.com/openebs/api/v2 v2.1.0/go.mod h1:CTvN3qWesanPiu7KWouKPN70nL4DyUwITfyjiO/85cs= +github.com/openebs/api/v2 v2.2.0 h1:JKB6vRTKveMmmouPv6gKfnvca13XU2yvZC/KQm2PR9I= +github.com/openebs/api/v2 v2.2.0/go.mod h1:CTvN3qWesanPiu7KWouKPN70nL4DyUwITfyjiO/85cs= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.1.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= diff --git a/pkg/controllers/cstorvolumeconfig/deployment.go b/pkg/controllers/cstorvolumeconfig/deployment.go index 6984f393..3cc56d10 100644 --- a/pkg/controllers/cstorvolumeconfig/deployment.go +++ b/pkg/controllers/cstorvolumeconfig/deployment.go @@ -399,6 +399,7 @@ func (c *CVCController) BuildTargetDeployment( WithPriorityClassName(getPriorityClass(policySpec)). WithNodeSelectorByValue(policySpec.Target.NodeSelector). WithTolerationsNew(getDeployTolerations(policySpec)...). + WithImagePullSecrets(apicore.GetImagePullSecrets(util.GetOpenEBSImagePullSecrets())). WithContainers( apicore.NewContainer(). WithImage(getVolumeTargetImage()). diff --git a/pkg/cspc/algorithm/build_deploy.go b/pkg/cspc/algorithm/build_deploy.go index c24950dc..9e432cdf 100644 --- a/pkg/cspc/algorithm/build_deploy.go +++ b/pkg/cspc/algorithm/build_deploy.go @@ -93,6 +93,7 @@ func (c *Config) GetPoolDeploySpec(cspi *cstor.CStorPoolInstance) *appsv1.Deploy WithAnnotationsNew(getPodAnnotations()). WithServiceAccountName(util.GetServiceAccountName()). WithTolerations(getPoolPodToleration(cspi)...). + WithImagePullSecrets(coreapi.GetImagePullSecrets(util.GetOpenEBSImagePullSecrets())). WithContainers( coreapi.NewContainer(). WithImage(getPoolMgmtImage()). diff --git a/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/pod.go b/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/pod.go index abaf717b..9371e4d9 100644 --- a/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/pod.go +++ b/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/pod.go @@ -185,6 +185,16 @@ func (p *PodTemplateSpec) WithVolumes(volumerList ...*Volume) *PodTemplateSpec { return p } +// WithImagePullSecrets sets the pod image pull secrets +// if the length is zero then no secret is needed to pull the image +func (p *PodTemplateSpec) WithImagePullSecrets(secrets []corev1.LocalObjectReference) *PodTemplateSpec { + if len(secrets) == 0 { + return p + } + p.Spec.ImagePullSecrets = secrets + return p +} + func (p *PodTemplateSpec) Build() *corev1.PodTemplateSpec { return p.PodTemplateSpec } diff --git a/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/secret.go b/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/secret.go new file mode 100644 index 00000000..73bb9185 --- /dev/null +++ b/vendor/github.com/openebs/api/v2/pkg/kubernetes/core/secret.go @@ -0,0 +1,42 @@ +/* +Copyright 2021 The OpenEBS Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package core + +import ( + "strings" + + corev1 "k8s.io/api/core/v1" +) + +// GetImagePullSecrets parses and transforms the +// string to corev1.LocalObjectReference. +// multiple secrets are separated by commas +func GetImagePullSecrets(s string) []corev1.LocalObjectReference { + s = strings.TrimSpace(s) + list := make([]corev1.LocalObjectReference, 0) + if len(s) == 0 { + return list + } + arr := strings.Split(s, ",") + for _, item := range arr { + if len(item) > 0 { + l := corev1.LocalObjectReference{Name: strings.TrimSpace(item)} + list = append(list, l) + } + } + return list +} diff --git a/vendor/github.com/openebs/api/v2/pkg/util/env.go b/vendor/github.com/openebs/api/v2/pkg/util/env.go index 1ff45056..8e940b24 100644 --- a/vendor/github.com/openebs/api/v2/pkg/util/env.go +++ b/vendor/github.com/openebs/api/v2/pkg/util/env.go @@ -37,7 +37,7 @@ const ( // This environment variable is set via kubernetes downward API Namespace = "NAMESPACE" - // DefaultOpenEBSServiceAccount name of the default openebs service accout with + // DefaultOpenEBSServiceAccount name of the default openebs service account with // required permissions DefaultOpenEBSServiceAccount = "openebs-maya-operator" @@ -47,6 +47,9 @@ const ( // This environment variable is set via kubernetes downward API in cvc and // cspc operators deployments OpenEBSServiceAccount = "OPENEBS_SERVICEACCOUNT_NAME" + + // OpenEBSImagePullSecret is the environment variable that provides the image pull secrets + OpenEBSImagePullSecret = "OPENEBS_IO_IMAGE_PULL_SECRETS" ) // LookupOrFalse looks up an environment variable and returns a string "false" @@ -97,3 +100,8 @@ func GetServiceAccountName() string { } return name } + +// GetOpenEBSImagePullSecrets gets the image pull secrets as string from the environment variable +func GetOpenEBSImagePullSecrets() string { + return os.Getenv(OpenEBSImagePullSecret) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 748eaf8e..1d801167 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -84,7 +84,7 @@ github.com/onsi/gomega/matchers/support/goraph/edge github.com/onsi/gomega/matchers/support/goraph/node github.com/onsi/gomega/matchers/support/goraph/util github.com/onsi/gomega/types -# github.com/openebs/api/v2 v2.1.0 +# github.com/openebs/api/v2 v2.2.0 github.com/openebs/api/v2/pkg/apis/cstor github.com/openebs/api/v2/pkg/apis/cstor/v1 github.com/openebs/api/v2/pkg/apis/openebs.io