Add support for imagePullSecrets
Since we support custom image prefixes, we should also support imagePullSecrets since they are likely to be in a private registry. This also updates some nearby documentation which was out of date. Change-Id: Id43382284a9adde877e2383644a31bda24030b2b
This commit is contained in:
James E. Blair
parent
d65ebc6bff
commit
fe827fbeb0
@ -232,6 +232,13 @@ verbatim):
|
|||||||
apiVersion: zuul-ci.org/v1alpha2
|
apiVersion: zuul-ci.org/v1alpha2
|
||||||
kind: Zuul
|
kind: Zuul
|
||||||
spec:
|
spec:
|
||||||
|
imagePrefix: docker.io/zuul
|
||||||
|
imagePullSecrets:
|
||||||
|
- name: my-docker-secret
|
||||||
|
zuulImageVersion: latest
|
||||||
|
zuulPreviewImageVersion: latest
|
||||||
|
zuulRegistryImageVersion: latest
|
||||||
|
nodepoolImageVersion: latest
|
||||||
database:
|
database:
|
||||||
secretName: mariadbSecret
|
secretName: mariadbSecret
|
||||||
zookeeper:
|
zookeeper:
|
||||||
@ -288,6 +295,17 @@ verbatim):
|
|||||||
(``zuul-executor``, etc). However, changing the prefix will
|
(``zuul-executor``, etc). However, changing the prefix will
|
||||||
allow you to use custom images or private registries.
|
allow you to use custom images or private registries.
|
||||||
|
|
||||||
|
.. attr:: imagePullSecrets
|
||||||
|
:type: list
|
||||||
|
:default: []
|
||||||
|
|
||||||
|
If supplied, this value is passed through to Kubernetes. It
|
||||||
|
should be a list of secrets.
|
||||||
|
|
||||||
|
.. attr:: name
|
||||||
|
|
||||||
|
The name of the image pull secret.
|
||||||
|
|
||||||
.. attr:: zuulImageVersion
|
.. attr:: zuulImageVersion
|
||||||
:default: latest
|
:default: latest
|
||||||
|
|
||||||
@ -298,6 +316,11 @@ verbatim):
|
|||||||
|
|
||||||
The image tag to append to the Zuul Preview images.
|
The image tag to append to the Zuul Preview images.
|
||||||
|
|
||||||
|
.. attr:: zuulRegistryImageVersion
|
||||||
|
:default: latest
|
||||||
|
|
||||||
|
The image tag to append to the Zuul Registry images.
|
||||||
|
|
||||||
.. attr:: nodepoolImageVersion
|
.. attr:: nodepoolImageVersion
|
||||||
:default: latest
|
:default: latest
|
||||||
|
|
||||||
|
|||||||
@ -146,11 +146,11 @@ def update_fn(name, namespace, logger, old, new, memo, **kwargs):
|
|||||||
if new.get('connections') != old.get('connections'):
|
if new.get('connections') != old.get('connections'):
|
||||||
logger.info("Connections changed")
|
logger.info("Connections changed")
|
||||||
conf_changed = True
|
conf_changed = True
|
||||||
if new.get('imagePrefix') != old.get('imagePrefix'):
|
|
||||||
logger.info("Image prefix changed")
|
|
||||||
spec_changed = True
|
|
||||||
for key in ['executor', 'merger', 'scheduler', 'registry',
|
for key in ['executor', 'merger', 'scheduler', 'registry',
|
||||||
'launcher', 'connections', 'externalConfig']:
|
'launcher', 'connections', 'externalConfig',
|
||||||
|
'imagePrefix', 'imagePullSecrets', 'zuulImageVersion',
|
||||||
|
'zuulPreviewImageVersion', 'zuulRegistryImageVersion',
|
||||||
|
'nodepoolImageVersion']:
|
||||||
if new.get(key) != old.get(key):
|
if new.get(key) != old.get(key):
|
||||||
logger.info(f"{key} changed")
|
logger.info(f"{key} changed")
|
||||||
spec_changed = True
|
spec_changed = True
|
||||||
|
|||||||
@ -27,6 +27,7 @@ spec:
|
|||||||
app.kubernetes.io/component: nodepool-launcher
|
app.kubernetes.io/component: nodepool-launcher
|
||||||
operator.zuul-ci.org/nodepool-provider: {{ provider_name }}
|
operator.zuul-ci.org/nodepool-provider: {{ provider_name }}
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: launcher
|
- name: launcher
|
||||||
image: {{ spec.imagePrefix }}/nodepool-launcher:{{ spec.nodepoolImageVersion }}
|
image: {{ spec.imagePrefix }}/nodepool-launcher:{{ spec.nodepoolImageVersion }}
|
||||||
|
|||||||
@ -71,6 +71,7 @@ spec:
|
|||||||
app.kubernetes.io/part-of: zuul
|
app.kubernetes.io/part-of: zuul
|
||||||
app.kubernetes.io/component: zuul-registry
|
app.kubernetes.io/component: zuul-registry
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: registry
|
- name: registry
|
||||||
image: {{ spec.imagePrefix }}/zuul-registry:{{ spec.zuulImageVersion }}
|
image: {{ spec.imagePrefix }}/zuul-registry:{{ spec.zuulImageVersion }}
|
||||||
|
|||||||
@ -140,6 +140,7 @@ spec:
|
|||||||
annotations:
|
annotations:
|
||||||
zuulConfSha: "{{ zuul_conf_sha }}"
|
zuulConfSha: "{{ zuul_conf_sha }}"
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: scheduler
|
- name: scheduler
|
||||||
image: {{ spec.imagePrefix }}/zuul-scheduler:{{ spec.zuulImageVersion }}
|
image: {{ spec.imagePrefix }}/zuul-scheduler:{{ spec.zuulImageVersion }}
|
||||||
@ -221,6 +222,7 @@ spec:
|
|||||||
annotations:
|
annotations:
|
||||||
zuulConfSha: "{{ zuul_conf_sha }}"
|
zuulConfSha: "{{ zuul_conf_sha }}"
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: web
|
- name: web
|
||||||
image: {{ spec.imagePrefix }}/zuul-web:{{ spec.zuulImageVersion }}
|
image: {{ spec.imagePrefix }}/zuul-web:{{ spec.zuulImageVersion }}
|
||||||
@ -269,6 +271,7 @@ spec:
|
|||||||
annotations:
|
annotations:
|
||||||
zuulConfSha: "{{ zuul_conf_sha }}"
|
zuulConfSha: "{{ zuul_conf_sha }}"
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: fingergw
|
- name: fingergw
|
||||||
image: {{ spec.imagePrefix }}/zuul-fingergw:{{ spec.zuulImageVersion }}
|
image: {{ spec.imagePrefix }}/zuul-fingergw:{{ spec.zuulImageVersion }}
|
||||||
@ -318,6 +321,7 @@ spec:
|
|||||||
annotations:
|
annotations:
|
||||||
zuulConfSha: "{{ zuul_conf_sha }}"
|
zuulConfSha: "{{ zuul_conf_sha }}"
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 10001
|
runAsUser: 10001
|
||||||
runAsGroup: 10001
|
runAsGroup: 10001
|
||||||
@ -415,6 +419,7 @@ spec:
|
|||||||
annotations:
|
annotations:
|
||||||
zuulConfSha: "{{ zuul_conf_sha }}"
|
zuulConfSha: "{{ zuul_conf_sha }}"
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 10001
|
runAsUser: 10001
|
||||||
runAsGroup: 10001
|
runAsGroup: 10001
|
||||||
@ -502,6 +507,7 @@ spec:
|
|||||||
app.kubernetes.io/part-of: zuul
|
app.kubernetes.io/part-of: zuul
|
||||||
app.kubernetes.io/component: zuul-preview
|
app.kubernetes.io/component: zuul-preview
|
||||||
spec:
|
spec:
|
||||||
|
imagePullSecrets: {{ spec.imagePullSecrets }}
|
||||||
containers:
|
containers:
|
||||||
- name: preview
|
- name: preview
|
||||||
image: {{ spec.imagePrefix }}/zuul-preview:{{ spec.zuulPreviewImageVersion }}
|
image: {{ spec.imagePrefix }}/zuul-preview:{{ spec.zuulPreviewImageVersion }}
|
||||||
|
|||||||
@ -83,6 +83,7 @@ class Zuul:
|
|||||||
registry_tls.setdefault('secretName', 'zuul-registry-tls')
|
registry_tls.setdefault('secretName', 'zuul-registry-tls')
|
||||||
|
|
||||||
self.spec.setdefault('imagePrefix', 'docker.io/zuul')
|
self.spec.setdefault('imagePrefix', 'docker.io/zuul')
|
||||||
|
self.spec.setdefault('imagePullSecrets', [])
|
||||||
self.spec.setdefault('zuulImageVersion', 'latest')
|
self.spec.setdefault('zuulImageVersion', 'latest')
|
||||||
self.spec.setdefault('zuulPreviewImageVersion', 'latest')
|
self.spec.setdefault('zuulPreviewImageVersion', 'latest')
|
||||||
self.spec.setdefault('zuulRegistryImageVersion', 'latest')
|
self.spec.setdefault('zuulRegistryImageVersion', 'latest')
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user