mirror of
https://github.com/open-cluster-management-io/ocm.git
synced 2026-02-14 10:00:11 +00:00
support set imagepullsecret credential in helm chart and run e2e using helm chart (#605)
Signed-off-by: Zhiwei Yin <zyin@redhat.com>
This commit is contained in:
Zhiwei Yin
GitHub
@@ -3,6 +3,8 @@
|
||||
{{- with .Values.images }}
|
||||
{{- if and .imageCredentials.userName .imageCredentials.password }}
|
||||
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .registry (printf "%s:%s" .imageCredentials.userName .imageCredentials.password | b64enc) | b64enc }}
|
||||
{{- else if .imageCredentials.dockerConfigJson }}
|
||||
{{- printf "%s" .imageCredentials.dockerConfigJson | b64enc }}
|
||||
{{- else }}
|
||||
{{- printf "{}" | b64enc }}
|
||||
{{- end }}
|
||||
@@ -15,7 +17,7 @@
|
||||
{{- printf "ocmhub" }}
|
||||
{{- end }}
|
||||
{{- define "tokenSecret" }}
|
||||
{{- printf "%s" (randAlphaNum 6) }}
|
||||
{{- printf "%s" (randAlphaNum 16) }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Define the image tag. */}}
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{{- if .Values.clusterManager.create }}
|
||||
apiVersion: operator.open-cluster-management.io/v1
|
||||
kind: ClusterManager
|
||||
metadata:
|
||||
@@ -31,3 +32,4 @@ spec:
|
||||
addOnManagerConfiguration:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -10,13 +10,14 @@ images:
|
||||
tag: ""
|
||||
imagePullPolicy: IfNotPresent
|
||||
# The image pull secret name is open-cluster-management-image-pull-credentials.
|
||||
# Please set the userName and password if you use a private image registry.
|
||||
# Please set the userName/password or the dockerConfigJson if you use a private image registry.
|
||||
# The image pull secret is fixed into the serviceAccount, you can also set
|
||||
# `createImageCredentials` to `false` and create the pull secret manually.
|
||||
imageCredentials:
|
||||
createImageCredentials: false
|
||||
userName: ""
|
||||
password: ""
|
||||
dockerConfigJson: ""
|
||||
|
||||
# podSecurityContext for clusterManager operator deployment.
|
||||
podSecurityContext:
|
||||
@@ -77,6 +78,8 @@ createBootstrapSA: false
|
||||
|
||||
# configurations for clusterManager CR.
|
||||
clusterManager:
|
||||
# if false, will not create clusterManager instance, default is true.
|
||||
create: true
|
||||
mode: Default
|
||||
resourceRequirement:
|
||||
type: Default
|
||||
|
||||
@@ -2,10 +2,6 @@ package chart
|
||||
|
||||
import (
|
||||
"embed"
|
||||
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
||||
operatorv1 "open-cluster-management.io/api/operator/v1"
|
||||
)
|
||||
|
||||
//go:embed cluster-manager
|
||||
@@ -15,70 +11,3 @@ import (
|
||||
var ChartFiles embed.FS
|
||||
|
||||
const ChartName = "cluster-manager"
|
||||
|
||||
type ChartConfig struct {
|
||||
// CreateNamespace is used in the render function to append the release ns in the objects.
|
||||
CreateNamespace bool `json:"createNamespace,omitempty"`
|
||||
// ReplicaCount is the replicas for the clusterManager operator deployment.
|
||||
ReplicaCount int `json:"replicaCount,omitempty"`
|
||||
// Images is the configurations for all images used in operator deployment and clusterManager CR.
|
||||
Images ImagesConfig `json:"images,omitempty"`
|
||||
// PodSecurityContext is the pod SecurityContext in the operator deployment
|
||||
PodSecurityContext corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
|
||||
// SecurityContext is the container SecurityContext in operator deployment
|
||||
SecurityContext corev1.SecurityContext `json:"securityContext,omitempty"`
|
||||
// Resources is the resource requirements of the operator deployment
|
||||
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
|
||||
// NodeSelector is the nodeSelector of the operator deployment
|
||||
NodeSelector corev1.NodeSelector `json:"nodeSelector,omitempty"`
|
||||
// Tolerations is the tolerations of the operator deployment
|
||||
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
|
||||
// Affinity is the affinity of the operator deployment
|
||||
Affinity corev1.Affinity `json:"affinity,omitempty"`
|
||||
// CreateBootstrapToken is to enable/disable the bootstrap token secret for auto approve.
|
||||
CreateBootstrapToken bool `json:"createBootstrapToken,omitempty"`
|
||||
// CreateBootstrapSA is to create a serviceAccount to generate token.
|
||||
CreateBootstrapSA bool `json:"createBootstrapSA,omitempty"`
|
||||
// ClusterManager is the configuration of clusterManager CR
|
||||
ClusterManager ClusterManagerConfig `json:"clusterManager,omitempty"`
|
||||
}
|
||||
|
||||
type ImagesConfig struct {
|
||||
// Registry is registry name must NOT contain a trailing slash.
|
||||
Registry string `json:"registry,omitempty"`
|
||||
// Tag is the operator image tag.
|
||||
Tag string `json:"tag,omitempty"`
|
||||
// ImagePullPolicy is the image pull policy of operator image. Default is IfNotPresent.
|
||||
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
|
||||
// The image pull secret name is open-cluster-management-image-pull-credentials.
|
||||
// Please set the userName and password if you use a private image registry.
|
||||
ImageCredentials ImageCredentials `json:"imageCredentials,omitempty"`
|
||||
}
|
||||
|
||||
type ImageCredentials struct {
|
||||
CreateImageCredentials bool `json:"createImageCredentials,omitempty"`
|
||||
UserName string `json:"userName,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
}
|
||||
|
||||
type ClusterManagerConfig struct {
|
||||
// InstallMode represents the mode of deploy cluster-manager
|
||||
Mode operatorv1.InstallMode `json:"mode,omitempty"`
|
||||
|
||||
// RegistrationConfiguration contains the configuration of registration
|
||||
// +optional
|
||||
RegistrationConfiguration operatorv1.RegistrationHubConfiguration `json:"registrationConfiguration,omitempty"`
|
||||
|
||||
// WorkConfiguration contains the configuration of work
|
||||
// +optional
|
||||
WorkConfiguration operatorv1.WorkConfiguration `json:"workConfiguration,omitempty"`
|
||||
|
||||
// AddOnManagerConfiguration contains the configuration of addon manager
|
||||
// +optional
|
||||
AddOnManagerConfiguration operatorv1.AddOnManagerConfiguration `json:"addOnManagerConfiguration,omitempty"`
|
||||
|
||||
// ResourceRequirement specify QoS classes of deployments managed by clustermanager.
|
||||
// It applies to all the containers in the deployments.
|
||||
// +optional
|
||||
ResourceRequirement operatorv1.ResourceRequirement `json:"resourceRequirement,omitempty"`
|
||||
}
|
||||
|
||||
@@ -2,10 +2,6 @@ package chart
|
||||
|
||||
import (
|
||||
"embed"
|
||||
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
||||
operatorv1 "open-cluster-management.io/api/operator/v1"
|
||||
)
|
||||
|
||||
//go:embed klusterlet
|
||||
@@ -15,88 +11,3 @@ import (
|
||||
var ChartFiles embed.FS
|
||||
|
||||
const ChartName = "klusterlet"
|
||||
|
||||
type ChartConfig struct {
|
||||
// CreateNamespace is used in the render function to append the release ns in the objects.
|
||||
CreateNamespace bool `json:"createNamespace,omitempty"`
|
||||
// ReplicaCount is the replicas for the klusterlet operator deployment.
|
||||
ReplicaCount int `json:"replicaCount,omitempty"`
|
||||
// Images is the configurations for all images used in operator deployment and klusterlet CR.
|
||||
Images ImagesConfig `json:"images,omitempty"`
|
||||
// PodSecurityContext is the pod SecurityContext in the operator deployment
|
||||
PodSecurityContext corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
|
||||
// SecurityContext is the container SecurityContext in operator deployment
|
||||
SecurityContext corev1.SecurityContext `json:"securityContext,omitempty"`
|
||||
// Resources is the resource requirements of the operator deployment
|
||||
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
|
||||
// NodeSelector is the nodeSelector of the operator deployment
|
||||
NodeSelector corev1.NodeSelector `json:"nodeSelector,omitempty"`
|
||||
// Tolerations is the tolerations of the operator deployment
|
||||
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
|
||||
// Affinity is the affinity of the operator deployment
|
||||
Affinity corev1.Affinity `json:"affinity,omitempty"`
|
||||
// Klusterlet is the configuration of klusterlet CR
|
||||
Klusterlet KlusterletConfig `json:"klusterlet,omitempty"`
|
||||
// PriorityClassName is the name of the PriorityClass that will be used by the deployed klusterlet agent and operator.
|
||||
PriorityClassName string `json:"priorityClassName,omitempty"`
|
||||
|
||||
// EnableSyncLabels is to enable the feature which can sync the labels from klusterlet to all agent resources.
|
||||
EnableSyncLabels bool `json:"enableSyncLabels,omitempty"`
|
||||
|
||||
// BootstrapHubKubeConfig should be the kubeConfig file of the hub cluster via setting --set-file=<the kubeConfig file of hub cluster> optional
|
||||
BootstrapHubKubeConfig string `json:"bootstrapHubKubeConfig,omitempty"`
|
||||
|
||||
// ExternalManagedKubeConfig should be the kubeConfig file of the managed cluster via setting --set-file=<the kubeConfig file of managed cluster>
|
||||
// only need to set in the hosted mode. optional
|
||||
ExternalManagedKubeConfig string `json:"externalManagedKubeConfig,omitempty"`
|
||||
|
||||
// NoOperator is to only deploy the klusterlet CR if set true.
|
||||
NoOperator bool `json:"noOperator,omitempty"`
|
||||
}
|
||||
|
||||
type ImagesConfig struct {
|
||||
// Registry is registry name must NOT contain a trailing slash.
|
||||
Registry string `json:"registry,omitempty"`
|
||||
// Tag is the operator image tag.
|
||||
Tag string `json:"tag,omitempty"`
|
||||
// ImagePullPolicy is the image pull policy of operator image. Default is IfNotPresent.
|
||||
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
|
||||
// The image pull secret name is open-cluster-management-image-pull-credentials.
|
||||
// Please set the userName and password if you use a private image registry.
|
||||
ImageCredentials ImageCredentials `json:"imageCredentials,omitempty"`
|
||||
}
|
||||
|
||||
type ImageCredentials struct {
|
||||
CreateImageCredentials bool `json:"createImageCredentials,omitempty"`
|
||||
UserName string `json:"userName,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
}
|
||||
|
||||
type KlusterletConfig struct {
|
||||
// InstallMode represents the mode of deploy klusterlet
|
||||
Mode operatorv1.InstallMode `json:"mode,omitempty"`
|
||||
Name string `json:"name,omitempty"`
|
||||
ClusterName string `json:"clusterName,omitempty"`
|
||||
Namespace string `json:"namespace,omitempty"`
|
||||
// ExternalServerURLs represents a list of apiserver urls and ca bundles that is accessible externally
|
||||
// If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
|
||||
// +optional
|
||||
ExternalServerURLs []operatorv1.ServerURL `json:"externalServerURLs,omitempty"`
|
||||
|
||||
// NodePlacement enables explicit control over the scheduling of the deployed pods.
|
||||
// +optional
|
||||
NodePlacement operatorv1.NodePlacement `json:"nodePlacement,omitempty"`
|
||||
|
||||
// RegistrationConfiguration contains the configuration of registration
|
||||
// +optional
|
||||
RegistrationConfiguration operatorv1.RegistrationConfiguration `json:"registrationConfiguration,omitempty"`
|
||||
|
||||
// WorkConfiguration contains the configuration of work
|
||||
// +optional
|
||||
WorkConfiguration operatorv1.WorkAgentConfiguration `json:"workConfiguration,omitempty"`
|
||||
|
||||
// ResourceRequirement specify QoS classes of deployments managed by clustermanager.
|
||||
// It applies to all the containers in the deployments.
|
||||
// +optional
|
||||
ResourceRequirement operatorv1.ResourceRequirement `json:"resourceRequirement,omitempty"`
|
||||
}
|
||||
|
||||
@@ -6,6 +6,8 @@ Create secret to access docker registry
|
||||
{{- with .Values.images }}
|
||||
{{- if and .imageCredentials.userName .imageCredentials.password }}
|
||||
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .registry (printf "%s:%s" .imageCredentials.userName .imageCredentials.password | b64enc) | b64enc }}
|
||||
{{- else if .imageCredentials.dockerConfigJson }}
|
||||
{{- printf "%s" .imageCredentials.dockerConfigJson | b64enc }}
|
||||
{{- else }}
|
||||
{{- printf "{}" | b64enc }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
{{- if .Values.klusterlet.create }}
|
||||
apiVersion: operator.open-cluster-management.io/v1
|
||||
kind: Klusterlet
|
||||
metadata:
|
||||
@@ -41,3 +42,4 @@ spec:
|
||||
{{- if .Values.priorityClassName }}
|
||||
priorityClassName: "{{ .Values.priorityClassName }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -9,13 +9,14 @@ images:
|
||||
tag: ""
|
||||
imagePullPolicy: IfNotPresent
|
||||
# The image pull secret name is open-cluster-management-image-pull-credentials.
|
||||
# Please set the userName and password if you use a private image registry.
|
||||
# Please set the userName/password or the dockerConfigJson if you use a private image registry.
|
||||
# The image pull secret is fixed into the serviceAccount, you can also set
|
||||
# `createImageCredentials` to `false` and create the pull secret manually.
|
||||
imageCredentials:
|
||||
createImageCredentials: false
|
||||
userName: ""
|
||||
password: ""
|
||||
dockerConfigJson: ""
|
||||
|
||||
podSecurityContext:
|
||||
runAsNonRoot: true
|
||||
@@ -80,6 +81,8 @@ noOperator: false
|
||||
priorityClassName: ""
|
||||
|
||||
klusterlet:
|
||||
# if false, will not create klusterlet CR. default it true.
|
||||
create: true
|
||||
# mode can be Default, Hosted, Singleton or SingletonHosted.
|
||||
mode: Singleton
|
||||
name: "klusterlet"
|
||||
|
||||
Reference in New Issue
Block a user