Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prepare usage of registry.redhat.io registry #124

Merged
merged 2 commits into from
May 27, 2019
Merged

Prepare usage of registry.redhat.io registry #124

merged 2 commits into from
May 27, 2019

Conversation

miguelsorianod
Copy link
Contributor

@miguelsorianod miguelsorianod commented May 15, 2019
edited
Loading

PR to prepare for the use of registry.redhat.io in the images for 2.6 releases and newer ones.

The old RedHat registry access.redhat.com will be deprecated and newer images are not going to be published on it. New images are going to be published in registry.redhat.io. This registry requires authentication.

This PR allows configuring the authentication credentials for the registry.redhat.io via a secret called 'threescale-registry-auth'. This secret is associated to the "amp" ServiceAccount that has been assigned to all the DeploymentConfig elements of the platform.
The final user is the only one that knows the credentials it has so the secret must be created by them with the specific fields needed and values needed before deploying the APIManager/the templates. Otherwise, the deploy will fail.
We can think of making the secret name configurable, but for the moment to already have something we can merge it this way.

In case of making it configurable I would:
In the templates we could:

  • Request the secret name (or have a hardcoded one) to be used via a new required parameter. The user should manually create the secret with the expected fields and values before deploying the templates

In the operator we could:

  • Have a required field in the CR that is the secret/set of secrets to be used by the ServiceAccount(s) that we assign to the DeploymentConfig pods (or have a hardcoded secret name). The user should manually create the secret with the expected fields and values before deploying the 3scale operator CR

@miguelsorianod miguelsorianod requested a review from eguzki May 15, 2019 15:38
@miguelsorianod miguelsorianod changed the title [WIP] Use redhat.io registry [WIP] Use registry.redhat.io registry May 15, 2019
@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 4e1a6be to 676f37b Compare May 15, 2019 15:47
@miguelsorianod miguelsorianod force-pushed the migrate-dbs-to-imagestreams branch 2 times, most recently from 5fb1bbb to d043201 Compare May 16, 2019 09:35
@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 676f37b to 5606a8f Compare May 16, 2019 10:26
@miguelsorianod miguelsorianod force-pushed the migrate-dbs-to-imagestreams branch from d043201 to 124d66e Compare May 23, 2019 14:35
@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 8c39747 to 69c6c2f Compare May 23, 2019 15:13
@miguelsorianod miguelsorianod changed the base branch from migrate-dbs-to-imagestreams to master May 23, 2019 15:14
@miguelsorianod miguelsorianod changed the title [WIP] Use registry.redhat.io registry Use registry.redhat.io registry May 24, 2019
@miguelsorianod miguelsorianod changed the title Use registry.redhat.io registry Prepare usage of registry.redhat.io registry May 24, 2019
eguzki
eguzki reviewed May 24, 2019
View reviewed changes
pkg/3scale/amp/component/ampimages.go
@@ -575,7 +575,7 @@ func (ampImages *AmpImages) buildQuayServiceAccount() *v1.ServiceAccount {
},
ImagePullSecrets: []v1.LocalObjectReference{
v1.LocalObjectReference{
Name: "quay-auth"}}}
Name: "threescale-registry-auth"}}}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

function still called buildQuayServiceAccount, kind of weird. isn't it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 69c6c2f to 4220a0a Compare May 24, 2019 13:07
@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 4220a0a to 7388dd9 Compare May 24, 2019 16:10
@miguelsorianod miguelsorianod force-pushed the use-redhat-io-registry branch from 7388dd9 to 25ca587 Compare May 27, 2019 10:36
@codeclimate
Copy link

codeclimate bot commented May 27, 2019

Code Climate has analyzed commit 25ca587 and detected 0 issues on this pull request.

View more on Code Climate.

@miguelsorianod miguelsorianod merged commit 3a3ebb4 into master May 27, 2019
@eguzki eguzki deleted the use-redhat-io-registry branch May 27, 2019 12:16
@miguelsorianod miguelsorianod mentioned this pull request Jun 17, 2019
Closed
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eguzki eguzki eguzki approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@miguelsorianod @eguzki