Add all pull secrets to all components

[aorcholski]

Description

K8S-10395

All dynakube image pull secrets added to OneAgent, ActiveGate specs.

All dynakube image pull secrets used by csi.ImageInstaller.

EdgeConnect controller uses registry.Client but depends on EdgeConnect.Spec.CustomPullSecret.

dynakube.controller.registryClientBuilder is not used (registry.Client).

csiprovisioner.OneAgentProvisioner.registryClientBuilder is not used (registry.Client).

How it works:

dockerAuth(s) loaded by configFile.LoadFromReader(...) from different secrets are stored in a single instance of configFile.AuthConfigs map. configFile.LoadFromReader(...) basically does map[k] = v so it works for many secrets.

See:

• https://github.com/docker/cli/blob/master/cli/config/config.go#L106
• https://github.com/docker/cli/blob/master/cli/config/configfile/file.go#L83

How can this be tested?

Copy codemodules image to a private registry:

podman pull public.ecr.aws/dynatrace/dynatrace-codemodules:1.293.133.20240618-095559 
podman tag public.ecr.aws/dynatrace/dynatrace-codemodules:1.293.133.20240618-095559 <registry>/codemodules:1.293.133.20240618-095559 
podman push <registry>/codemodules:1.293.133.20240618-095559 

Create pull image secret:

kubectl -n dynatrace create secret docker-registry <secretname>  --docker-server=<registry> --docker-username=<username>  --docker-password=<password>

Enable DEBUG log level:

kubectl -n dynatrace set env daemonset.apps/dynatrace-oneagent-csi-driver -c provisioner --env=LOG_LEVEL=debug

Apply dynakube:

spec:
  customPullSecret: <secretname>                                                                                                                                                                                                                                                                                                                                                                      
  oneAgent:                                                                                                                                                                                                                                                                                                                                                                                   
    cloudNativeFullStack:                                                                                                                                                                                                                                                                                                                                                                     
      codeModulesImage: "<registry>/codemodules:1.293.133.20240618-095559" 

Check csi logs:

[]$ kubectl -n dynatrace logs -f pod/dynatrace-oneagent-csi-driver-<svbwp>

{"level":"debug","ts":"2024-07-04T11:52:56.889Z","logger":"docker-keychain","msg":"loaded docker configs","registries":["<registry>","<tenant>"]}
{"level":"info","ts":"2024-07-04T11:52:56.889Z","logger":"oneagent-image","msg":"installing agent from image"}
{"level":"info","ts":"2024-07-04T11:52:56.889Z","logger":"oneagent-image","msg":"installing agent","target dir":"/data/codemodules/cXVheS5pby9hZGFtX29yY2hvbHNraS9keW5vcDoxLjI5My4xMzMuMjAyNDA2MTgtMDk1NTU5"}
{"level":"info","ts":"2024-07-04T11:52:57.298Z","logger":"oneagent-image","msg":"pullOciImage","ref_identifier":"1.293.133.20240618-095559","ref.Name":"<registry>/codemodules:1.293.133.20240618-095559","ref.String":"<registry>/codemodules:1.293.133.20240618-095559"}
{"level":"info","ts":"2024-07-04T11:53:00.736Z","logger":"oneagent-image","msg":"unpackOciImage","sourcePath":"/data/cache/cXVheS5pby9hZGFtX29yY2hvbHNraS9keW5vcDoxLjI5My4xMzMuMjAyNDA2MTgtMDk1NTU5/blobs/sha256/9592808cd833be900caf7c72a18a97cc8c6c0f54077ddcca84a1030d8fec18b6"}

Check OneAgent image pull secrets:

kubectl -n dynatrace get daemonset.apps/dynakube-oneagent -o jsonpath="{.spec.template.spec.imagePullSecrets}"

there should be two secrets:

[{"name":"dynakube-pull-secret"},{"name":"<secretname>"}]

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

Attention: Patch coverage is 42.62295% with 35 lines in your changes missing coverage. Please review.

Project coverage is 57.23%. Comparing base (85a60f5) to head (a9771db).

Files	Patch %	Lines
pkg/api/v1beta2/dynakube/properties.go	0.00%	13 Missing ⚠️
pkg/api/v1beta3/dynakube/properties.go	0.00%	13 Missing ⚠️
pkg/oci/dockerkeychain/docker_keychain.go	70.00%	6 Missing and 3 partials ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3365      +/-   ##
==========================================
- Coverage   57.26%   57.23%   -0.03%     
==========================================
  Files         344      344              
  Lines       19753    19781      +28     
==========================================
+ Hits        11311    11322      +11     
- Misses       7206     7221      +15     
- Partials     1236     1238       +2     

Flag	Coverage Δ
unittests	57.23% <42.62%> (-0.03%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[StefanHauth]

I tested this PR by pulling a code module image from the Google Cloud Artifactory Repository. Worked fine!

[StefanHauth]

I think the troubleshoot command might also need some adoption in a follow-up taking these changes into account.

[albertogdd]

Code LGTM, didn't test it because I don't have a podman setup (pls anyone else, test it)