Add ability to use custom registry

hooksie1 · Nov 9, 2022 · f12edac · f12edac
1 parent ea6ae40
commit f12edac
Show file tree

Hide file tree

Showing 8 changed files with 35 additions and 16 deletions.
diff --git a/Makefile b/Makefile
@@ -1,5 +1,5 @@
 PROJECT_NAME := "cmsnr"
-PKG := "gitlab.com/hooksie1/$(PROJECT_NAME)"
+PKG := "github.com/hooksie1/$(PROJECT_NAME)"
 PKG_LIST := $(shell go list ${PKG}/... | grep -v /vendor/)
 GO_FILES := $(shell find . -name '*.go' | grep -v /vendor/ | grep -v _test.go)
 VERSION := $$(git describe --tags | cut -d '-' -f 1)
@@ -31,7 +31,7 @@ windows: dep
 	CGO_ENABLED=0 GOOS=windows go build -a -ldflags "-w -X '$(PKG)/cmd.Version=$(VERSION)'" -o $(PROJECT_NAME)ctl.exe
 
 mac: dep
-	CGO_ENABLED=0 GOOS=darwin go build -a -ldflags "-w -X '$(PKG)/cmd.Version=$(VERSION)'" -o $(PROJECT_NAME)ctl-darwin
+	CGO_ENABLED=0 GOOS=darwin go build -a -ldflags "-s -w -X '$(PKG)/cmd.Version=$(VERSION)'" -o $(PROJECT_NAME)ctl-darwin
 
 
 clean: ## Remove previous build

diff --git a/cmd/deploy.go b/cmd/deploy.go
@@ -38,6 +38,7 @@ func generate(cmd *cobra.Command, args []string) {
 	mSecret := fmt.Sprintf("mutating-%s", viper.GetString("secret"))
 	vSecret := fmt.Sprintf("validating-%s", viper.GetString("secret"))
 	port := viper.GetInt("port")
+	registry := viper.GetString("registry")
 
 	mCert, mKey, err := deployment.GenerateCertificate(mService, namespace)
 	if err != nil {
@@ -58,8 +59,8 @@ func generate(cmd *cobra.Command, args []string) {
 	printKind(deployment.NewClusterRole())
 	printKind(deployment.NewClusterRolebinding(namespace))
 	fmt.Println(deployment.NewCRD())
-	printKind(deployment.NewDeployment(mService, namespace, "mutating", mSecret, port, Version))
-	printKind(deployment.NewDeployment(vService, namespace, "validating", vSecret, port, Version))
+	printKind(deployment.NewDeployment(mService, namespace, registry, "mutating", mSecret, port, Version))
+	printKind(deployment.NewDeployment(vService, namespace, registry, "validating", vSecret, port, Version))
 	printKind(deployment.NewService(mService, namespace, port))
 	printKind(deployment.NewService(vService, namespace, port))
 	printKind(deployment.CertAsSecret(mCert, mKey, mSecret, namespace))

diff --git a/cmd/mutating.go b/cmd/mutating.go
@@ -26,6 +26,7 @@ func init() {
 
 func mutateServer(cmd *cobra.Command, args []string) {
 	port := viper.GetInt("port")
+	registry := viper.GetString("registry")
 	log.Debugf("mutating webhook port: %d", port)
 	log.Info("setting up webhook server")
 	mgr, err := manager.New(config.GetConfigOrDie(), manager.Options{})
@@ -37,6 +38,7 @@ func mutateServer(cmd *cobra.Command, args []string) {
 	injector := server.SidecarInjector{
 		Client:    mgr.GetClient(),
 		Namespace: namespace,
+		Registry:  registry,
 	}
 	log.Info("setting up server")
 	mgrServer := mgr.GetWebhookServer()

diff --git a/cmd/root.go b/cmd/root.go
@@ -2,9 +2,10 @@ package cmd
 
 import (
 	"fmt"
+	"os"
+
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
-	"os"
 
 	"github.com/spf13/viper"
 )
@@ -35,6 +36,8 @@ func init() {
 	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.cmsnr.yaml)")
 	rootCmd.PersistentFlags().StringVarP(&v, "verbosity", "v", logrus.InfoLevel.String(), "Logging level")
 	rootCmd.PersistentFlags().StringVarP(&namespace, "namespace", "n", "default", "The namespace to use")
+	rootCmd.PersistentFlags().StringP("registry", "r", "hooksie1", "Container registry")
+	viper.BindPFlag("registry", rootCmd.PersistentFlags().Lookup("registry"))
 
 	rootCmd.PersistentPreRunE = func(cmd *cobra.Command, args []string) error {
 		if err := setLogLevel(v); err != nil {

diff --git a/go.mod b/go.mod
@@ -64,13 +64,13 @@ require (
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/yashtewari/glob-intersection v0.1.0 // indirect
 	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
-	golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 // indirect
+	golang.org/x/net v0.2.0 // indirect
 	golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect
-	golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6 // indirect
-	golang.org/x/term v0.0.0-20220411215600-e5f449aeb171 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/term v0.2.0 // indirect
+	golang.org/x/text v0.4.0 // indirect
 	golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
-	golang.org/x/tools v0.1.10 // indirect
+	golang.org/x/tools v0.3.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.0 // indirect

diff --git a/go.sum b/go.sum
@@ -1250,6 +1250,8 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su
 golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA=
 golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU=
+golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1407,13 +1409,17 @@ golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6 h1:nonptSpoQ4vQjyraW20DXPAglgQfVnM9ZC6MmNLMR60=
 golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20220411215600-e5f449aeb171 h1:EH1Deb8WZJ0xc0WK//leUHXcX9aLE5SymusoTmMZye8=
 golang.org/x/term v0.0.0-20220411215600-e5f449aeb171/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM=
+golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1424,6 +1430,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -1507,6 +1515,8 @@ golang.org/x/tools v0.1.6-0.20210820212750-d4cc65f0b2ff/go.mod h1:YD9qOF0M9xpSpd
 golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
 golang.org/x/tools v0.1.10 h1:QjFRCZxdOhBJ/UNgnBZLbNV13DlbnK0quyivTnXJM20=
 golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
+golang.org/x/tools v0.3.0 h1:SrNbZl6ECOS1qFzgTdQfWXZM9XBkiA6tkFrH9YSTPHM=
+golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

diff --git a/pkg/deployment/deployment.go b/pkg/deployment/deployment.go
@@ -15,16 +15,18 @@ type Deployment struct {
 	SecretName string
 	Port       int
 	Version    string
+	Registry   string
 }
 
-func NewDeployment(name, namespace, serverType, secretName string, port int, version string) *appsv1.Deployment {
+func NewDeployment(name, namespace, registry, serverType, secretName string, port int, version string) *appsv1.Deployment {
 	dep := Deployment{
 		Name:       name,
 		Namespace:  namespace,
 		ServerType: serverType,
 		SecretName: secretName,
 		Port:       port,
 		Version:    version,
+		Registry:   registry,
 	}
 
 	return dep.newDeployment()
@@ -63,10 +65,10 @@ func (d *Deployment) getTemplate() corev1.PodTemplateSpec {
 		Spec: corev1.PodSpec{
 			Containers: []corev1.Container{
 				{
-					Image:           fmt.Sprintf("hooksie1/cmsnr:%s", d.Version),
+					Image:           fmt.Sprintf("%s/cmsnr:%s", d.Registry, d.Version),
 					ImagePullPolicy: "Always",
 					Name:            d.Name,
-					Args:            []string{"server", "start", d.ServerType, fmt.Sprintf("-n=%s", d.Namespace)},
+					Args:            []string{"server", "start", fmt.Sprintf("--registry=%s", d.Registry), d.ServerType, fmt.Sprintf("-n=%s", d.Namespace)},
 					Ports: []corev1.ContainerPort{
 						{
 							Name:          "https",

diff --git a/pkg/server/injector.go b/pkg/server/injector.go
@@ -18,11 +18,12 @@ type Config struct {
 
 type SidecarInjector struct {
 	Namespace string
+	Registry  string
 	Client    client.Client
 	decoder   *admission.Decoder
 }
 
-func getContainers(namespace, depName string) []corev1.Container {
+func getContainers(namespace, depName, registry string) []corev1.Container {
 	return []corev1.Container{
 		{
 			Name:            "opa",
@@ -32,7 +33,7 @@ func getContainers(namespace, depName string) []corev1.Container {
 		},
 		{
 			Name:            "cmsnr-client",
-			Image:           "hooksie1/cmsnr:latest",
+			Image:           fmt.Sprintf("%s/cmsnr:latest", registry),
 			ImagePullPolicy: corev1.PullPolicy("IfNotPresent"),
 			Args:            []string{"opa", "watch", fmt.Sprintf("-d=%s", depName), fmt.Sprintf("-n=%s", namespace)},
 		},
@@ -62,7 +63,7 @@ func (s *SidecarInjector) Handle(ctx context.Context, r admission.Request) admis
 
 	if checkInject(pod) {
 		log.Infof("Injecting sidecar for %s", pod.Name)
-		pod.Spec.Containers = append(pod.Spec.Containers, getContainers(s.Namespace, pod.Annotations["cmsnr.com/deploymentName"])...)
+		pod.Spec.Containers = append(pod.Spec.Containers, getContainers(s.Namespace, pod.Annotations["cmsnr.com/deploymentName"], s.Registry)...)
 		if pod.Spec.ServiceAccountName == "default" {
 			log.Info("no service account defined, adding cmsnr account")
 			pod.Spec.ServiceAccountName = "cmsnr"