diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 0471388f34..bbd9055007 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -4904,6 +4904,14 @@ "description": "FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A value is between 0 and 1, if not defined it is 0.055 (5.5% overhead)", "$ref": "#/definitions/v1beta1.FilesystemOverhead" }, + "imagePullSecrets": { + "description": "The imagePullSecrets used to pull the container images", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.LocalObjectReference" + } + }, "importProxy": { "description": "ImportProxy contains importer pod proxy configuration.", "$ref": "#/definitions/v1beta1.ImportProxy" @@ -4950,6 +4958,14 @@ "description": "FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A percentage value is between 0 and 1", "$ref": "#/definitions/v1beta1.FilesystemOverhead" }, + "imagePullSecrets": { + "description": "The imagePullSecrets used to pull the container images", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.LocalObjectReference" + } + }, "importProxy": { "description": "ImportProxy contains importer pod proxy configuration.", "$ref": "#/definitions/v1beta1.ImportProxy" @@ -5023,14 +5039,6 @@ "Never" ] }, - "imagePullSecrets": { - "description": "The imagePullSecrets to pull the container images", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/v1.LocalObjectReference" - } - }, "infra": { "description": "Rules on which nodes CDI infrastructure pods will be scheduled", "default": {}, diff --git a/cmd/cdi-controller/controller.go b/cmd/cdi-controller/controller.go index 2a2bcfc75d..a3ce5241ca 100644 --- a/cmd/cdi-controller/controller.go +++ b/cmd/cdi-controller/controller.go @@ -16,7 +16,6 @@ import ( "github.com/pkg/errors" "github.com/prometheus/client_golang/prometheus" "go.uber.org/zap/zapcore" - corev1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" extv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/fields" @@ -58,7 +57,6 @@ var ( uploadProxyServiceName string configName string pullPolicy string - imagePullSecrets []corev1.LocalObjectReference verbose string installerLabels map[string]string log = logf.Log.WithName("controller") @@ -240,7 +238,7 @@ func start(ctx context.Context, cfg *rest.Config) { os.Exit(1) } - if _, err := controller.NewCloneController(mgr, log, clonerImage, pullPolicy, imagePullSecrets, verbose, uploadClientCertGenerator, uploadServerBundleFetcher, getTokenPublicKey(), installerLabels); err != nil { + if _, err := controller.NewCloneController(mgr, log, clonerImage, pullPolicy, verbose, uploadClientCertGenerator, uploadServerBundleFetcher, getTokenPublicKey(), installerLabels); err != nil { klog.Errorf("Unable to setup clone controller: %v", err) os.Exit(1) } diff --git a/pkg/apis/core/v1beta1/openapi_generated.go b/pkg/apis/core/v1beta1/openapi_generated.go index e43c8b8fbe..18f6615f3e 100644 --- a/pkg/apis/core/v1beta1/openapi_generated.go +++ b/pkg/apis/core/v1beta1/openapi_generated.go @@ -22986,11 +22986,25 @@ func schema_pkg_apis_core_v1beta1_CDIConfigSpec(ref common.ReferenceCallback) co Ref: ref("github.com/openshift/api/config/v1.TLSSecurityProfile"), }, }, + "imagePullSecrets": { + SchemaProps: spec.SchemaProps{ + Description: "The imagePullSecrets used to pull the container images", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1.TLSSecurityProfile", "k8s.io/api/core/v1.ResourceRequirements", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.FilesystemOverhead", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.ImportProxy"}, + "github.com/openshift/api/config/v1.TLSSecurityProfile", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ResourceRequirements", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.FilesystemOverhead", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.ImportProxy"}, } } @@ -23040,11 +23054,25 @@ func schema_pkg_apis_core_v1beta1_CDIConfigStatus(ref common.ReferenceCallback) Format: "", }, }, + "imagePullSecrets": { + SchemaProps: spec.SchemaProps{ + Description: "The imagePullSecrets used to pull the container images", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.ResourceRequirements", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.FilesystemOverhead", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.ImportProxy"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.ResourceRequirements", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.FilesystemOverhead", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.ImportProxy"}, } } @@ -23112,20 +23140,6 @@ func schema_pkg_apis_core_v1beta1_CDISpec(ref common.ReferenceCallback) common.O Format: "", Enum: []interface{}{"Always", "IfNotPresent", "Never"}}, }, - "imagePullSecrets": { - SchemaProps: spec.SchemaProps{ - Description: "The imagePullSecrets to pull the container images", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), - }, - }, - }, - }, - }, "uninstallStrategy": { SchemaProps: spec.SchemaProps{ Description: "CDIUninstallStrategy defines the state to leave CDI on uninstall", @@ -23177,7 +23191,7 @@ func schema_pkg_apis_core_v1beta1_CDISpec(ref common.ReferenceCallback) common.O }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.CDICertConfig", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.CDIConfigSpec", "kubevirt.io/controller-lifecycle-operator-sdk/api.NodePlacement"}, + "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.CDICertConfig", "kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1.CDIConfigSpec", "kubevirt.io/controller-lifecycle-operator-sdk/api.NodePlacement"}, } } diff --git a/pkg/controller/clone-controller.go b/pkg/controller/clone-controller.go index b9be549b75..981409866b 100644 --- a/pkg/controller/clone-controller.go +++ b/pkg/controller/clone-controller.go @@ -73,15 +73,13 @@ type CloneReconciler struct { image string verbose string pullPolicy string - imagePullSecrets []corev1.LocalObjectReference installerLabels map[string]string } // NewCloneController creates a new instance of the config controller. func NewCloneController(mgr manager.Manager, log logr.Logger, - image, pullPolicy string, - imagePullSecrets []corev1.LocalObjectReference, + image, pullPolicy, verbose string, clientCertGenerator generator.CertGenerator, serverCAFetcher fetcher.CertBundleFetcher, @@ -96,7 +94,6 @@ func NewCloneController(mgr manager.Manager, image: image, verbose: verbose, pullPolicy: pullPolicy, - imagePullSecrets: imagePullSecrets, recorder: mgr.GetEventRecorderFor("clone-controller"), clientCertGenerator: clientCertGenerator, serverCAFetcher: serverCAFetcher, @@ -262,7 +259,7 @@ func (r *CloneReconciler) reconcileSourcePod(sourcePod *corev1.Pod, targetPvc *c return 2 * time.Second, nil } - sourcePod, err := r.CreateCloneSourcePod(r.image, r.pullPolicy, r.imagePullSecrets, targetPvc, log) + sourcePod, err := r.CreateCloneSourcePod(r.image, r.pullPolicy, targetPvc, log) // Check if pod has failed and, in that case, record an event with the error if podErr := cc.HandleFailedPod(err, cc.CreateCloneSourcePodName(targetPvc), targetPvc, r.recorder, r.client); podErr != nil { return 0, podErr @@ -479,7 +476,7 @@ func (r *CloneReconciler) cleanup(pvc *corev1.PersistentVolumeClaim, log logr.Lo } // CreateCloneSourcePod creates our cloning src pod which will be used for out of band cloning to read the contents of the src PVC -func (r *CloneReconciler) CreateCloneSourcePod(image, pullPolicy string, imagePullSecrets []corev1.LocalObjectReference, pvc *corev1.PersistentVolumeClaim, log logr.Logger) (*corev1.Pod, error) { +func (r *CloneReconciler) CreateCloneSourcePod(image, pullPolicy string, pvc *corev1.PersistentVolumeClaim, log logr.Logger) (*corev1.Pod, error) { exists, sourcePvcNamespace, sourcePvcName := ParseCloneRequestAnnotation(pvc) if !exists { return nil, errors.Errorf("bad CloneRequest Annotation") @@ -500,6 +497,11 @@ func (r *CloneReconciler) CreateCloneSourcePod(image, pullPolicy string, imagePu return nil, err } + imagePullSecrets, err := cc.GetImagePullSecrets(r.client) + if err != nil { + return nil, err + } + workloadNodePlacement, err := cc.GetWorkloadNodePlacement(r.client) if err != nil { return nil, err diff --git a/pkg/controller/common/util.go b/pkg/controller/common/util.go index 18ac585bdd..5e040fcd72 100644 --- a/pkg/controller/common/util.go +++ b/pkg/controller/common/util.go @@ -411,6 +411,17 @@ func GetDefaultPodResourceRequirements(client client.Client) (*v1.ResourceRequir return cdiconfig.Status.DefaultPodResourceRequirements, nil } +// GetImagePullSecrets gets the imagePullSecrets needed to pull images from the cdi config +func GetImagePullSecrets(client client.Client) ([]corev1.LocalObjectReference, error) { + cdiconfig := &cdiv1.CDIConfig{} + if err := client.Get(context.TODO(), types.NamespacedName{Name: common.ConfigName}, cdiconfig); err != nil { + klog.Errorf("Unable to find CDI configuration, %v\n", err) + return nil, err + } + + return cdiconfig.Status.ImagePullSecrets, nil +} + // AddVolumeDevices returns VolumeDevice slice with one block device for pods using PV with block volume mode func AddVolumeDevices() []v1.VolumeDevice { volumeDevices := []v1.VolumeDevice{ diff --git a/pkg/controller/config-controller.go b/pkg/controller/config-controller.go index ec62c8f1e8..31275dfe10 100644 --- a/pkg/controller/config-controller.go +++ b/pkg/controller/config-controller.go @@ -97,6 +97,10 @@ func (r *CDIConfigReconciler) Reconcile(_ context.Context, req reconcile.Request return reconcile.Result{}, err } + if err := r.reconcileImagePullSecrets(config); err != nil { + return reconcile.Result{}, err + } + if err := r.reconcileFilesystemOverhead(config); err != nil { return reconcile.Result{}, err } @@ -232,6 +236,14 @@ func (r *CDIConfigReconciler) reconcileStorageClass(config *cdiv1.CDIConfig) err return nil } +func (r *CDIConfigReconciler) reconcileImagePullSecrets(config *cdiv1.CDIConfig) error { + if config.Spec.ImagePullSecrets != nil { + config.Status.ImagePullSecrets = config.Spec.ImagePullSecrets + } + + return nil +} + func (r *CDIConfigReconciler) reconcileDefaultPodResourceRequirements(config *cdiv1.CDIConfig) error { cpuLimit, _ := resource.ParseQuantity(defaultCPULimit) memLimit, _ := resource.ParseQuantity(defaultMemLimit) diff --git a/pkg/controller/datavolume/clone-controller-base.go b/pkg/controller/datavolume/clone-controller-base.go index c4d9e4ca08..225aa7443f 100644 --- a/pkg/controller/datavolume/clone-controller-base.go +++ b/pkg/controller/datavolume/clone-controller-base.go @@ -420,6 +420,11 @@ func (r *CloneReconcilerBase) createExpansionPod(pvc *corev1.PersistentVolumeCla return nil, err } + imagePullSecrets, err := cc.GetImagePullSecrets(r.client) + if err != nil { + return nil, err + } + workloadNodePlacement, err := cc.GetWorkloadNodePlacement(r.client) if err != nil { return nil, err @@ -447,7 +452,8 @@ func (r *CloneReconcilerBase) createExpansionPod(pvc *corev1.PersistentVolumeCla Args: []string{"-c", "echo", "'hello cdi'"}, }, }, - RestartPolicy: corev1.RestartPolicyOnFailure, + ImagePullSecrets: imagePullSecrets, + RestartPolicy: corev1.RestartPolicyOnFailure, Volumes: []corev1.Volume{ { Name: cc.DataVolName, diff --git a/pkg/controller/import-controller.go b/pkg/controller/import-controller.go index bd2be41a1b..2c5afd0668 100644 --- a/pkg/controller/import-controller.go +++ b/pkg/controller/import-controller.go @@ -111,6 +111,7 @@ type importerPodArgs struct { pvc *corev1.PersistentVolumeClaim scratchPvcName *string podResourceRequirements *corev1.ResourceRequirements + imagePullSecrets []corev1.LocalObjectReference workloadNodePlacement *sdkapi.NodePlacement vddkImageName *string priorityClassName string @@ -867,6 +868,8 @@ func createImporterPod(log logr.Logger, client client.Client, args *importerPodA return nil, err } + args.imagePullSecrets = cdiv1.CDIConfig{}.Spec.ImagePullSecrets + args.workloadNodePlacement, err = cc.GetWorkloadNodePlacement(client) if err != nil { return nil, err @@ -971,6 +974,7 @@ func makeNodeImporterPodSpec(args *importerPodArgs) *corev1.Pod { Tolerations: args.workloadNodePlacement.Tolerations, Affinity: args.workloadNodePlacement.Affinity, PriorityClassName: args.priorityClassName, + ImagePullSecrets: args.imagePullSecrets, }, } @@ -1003,7 +1007,7 @@ func makeNodeImporterPodSpec(args *importerPodArgs) *corev1.Pod { args.podEnvVar.ep = "http://localhost:8100/disk.img" args.podEnvVar.readyFile = "/shared/ready" args.podEnvVar.doneFile = "/shared/done" - setImporterPodCommons(pod, args.podEnvVar, args.pvc, args.podResourceRequirements) + setImporterPodCommons(pod, args.podEnvVar, args.pvc, args.podResourceRequirements, args.imagePullSecrets) pod.Spec.Containers[0].VolumeMounts = append(pod.Spec.Containers[0].VolumeMounts, corev1.VolumeMount{ MountPath: "/shared", Name: "shared-volume", @@ -1088,7 +1092,7 @@ func makeImporterPodSpec(args *importerPodArgs) *corev1.Pod { }, } - setImporterPodCommons(pod, args.podEnvVar, args.pvc, args.podResourceRequirements) + setImporterPodCommons(pod, args.podEnvVar, args.pvc, args.podResourceRequirements, args.imagePullSecrets) if args.scratchPvcName != nil { pod.Spec.Containers[0].VolumeMounts = append(pod.Spec.Containers[0].VolumeMounts, corev1.VolumeMount{ @@ -1162,12 +1166,13 @@ func makeImporterPodSpec(args *importerPodArgs) *corev1.Pod { return pod } -func setImporterPodCommons(pod *corev1.Pod, podEnvVar *importPodEnvVar, pvc *corev1.PersistentVolumeClaim, podResourceRequirements *corev1.ResourceRequirements) { +func setImporterPodCommons(pod *corev1.Pod, podEnvVar *importPodEnvVar, pvc *corev1.PersistentVolumeClaim, podResourceRequirements *corev1.ResourceRequirements, imagePullSecrets []corev1.LocalObjectReference) { if podResourceRequirements != nil { for i := range pod.Spec.Containers { pod.Spec.Containers[i].Resources = *podResourceRequirements } } + pod.Spec.ImagePullSecrets = imagePullSecrets ownerUID := pvc.UID if len(pvc.OwnerReferences) == 1 { diff --git a/pkg/controller/upload-controller.go b/pkg/controller/upload-controller.go index c590a5c026..15d7b10ca1 100644 --- a/pkg/controller/upload-controller.go +++ b/pkg/controller/upload-controller.go @@ -579,12 +579,17 @@ func (r *UploadReconciler) createUploadPod(args UploadPodArgs) (*v1.Pod, error) return nil, err } + imagePullSecrets, err := cc.GetImagePullSecrets(r.client) + if err != nil { + return nil, err + } + workloadNodePlacement, err := cc.GetWorkloadNodePlacement(r.client) if err != nil { return nil, err } - pod := r.makeUploadPodSpec(args, podResourceRequirements, workloadNodePlacement) + pod := r.makeUploadPodSpec(args, podResourceRequirements, imagePullSecrets, workloadNodePlacement) util.SetRecommendedLabels(pod, r.installerLabels, "cdi-controller") if err := r.client.Get(context.TODO(), types.NamespacedName{Name: args.Name, Namespace: ns}, pod); err != nil { @@ -730,7 +735,7 @@ func createUploadServiceNameFromPvcName(pvc string) string { return naming.GetServiceNameFromResourceName(createUploadResourceName(pvc)) } -func (r *UploadReconciler) makeUploadPodSpec(args UploadPodArgs, resourceRequirements *v1.ResourceRequirements, workloadNodePlacement *sdkapi.NodePlacement) *v1.Pod { +func (r *UploadReconciler) makeUploadPodSpec(args UploadPodArgs, resourceRequirements *v1.ResourceRequirements, imagePullSecrets []v1.LocalObjectReference, workloadNodePlacement *sdkapi.NodePlacement) *v1.Pod { requestImageSize, _ := cc.GetRequestedImageSize(args.PVC) serviceName := naming.GetServiceNameFromResourceName(args.Name) pod := &v1.Pod{ @@ -840,6 +845,7 @@ func (r *UploadReconciler) makeUploadPodSpec(args UploadPodArgs, resourceRequire Tolerations: workloadNodePlacement.Tolerations, Affinity: workloadNodePlacement.Affinity, PriorityClassName: cc.GetPriorityClass(args.PVC), + ImagePullSecrets: imagePullSecrets, }, } diff --git a/pkg/operator/controller/cr-manager.go b/pkg/operator/controller/cr-manager.go index c600da5729..b1666bcf28 100644 --- a/pkg/operator/controller/cr-manager.go +++ b/pkg/operator/controller/cr-manager.go @@ -83,8 +83,8 @@ func (r *ReconcileCDI) getNamespacedArgs(cr *cdiv1.CDI) *cdinamespaced.FactoryAr if cr.Spec.ImagePullPolicy != "" { result.PullPolicy = string(cr.Spec.ImagePullPolicy) } - if len(cr.Spec.ImagePullSecrets) > 0 { - result.ImagePullSecrets = cr.Spec.ImagePullSecrets + if cr.Spec.Config != nil && len(cr.Spec.Config.ImagePullSecrets) > 0 { + result.ImagePullSecrets = cr.Spec.Config.ImagePullSecrets } if cr.Spec.PriorityClass != nil && string(*cr.Spec.PriorityClass) != "" { result.PriorityClassName = string(*cr.Spec.PriorityClass) diff --git a/pkg/operator/resources/crds_generated.go b/pkg/operator/resources/crds_generated.go index 2db86efe72..8bee557847 100644 --- a/pkg/operator/resources/crds_generated.go +++ b/pkg/operator/resources/crds_generated.go @@ -125,6 +125,19 @@ spec: global value type: object type: object + imagePullSecrets: + description: The imagePullSecrets used to pull the container images + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array importProxy: description: ImportProxy contains importer pod proxy configuration. properties: @@ -304,19 +317,6 @@ spec: - IfNotPresent - Never type: string - imagePullSecrets: - description: The imagePullSecrets to pull the container images - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array infra: description: Rules on which nodes CDI infrastructure pods will be scheduled @@ -2354,6 +2354,19 @@ spec: global value type: object type: object + imagePullSecrets: + description: The imagePullSecrets used to pull the container images + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array importProxy: description: ImportProxy contains importer pod proxy configuration. properties: @@ -2533,19 +2546,6 @@ spec: - IfNotPresent - Never type: string - imagePullSecrets: - description: The imagePullSecrets to pull the container images - items: - description: LocalObjectReference contains enough information to - let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - type: array infra: description: Rules on which nodes CDI infrastructure pods will be scheduled @@ -4557,6 +4557,19 @@ spec: value type: object type: object + imagePullSecrets: + description: The imagePullSecrets used to pull the container images + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array importProxy: description: ImportProxy contains importer pod proxy configuration. properties: @@ -4774,6 +4787,19 @@ spec: value type: object type: object + imagePullSecrets: + description: The imagePullSecrets used to pull the container images + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array importProxy: description: ImportProxy contains importer pod proxy configuration. properties: diff --git a/pkg/operator/resources/namespaced/controller.go b/pkg/operator/resources/namespaced/controller.go index 7834e3d1fa..23eb52a97c 100644 --- a/pkg/operator/resources/namespaced/controller.go +++ b/pkg/operator/resources/namespaced/controller.go @@ -179,7 +179,6 @@ func createControllerDeployment(controllerImage, importerImage, clonerImage, upl labels := util.MergeLabels(deployment.Spec.Template.GetLabels(), map[string]string{common.PrometheusLabelKey: common.PrometheusLabelValue}) deployment.SetLabels(labels) deployment.Spec.Template.SetLabels(labels) - container.Env = []corev1.EnvVar{ { Name: "IMPORTER_IMAGE", diff --git a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go index a9de3128eb..94af9ae759 100644 --- a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go +++ b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go @@ -653,9 +653,7 @@ type CDICertConfig struct { type CDISpec struct { // +kubebuilder:validation:Enum=Always;IfNotPresent;Never // PullPolicy describes a policy for if/when to pull a container image - ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty" valid:"required"` - // The imagePullSecrets to pull the container images - ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty" valid:"required"` // +kubebuilder:validation:Enum=RemoveWorkloads;BlockUninstallIfWorkloadsExist // CDIUninstallStrategy defines the state to leave CDI on uninstall UninstallStrategy *CDIUninstallStrategy `json:"uninstallStrategy,omitempty"` @@ -775,6 +773,8 @@ type CDIConfigSpec struct { DataVolumeTTLSeconds *int32 `json:"dataVolumeTTLSeconds,omitempty"` // TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands. TLSSecurityProfile *ocpconfigv1.TLSSecurityProfile `json:"tlsSecurityProfile,omitempty"` + // The imagePullSecrets used to pull the container images + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` } // CDIConfigStatus provides the most recently observed status of the CDI Config resource @@ -792,6 +792,8 @@ type CDIConfigStatus struct { FilesystemOverhead *FilesystemOverhead `json:"filesystemOverhead,omitempty"` // Preallocation controls whether storage for DataVolumes should be allocated in advance. Preallocation bool `json:"preallocation,omitempty"` + // The imagePullSecrets used to pull the container images + ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` } // CDIConfigList provides the needed parameters to do request a list of CDIConfigs from the system diff --git a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go index dad8bf33a3..b3f77cd660 100644 --- a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go +++ b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go @@ -325,7 +325,6 @@ func (CDISpec) SwaggerDoc() map[string]string { return map[string]string{ "": "CDISpec defines our specification for the CDI installation", "imagePullPolicy": "+kubebuilder:validation:Enum=Always;IfNotPresent;Never\nPullPolicy describes a policy for if/when to pull a container image", - "imagePullSecrets": "The imagePullSecrets to pull the container images", "uninstallStrategy": "+kubebuilder:validation:Enum=RemoveWorkloads;BlockUninstallIfWorkloadsExist\nCDIUninstallStrategy defines the state to leave CDI on uninstall", "infra": "Rules on which nodes CDI infrastructure pods will be scheduled", "workload": "Restrict on which nodes CDI workload pods will be scheduled", @@ -376,6 +375,7 @@ func (CDIConfigSpec) SwaggerDoc() map[string]string { "insecureRegistries": "InsecureRegistries is a list of TLS disabled registries", "dataVolumeTTLSeconds": "DataVolumeTTLSeconds is the time in seconds after DataVolume completion it can be garbage collected. The default is 0 sec. To disable GC use -1.\n+optional", "tlsSecurityProfile": "TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands.", + "imagePullSecrets": "The imagePullSecrets used to pull the container images", } } @@ -388,6 +388,7 @@ func (CDIConfigStatus) SwaggerDoc() map[string]string { "defaultPodResourceRequirements": "ResourceRequirements describes the compute resource requirements.", "filesystemOverhead": "FilesystemOverhead describes the space reserved for overhead when using Filesystem volumes. A percentage value is between 0 and 1", "preallocation": "Preallocation controls whether storage for DataVolumes should be allocated in advance.", + "imagePullSecrets": "The imagePullSecrets used to pull the container images", } } diff --git a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go index d3acf3e52d..69d7adcb90 100644 --- a/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go +++ b/staging/src/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go @@ -196,6 +196,11 @@ func (in *CDIConfigSpec) DeepCopyInto(out *CDIConfigSpec) { *out = new(configv1.TLSSecurityProfile) (*in).DeepCopyInto(*out) } + if in.ImagePullSecrets != nil { + in, out := &in.ImagePullSecrets, &out.ImagePullSecrets + *out = make([]v1.LocalObjectReference, len(*in)) + copy(*out, *in) + } return } @@ -232,6 +237,11 @@ func (in *CDIConfigStatus) DeepCopyInto(out *CDIConfigStatus) { *out = new(FilesystemOverhead) (*in).DeepCopyInto(*out) } + if in.ImagePullSecrets != nil { + in, out := &in.ImagePullSecrets, &out.ImagePullSecrets + *out = make([]v1.LocalObjectReference, len(*in)) + copy(*out, *in) + } return } @@ -281,11 +291,6 @@ func (in *CDIList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CDISpec) DeepCopyInto(out *CDISpec) { *out = *in - if in.ImagePullSecrets != nil { - in, out := &in.ImagePullSecrets, &out.ImagePullSecrets - *out = make([]v1.LocalObjectReference, len(*in)) - copy(*out, *in) - } if in.UninstallStrategy != nil { in, out := &in.UninstallStrategy, &out.UninstallStrategy *out = new(CDIUninstallStrategy)