From d3bbdae1c6941d9629d555329cd1fc486870c973 Mon Sep 17 00:00:00 2001 From: Alan Date: Thu, 25 Apr 2024 06:34:49 +0200 Subject: [PATCH] feat(runner): expose imagepullpolicy as a config option --- api/v1alpha1/common.go | 9 +++++++++ deploy/charts/burrito/templates/rbac-runner.yaml | 6 ++++++ internal/controllers/terraformrun/pod.go | 8 +++++--- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/api/v1alpha1/common.go b/api/v1alpha1/common.go index ac2f78df..132124dd 100644 --- a/api/v1alpha1/common.go +++ b/api/v1alpha1/common.go @@ -13,6 +13,7 @@ const ( type OverrideRunnerSpec struct { ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` Image string `json:"image,omitempty"` + ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"` Tolerations []corev1.Toleration `json:"tolerations,omitempty"` NodeSelector map[string]string `json:"nodeSelector,omitempty"` ServiceAccountName string `json:"serviceAccountName,omitempty"` @@ -94,6 +95,7 @@ func GetOverrideRunnerSpec(repository *TerraformRepository, layer *TerraformLaye Resources: mergeResources(repository.Spec.OverrideRunnerSpec.Resources, layer.Spec.OverrideRunnerSpec.Resources), EnvFrom: mergeEnvFrom(repository.Spec.OverrideRunnerSpec.EnvFrom, layer.Spec.OverrideRunnerSpec.EnvFrom), Image: chooseString(repository.Spec.OverrideRunnerSpec.Image, layer.Spec.OverrideRunnerSpec.Image), + ImagePullPolicy: chooseImagePullPolicy(repository.Spec.OverrideRunnerSpec.ImagePullPolicy, layer.Spec.OverrideRunnerSpec.ImagePullPolicy), ServiceAccountName: chooseString(repository.Spec.OverrideRunnerSpec.ServiceAccountName, layer.Spec.OverrideRunnerSpec.ServiceAccountName), ImagePullSecrets: mergeImagePullSecrets(repository.Spec.OverrideRunnerSpec.ImagePullSecrets, layer.Spec.OverrideRunnerSpec.ImagePullSecrets), } @@ -143,6 +145,13 @@ func chooseString(a, b string) string { return a } +func chooseImagePullPolicy(a, b corev1.PullPolicy) corev1.PullPolicy { + if b != "" { + return b + } + return a +} + func chooseInt(a, b *int, d int) *int { if b != nil { return b diff --git a/deploy/charts/burrito/templates/rbac-runner.yaml b/deploy/charts/burrito/templates/rbac-runner.yaml index 50a93175..6b1e081b 100644 --- a/deploy/charts/burrito/templates/rbac-runner.yaml +++ b/deploy/charts/burrito/templates/rbac-runner.yaml @@ -21,6 +21,12 @@ rules: verbs: - get - patch +- apiGroups: + - config.terraform.padok.cloud + resources: + - terraformruns + verbs: + - get - apiGroups: - config.terraform.padok.cloud resources: diff --git a/internal/controllers/terraformrun/pod.go b/internal/controllers/terraformrun/pod.go index 45d693bc..1efe0f45 100644 --- a/internal/controllers/terraformrun/pod.go +++ b/internal/controllers/terraformrun/pod.go @@ -187,6 +187,7 @@ func (r *Reconciler) getPod(run *configv1alpha1.TerraformRun, layer *configv1alp defaultSpec.Containers[0].Resources = overrideSpec.Resources defaultSpec.Containers[0].EnvFrom = append(defaultSpec.Containers[0].EnvFrom, overrideSpec.EnvFrom...) defaultSpec.ImagePullSecrets = append(defaultSpec.ImagePullSecrets, overrideSpec.ImagePullSecrets...) + defaultSpec.Containers[0].ImagePullPolicy = overrideSpec.ImagePullPolicy if len(overrideSpec.ServiceAccountName) > 0 { defaultSpec.ServiceAccountName = overrideSpec.ServiceAccountName @@ -261,9 +262,10 @@ func defaultPodSpec(config *config.Config, layer *configv1alpha1.TerraformLayer, ServiceAccountName: "burrito-runner", Containers: []corev1.Container{ { - Name: "runner", - Image: fmt.Sprintf("ghcr.io/padok-team/burrito:%s", version.Version), - Args: []string{"runner", "start"}, + Name: "runner", + Image: fmt.Sprintf("ghcr.io/padok-team/burrito:%s", version.Version), + ImagePullPolicy: corev1.PullIfNotPresent, + Args: []string{"runner", "start"}, VolumeMounts: []corev1.VolumeMount{ { MountPath: "/home/burrito/.ssh/known_hosts",