Skip to content

Commit

Permalink
feat(enrichers): imagePullSecrets supported in resource controller co…
Browse files Browse the repository at this point in the history 
…nfiguration (3133)

feature(imagePullSecrets): Add support for specifying imagePullSecrets via resource configuration, issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
---
feature(imagePullSecrets): add imagePullSecrets to _controller_resource_generation.adoc, issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
---
Merge branch 'eclipse-jkube:master' into gh_2467-experimental
---
feature(imagePullSecrets): add gradle plugin integration test, issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
---
feature(imagePullSecrets): remove public access modifier from test class, issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
---
feature(imagePullSecrets): add license, issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
---
feature(imagePullSecrets): update CHANGELOG.md , issue #2467

Signed-off-by: arman-yekkehkhani <[email protected]>
  • Loading branch information
@arman-yekkehkhani
arman-yekkehkhani authored Jun 7, 2024
1 parent 638e5cc commit 64e498e
Show file tree
Hide file tree
Showing 11 changed files with 406 additions and 4 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ Usage:
* Fix #3067: Helm Push uses configured docker global and push registries instead of pull
* Fix #2110: Add new helm dependency update goal task (`k8s:helm-dependency-update` for maven and `k8sHelmDependencyUpdate` for gradle)
* Fix #3122: JKube should also pass project directory in `buildpacks` build strategy

* Fix #2467: Add support for specifying imagePullSecrets via resource configuration
### 1.16.2 (2024-03-27)
* Fix #2461: `k8s:watch`/`k8sWatch` should throw error in `buildpacks` build strategy
* Fix #2852: Bump version.kubernetes-client from 6.10.0 to 6.11.0
Expand Down
48 changes: 48 additions & 0 deletions gradle-plugin/it/src/it/image-pull-secrets/build.gradle
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
/*
* Copyright (c) 2019 Red Hat, Inc.
* This program and the accompanying materials are made
* available under the terms of the Eclipse Public License 2.0
* which is available at:
*
* https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* Red Hat, Inc. - initial API and implementation
*/
plugins {
id 'org.eclipse.jkube.kubernetes' version "${jKubeVersion}"
id 'org.eclipse.jkube.openshift' version "${jKubeVersion}"
id 'java'
}

group = 'org.eclipse.jkube.integration.tests.gradle'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '11'

repositories {
mavenCentral()
}

def extensionConfig = {
offline = true
images {
image {
name = 'repository/image-pull-secrets:latest'
build {
from = 'quay.io/jkube/jkube-java-11'
ports = ['8080']
}
}
}

resources {
controller {
imagePullSecrets = ['secret-1', 'secret-2']
}
}
}

kubernetes(extensionConfig)
openshift(extensionConfig)
101 changes: 101 additions & 0 deletions gradle-plugin/it/src/it/image-pull-secrets/expected/kubernetes.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
---
apiVersion: v1
kind: List
items:
- apiVersion: v1
kind: Service
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: image-pull-secrets
provider: jkube
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
- apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
replicas: 1
revisionHistoryLimit: 2
selector:
matchLabels:
app: image-pull-secrets
provider: jkube
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
template:
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
containers:
- env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: HOSTNAME
valueFrom:
fieldRef:
fieldPath: metadata.name
image: repository/image-pull-secrets:latest
imagePullPolicy: IfNotPresent
name: repository-image-pull-secrets
ports:
- containerPort: 8080
name: http
protocol: TCP
securityContext:
privileged: false
imagePullSecrets:
- name: secret-1
- name: secret-2
141 changes: 141 additions & 0 deletions gradle-plugin/it/src/it/image-pull-secrets/expected/openshift.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
---
apiVersion: v1
kind: List
items:
- apiVersion: v1
kind: Service
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
app.openshift.io/vcs-ref: "@ignore@"
app.openshift.io/vcs-uri: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app: image-pull-secrets
provider: jkube
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
- apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
app.openshift.io/vcs-ref: "@ignore@"
app.openshift.io/vcs-uri: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
replicas: 1
revisionHistoryLimit: 2
selector:
app: image-pull-secrets
provider: jkube
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
strategy:
rollingParams:
timeoutSeconds: 3600
type: Rolling
template:
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
app.openshift.io/vcs-ref: "@ignore@"
app.openshift.io/vcs-uri: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
containers:
- env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: repository/image-pull-secrets:latest
imagePullPolicy: IfNotPresent
name: repository-image-pull-secrets
ports:
- containerPort: 8080
name: http
protocol: TCP
securityContext:
privileged: false
imagePullSecrets:
- name: secret-1
- name: secret-2
triggers:
- type: ConfigChange
- imageChangeParams:
automatic: true
containerNames:
- repository-image-pull-secrets
from:
kind: ImageStreamTag
name: image-pull-secrets:latest
type: ImageChange
- apiVersion: route.openshift.io/v1
kind: Route
metadata:
annotations:
jkube.eclipse.org/git-commit: "@ignore@"
jkube.eclipse.org/git-url: "@ignore@"
app.openshift.io/vcs-ref: "@ignore@"
app.openshift.io/vcs-uri: "@ignore@"
jkube.eclipse.org/git-branch: "@ignore@"
labels:
app: image-pull-secrets
provider: jkube
version: 0.0.1-SNAPSHOT
group: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/part-of: org.eclipse.jkube.integration.tests.gradle
app.kubernetes.io/managed-by: jkube
app.kubernetes.io/name: image-pull-secrets
app.kubernetes.io/version: 0.0.1-SNAPSHOT
name: image-pull-secrets
spec:
port:
targetPort: 8080
to:
kind: Service
name: image-pull-secrets
59 changes: 59 additions & 0 deletions gradle-plugin/it/src/test/java/org/eclipse/jkube/gradle/plugin/tests/ImagePullSecretsIT.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
/*
* Copyright (c) 2019 Red Hat, Inc.
* This program and the accompanying materials are made
* available under the terms of the Eclipse Public License 2.0
* which is available at:
*
* https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* Red Hat, Inc. - initial API and implementation
*/
package org.eclipse.jkube.gradle.plugin.tests;

import net.minidev.json.parser.ParseException;
import org.eclipse.jkube.kit.common.ResourceVerify;
import org.gradle.testkit.runner.BuildResult;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;

import java.io.IOException;

import static org.assertj.core.api.AssertionsForClassTypes.assertThat;

class ImagePullSecretsIT {
@RegisterExtension
final ITGradleRunnerExtension gradleRunner = new ITGradleRunnerExtension();

@Test
void k8sResource_whenRun_generatesK8sManifestsWithImagePullSecrets() throws IOException, ParseException {
final BuildResult result = gradleRunner.withITProject("image-pull-secrets")
.withArguments("k8sResource", "--stacktrace")
.build();

ResourceVerify.verifyResourceDescriptors(gradleRunner.resolveDefaultKubernetesResourceFile(),
gradleRunner.resolveFile("expected", "kubernetes.yml"));
assertThat(result).extracting(BuildResult::getOutput).asString()
.contains("Using resource templates from")
.contains("Adding a default Deployment")
.contains("Adding revision history limit to 2")
.contains("validating");
}

@Test
void ocResource_whenRun_generatesOpenShiftManifestsWithImagePullSecrets() throws IOException, ParseException {
final BuildResult result = gradleRunner.withITProject("image-pull-secrets")
.withArguments("ocResource", "--stacktrace")
.build();

ResourceVerify.verifyResourceDescriptors(gradleRunner.resolveDefaultOpenShiftResourceFile(),
gradleRunner.resolveFile("expected", "openshift.yml"));
assertThat(result).extracting(BuildResult::getOutput).asString()
.contains("Using resource templates from")
.contains("Adding a default Deployment")
.contains("Adding revision history limit to 2")
.contains("validating");
}
}
1 change: 1 addition & 0 deletions ...esource/src/main/java/org/eclipse/jkube/kit/config/resource/ControllerResourceConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,5 @@ public class ControllerResourceConfig {
private ContainerResourcesConfig containerResources;
private String schedule;
private Map<String, String> nodeSelector;
private List<String> imagePullSecrets;
}
8 changes: 6 additions & 2 deletions ...rce/src/test/java/org/eclipse/jkube/kit/config/resource/ControllerResourceConfigTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,8 @@ void builder() {
.name("workdir")
.type("emptyDir")
.path("/work-dir")
.build()));
.build()))
.imagePullSecrets(Collections.singletonList("secret"));

// When
ControllerResourceConfig controllerResourceConfig = initContainerConfigBuilder.build();
Expand Down Expand Up @@ -123,7 +124,10 @@ private void assertControllerResourceConfig(ControllerResourceConfig controllerR
.singleElement(InstanceOfAssertFactories.type(VolumeConfig.class))
.hasFieldOrPropertyWithValue("name", "workdir")
.hasFieldOrPropertyWithValue("type", "emptyDir")
.hasFieldOrPropertyWithValue("path", "/work-dir"));
.hasFieldOrPropertyWithValue("path", "/work-dir"))
.satisfies( c -> assertThat(c.getImagePullSecrets())
.singleElement(InstanceOfAssertFactories.type(String.class))
.isEqualTo("secret"));
}

private void assertProbe(ProbeConfig probeConfig) {
Expand Down
Loading

0 comments on commit 64e498e

Please sign in to comment.