chore: migrate all images to ironbank

50f709ec · Michael McLeroy · 4232dc98 · 50f709ec · 50f709ec · 50f709ec
Commit 50f709ec authored 2 years ago by Michael McLeroy
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,11 @@
 Format: [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
+## [ 0.58.0-bb.1 ] - 2020-11-12
+### Changed
+- Converted all images to quay.io/kubevirt
+- Added pull secret in test-values
 ## [ 0.58.0-bb.0 ] - 2020-11-12
 - Upgraded to Kubevirt v0.58.0

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -19,4 +19,4 @@ When submitting code updates:
 3. _do the dew_
 4. submit a [Merge Request](https://repo1.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/-/merge_requests)
 5. Project owners will review the submission and engage with questions
 6. familiarize and follow the [Versioning scheme](https://repo1.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/-/blob/master/docs/versioning.md)
\ No newline at end of file
--- a/Makefile
+++ b/Makefile
 install:
 	helm install kv ./chart --create-namespace --namespace kubevirt
-move-images:
-	utils/registrySync.sh
 update-chart:
 	scripts/update-chart.sh
@@ -17,4 +14,4 @@ eks-deploy:
 	cd scripts/eks/ && ./eks-cluster-deploy.sh && cd -
 eks-destroy:
 	cd scripts/eks/ && ./eks-cluster-destroy.sh && cd -
\ No newline at end of file
--- a/README.md
+++ b/README.md
 # kubevirt
-![Version: 0.58.0-bb.0](https://img.shields.io/badge/Version-0.58.0--bb.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.58.0](https://img.shields.io/badge/AppVersion-0.58.0-informational?style=flat-square)
+![Version: 0.58.0-bb.1(https://img.shields.io/badge/Version-0.58.0--bb.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.58.0](https://img.shields.io/badge/AppVersion-0.58.0-informational?style=flat-square)
 KubeVirt helm chart package
@@ -32,7 +32,7 @@ helm install kubevirt chart/
 |-----|------|---------|-------------|
 | deployment.spec.replicas | int | `2` | replica count |
 | deployment.spec.template.spec.containers.image.name | string | `"virt-operator"` |  |
-| deployment.spec.template.spec.containers.image.registry | string | `"registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt"` |  |
+| deployment.spec.template.spec.containers.image.registry | string | `"quay.io/kubevirt"` |  |
 | deployment.spec.template.spec.containers.image.version | string | `"v0.58.0"` |  |
 | deployment.spec.template.spec.containers.command.port | int | `8443` |  |
 | deployment.spec.template.spec.containers.command.verbosity | int | `2` |  |

--- a/bigbang/templates/_helpers.tpl
+++ b/bigbang/templates/_helpers.tpl
@@ -53,6 +53,31 @@ branch: {{ .branch | quote }}
 {{- end -}}
 {{- end -}}
+{{/*
+Check for git ref, given package values map
+*/}}
+{{- define "checkGitRef" -}}
+{{- $git := (dig "git" dict .) -}}
+{{- if not $git.repo -}}
+false
+{{- else -}}
+{{- if $git.commit -}}
+{{- if not $git.branch -}}
+false
+{{- end -}}
+true
+{{- else if $git.semver -}}
+true
+{{- else if $git.tag -}}
+true
+{{- else if $git.branch -}}
+true
+{{- else -}}
+false
+{{- end -}}
+{{- end -}}
+{{- end -}}
 {{/*
 Build the appropriate git credentials secret for private git repositories
 */}}
@@ -83,10 +108,11 @@ Build common set of file extensions to include/exclude
 Common labels for all objects
 */}}
 {{- define "commonLabels" -}}
-app.kubernetes.io/instance: "{{ .Release.Name }}"
+app.kubernetes.io/instance: {{ .Release.Name }}
-app.kubernetes.io/version: "{{ .Chart.Version }}"
+app.kubernetes.io/version: {{ default .Chart.Version .Chart.AppVersion | replace "+" "_" }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
 app.kubernetes.io/part-of: "bigbang"
-app.kubernetes.io/managed-by: "flux"
+helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
 {{- end -}}
 {{- define "values-secret" -}}
@@ -145,10 +171,12 @@ bigbang.addValueIfSet can be used to nil check parameters before adding them to
    {{- end }}
  {{- end }}
 {{- end -}}
 {{/*
 Annotation for Istio version
 */}}
 {{- define "istioAnnotation" -}}
+{{- if (eq (include "checkGitRef" .Values.istio) "true") -}}
 {{- if .Values.istio.git.semver -}}
 bigbang.dev/istioVersion: {{ .Values.istio.git.semver | trimSuffix (regexFind "-bb.*" .Values.istio.git.semver) }}
 {{- else if .Values.istio.git.tag -}}
@@ -156,4 +184,39 @@ bigbang.dev/istioVersion: {{ .Values.istio.git.tag | trimSuffix (regexFind "-bb.
 {{- else if .Values.istio.git.branch -}}
 bigbang.dev/istioVersion: {{ .Values.istio.git.branch }}
 {{- end -}}
+{{- else -}}
+bigbang.dev/istioVersion: {{ .Values.istio.oci.tag }}
+{{- end -}}
+{{- end -}}
+{{- /* Helpers below this line are in support of the Big Bang extensibility feature */ -}}
+{{- /* Converts the string in . to a legal Kubernetes resource name */ -}}
+{{- define "resourceName" -}}
+  {{- regexReplaceAll "\\W+" . "-" | trimPrefix "-" | trunc 63 | trimSuffix "-" | kebabcase -}}
+{{- end -}}
+{{- /* Returns a space separated string of unique namespaces where `<package>.enabled` and key held in `.constraint` are true */ -}}
+{{- /* [Optional] Set `.constraint` to the key under <package> holding a boolean that must be true to be enabled */ -}}
+{{- /* [Optional] Set `.default` to `true` to enable a `true` result when the `constraint` key is not found */ -}}
+{{- /* To use: $ns := compact (splitList " " (include "uniqueNamespaces" (merge (dict "constraint" "some.boolean" "default" true) .))) */ -}}
+{{- define "uniqueNamespaces" -}}
+  {{- $namespaces := list -}}
+  {{- range $pkg, $vals := .Values.packages -}}
+    {{- if (dig "enabled" true $vals) -}}
+      {{- $constraint := $vals -}}
+      {{- range $key := split "." (default "" $.constraint) -}}
+        {{- $constraint = (dig $key dict $constraint) -}}
+      {{- end -}}
+      {{- if (ternary $constraint (default false $.default) (kindIs "bool" $constraint)) -}}
+        {{- $namespaces = append $namespaces (dig "namespace" "name" (include "resourceName" $pkg) $vals) -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+  {{- join " " (uniq $namespaces) | trim -}}
+{{- end -}}
+{{- /* Prints istio version */ -}}
+{{- define "istioVersion" -}}
+{{ regexReplaceAll "-bb.+$" (coalesce .Values.istio.git.semver .Values.istio.git.tag .Values.istio.git.branch) "" }}
 {{- end -}}
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v2
 name: kubevirt
 description: KubeVirt helm chart package
 type: application
-version: 0.58.0-bb.0
+version: 0.58.0-bb.1
 appVersion: "0.58.0"
--- a/chart/templates/tests/test-service.yaml
+++ b/chart/templates/tests/test-service.yaml
@@ -12,7 +12,7 @@ spec:
      containers:
        - command: ["/bin/sh"]
          args: ["-c", "nc -w 3 virt-api.kubevirt.svc.cluster.local 443;exit $?;"]
-          image: registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/busybox:latest
+          image: registry1.dso.mil/ironbank/opensource/alpinelinux/alpine:latest
          name: kubevirt-service-test
      restartPolicy: Never
  backoffLimit: 10
\ No newline at end of file
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -7,7 +7,10 @@ deployment:
        containers:
          image:
            name: virt-operator
-            registry: registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt
+            # virt-handler does not work from IB.  Running as non-root, it does not 
+            # have permissions is needs to /var/lib/kubevirt (and possibly other directories)
+            # registry: registry1.dso.mil/ironbank/opensource/kubevirt
+            registry: quay.io/kubevirt
            version: v0.58.0
          command:
            port: 8443

--- a/scripts/uninstall.sh
+++ b/scripts/uninstall.sh
@@ -3,4 +3,4 @@
 kubectl delete -n kubevirt kubevirt kubevirt --wait=true
 helm uninstall kubevirt --namespace=kubevirt
 kubectl delete ns kubevirt
 kubectl delete crd kubevirts.kubevirt.io
\ No newline at end of file
--- a/scripts/update-chart.sh
+++ b/scripts/update-chart.sh
@@ -10,4 +10,4 @@ mv chart/templates/apiextensions.k8s.io_v1_customresourcedefinition_kubevirts.ku
 rm -rf chart/templates/v1_namespace_kubevirt.yaml
 rm -rf kubevirt-operator.yaml kubevirt-cr.yaml
 echo "Done... "
-echo " Next steps: Review Changes, make move-images, make update-readme, update Changelog"
+echo " Next steps: Review Changes, make update-readme, update Changelog"
\ No newline at end of file
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
+imagePullSecrets:
+  - name: private-registry
\ No newline at end of file
--- a/utils/README.md
+++ b/utils/README.md
-# Registry Sync
-The registrySync.sh script uses a tool called [skopeo](https://github.com/containers/skopeo) in order to synchronize images between the public internet and registry.dso.mil which is required for pipelines to pass.
-There is one step which is required before executing the registrySync.sh script and that is to log skopeo into repo1.
-```
-[rmengert@Robs-MacBook-Pro:~/projects/harness/utils]
-$ skopeo login -u rmengert registry.dso.mil
-Password: 
-Login Succeeded!
-[rmengert@Robs-MacBook-Pro:~/projects/harness/utils]
-$ 
-```
-Note, the credential used to perform the skopeo login MUST be a [personal access token](https://repo1.dso.mil/help/user/profile/personal_access_tokens) if you are using two-factor authentication.
-After logging in, the registrySync.sh can be safely run and will pull a copy of the images in skopeo-kubevirt-sync.yaml from their specified locations and push them into registry.dso.mil.  Specifically the container registry attached to the Kubevirt third party repo.
-# New Image Version
-New versions of containers can easily be added by appending a new version to the list in skopeo-kubevirt-sync.yaml.
-For example:
-```yaml
-quay.io/kubevirt:
-  images:
-    mongo:
-    - 4.2.8
-```
-To add 4.2.9, simply update skopeo-kubevirt-sync.yaml with this version:
-```yaml
-quay.io/kubevirt:
-  images:
-    mongo:
-    - 4.2.8
-    - 4.2.9
-```
\ No newline at end of file
--- a/utils/registrySync.sh
+++ b/utils/registrySync.sh
-#!/bin/bash
-skopeo sync --override-arch amd64 --override-os linux --src yaml --dest docker utils/skopeo-kubevirt-sync.yaml registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt
--- a/utils/skopeo-kubevirt-sync.yaml
+++ b/utils/skopeo-kubevirt-sync.yaml
-quay.io/kubevirt:
-  images:
-    virt-controller:
-    - v0.58.0
-    - v0.55.0
-    - v0.54.0
-    - v0.53.1
-    virt-api:
-    - v0.58.0
-    - v0.55.0
-    - v0.54.0
-    - v0.53.1
-    virt-handler:
-    - v0.58.0
-    - v0.55.0
-    - v0.54.0
-    - v0.53.1
-    virt-launcher:
-    - v0.58.0
-    - v0.55.0
-    - v0.54.0
-    - v0.53.1
-    virt-operator:
-    - v0.58.0
-    - v0.55.0
-    - v0.54.0
-    - v0.53.1
\ No newline at end of file
--- a/zarf.yaml
+++ b/zarf.yaml
@@ -10,15 +10,15 @@ components:
    charts:
      - name: kubevirt
        url: https://repo1.dso.mil/platform-one/big-bang/apps/third-party/kubevirt.git
-        version: 0.58.0-bb.0
+        version: 0.58.0-bb.1
        gitPath: chart
        namespace: kubevirt
        valuesFiles:
          - chart/values.yaml
    images:
-      - registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/virt-api:v0.58.0
+      - quay.io/kubevirt/virt-api:v0.58.0
-      - registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/virt-controller:v0.58.0
+      - quay.io/kubevirt/virt-controller:v0.58.0
-      - registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/virt-launcher:v0.58.0
+      - quay.io/kubevirt/virt-launcher:v0.58.0
-      - registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/virt-handler:v0.58.0
+      - quay.io/kubevirt/virt-handler:v0.58.0
-      - registry.dso.mil/platform-one/big-bang/apps/third-party/kubevirt/virt-operator:v0.58.0
+      - quay.io/kubevirt/virt-operator:v0.58.0