MetalLB Ironbank Images

Mostly opening this issue for awareness that Ironbank MetalLB images exist now - https://repo1.dso.mil/dsop/opensource/metallb

It would probably be good for Big Bang to adopt these in the dev script and CI deployments. There would be changes required to make this work:

• securitycontext needs to be different to use these images
• auth would need to be provided for registry1 in pipelines/dev script when setting up metallb

added triage-kind label

added community-contribution label

added triage-priority label

added kindenhancement priority5 labels and removed triage-kind triage-priority labels

changed iteration to Big Bang Iterations Oct 17, 2023 - Oct 30, 2023

changed milestone to %2.14.0

@chris.oconnell @ryan.thompson.44 Would we want to switch to these by default and further lock down the k3d-dev.sh script to only be used by us or those with login.dso.mil/registry1.dso.mil accounts or provide an option to use upstream still with a flag?

k3d-dev.sh has been engineered only for our dev and testing but I keep hearing new reports of others utilizing it.

From my perspective...if they are using BB's dev script then they likely are using Big Bang and already have auth for registry1? Also last I checked registry1.dso.mil/login.dso.mil were "open" (i.e. anyone can sign up and get access to Ironbank for pulling only.

@micah.nagel What securitycontext changes are required to use these images?

The readmes for the Ironbank images list the users. A kustomization like this would work - https://github.com/defenseunicorns/uds-package-metallb/blob/main/kustomizations/kustomization.yaml - this is how I am consuming them.

mentioned in merge request !3330 (merged)

Not sure what CI deployment changes are needed for this issue, but the k3d-dev.sh draft is here: !3330 (merged).

assigned to @jrb

added statusdoing label

The k3d-dev.sh changes are finished and tested in !3330 (merged). The issue also mentions updating some CI deployments. I'm not familiar with those - where do they live?

@micah.nagel the change to k3d-dev.sh is now merged. I'm happy to take a look provided I have the appropriate access. Do you know which CI deployments these are, and where they live?

I believe its all under https://repo1.dso.mil/big-bang/pipeline-templates/pipeline-templates/-/tree/master/clusters/k3d/dependencies/metallb?ref_type=heads

Thanks. I have a draft MR here: big-bang/pipeline-templates/pipeline-templates!450 (merged). Not really sure how to test it.

That's probably a good question for some of the internal BB team - I am just a community contributor at this point and not as familiar with the current team's processes for pipeline testing.

mentioned in merge request big-bang/pipeline-templates/pipeline-templates!450 (merged)

removed iteration Big Bang Iterations Oct 17, 2023 - Oct 30, 2023

changed iteration to Big Bang Iterations Oct 31, 2023 - Nov 13, 2023

changed milestone to %2.15.0

set weight to 2

assigned to @benjamin.starks

removed iteration Big Bang Iterations Oct 31, 2023 - Nov 13, 2023