UNCLASSIFIED - NO CUI

Skip to content

fix: packages registry secret logic

Daniel Palmer requested to merge 1710-packages-optional-registry-secret into master

Description

Fixes logic for generating registry credential secrets for packages. Since registryCredentials are required via schema, updates logic to depend on required dockerconfigjson properties.

Tests

Negative Test Case

Using default values from chart along with the following packages-values:

packages:
  podinfo:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3
  somepackage:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3

registryCredentials:
  registry: ""
  password: ""
  username: ""

Chart successfully renders no private-registry secrets for either packages.

Positive Test Case - Map

Using default values from chart along with the following packages-values:

packages:
  podinfo:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3
  somepackage:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3

registryCredentials:
  registry: someregistry
  username: someusername
  password: somepassword

Successfully generates the following secrets:

---
# Source: bigbang/templates/secrets/imagepullsecret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: private-registry
  namespace: podinfo
  labels:
    app.kubernetes.io/name: private-registry
    app.kubernetes.io/instance: bb
    app.kubernetes.io/version: 2.10.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/part-of: "bigbang"
    helm.sh/chart: bigbang-2.10.0
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: eyJhdXRocyI6eyJzb21lcmVnaXN0cnkiOnsidXNlcm5hbWUiOiJzb21ldXNlcm5hbWUiLCJwYXNzd29yZCI6InNvbWVwYXNzd29yZCIsImVtYWlsIjoiJSFzKDxuaWw+KSIsImF1dGgiOiJjMjl0WlhWelpYSnVZVzFsT25OdmJXVndZWE56ZDI5eVpBPT0ifX19
---
# Source: bigbang/templates/secrets/imagepullsecret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: private-registry
  namespace: somepackage
  labels:
    app.kubernetes.io/name: private-registry
    app.kubernetes.io/instance: bb
    app.kubernetes.io/version: 2.10.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/part-of: "bigbang"
    helm.sh/chart: bigbang-2.10.0
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: eyJhdXRocyI6eyJzb21lcmVnaXN0cnkiOnsidXNlcm5hbWUiOiJzb21ldXNlcm5hbWUiLCJwYXNzd29yZCI6InNvbWVwYXNzd29yZCIsImVtYWlsIjoiJSFzKDxuaWw+KSIsImF1dGgiOiJjMjl0WlhWelpYSnVZVzFsT25OdmJXVndZWE56ZDI5eVpBPT0ifX19

Positive Test Case - List

Using default values from chart along with the following packages-values:

packages:
  podinfo:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3
  somepackage:
    git:
      repo: https://github.com/stefanprodan/podinfo.git
      tag: 6.3.4
      path: charts/podinfo
    flux:
      timeout: 5m
    postRenderers: []
    dependsOn:
      - name: monitoring
        namespace: bigbang
    values:
      replicaCount: 3

registryCredentials:
  - registry: someregistry
    username: someusername
    password: somepassword
  - registry: someregistry2
    username: someusername2
    password: somepassword2

Successfully generates the following secrets:

---
# Source: bigbang/templates/secrets/imagepullsecret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: private-registry
  namespace: podinfo
  labels:
    app.kubernetes.io/name: private-registry
    app.kubernetes.io/instance: bb
    app.kubernetes.io/version: 2.10.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/part-of: "bigbang"
    helm.sh/chart: bigbang-2.10.0
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: ewogICJhdXRocyI6IHsKICAgICJzb21lcmVnaXN0cnkiOiB7CiAgICAgICJ1c2VybmFtZSI6ICJzb21ldXNlcm5hbWUiLAogICAgICAicGFzc3dvcmQiOiAic29tZXBhc3N3b3JkIiwKICAgICAgImVtYWlsIjogIiIsCiAgICAgICJhdXRoIjogImMyOXRaWFZ6WlhKdVlXMWxPbk52YldWd1lYTnpkMjl5WkE9PSIKICAgIH0sCiAgICAic29tZXJlZ2lzdHJ5MiI6IHsKICAgICAgInVzZXJuYW1lIjogInNvbWV1c2VybmFtZTIiLAogICAgICAicGFzc3dvcmQiOiAic29tZXBhc3N3b3JkMiIsCiAgICAgICJlbWFpbCI6ICIiLAogICAgICAiYXV0aCI6ICJjMjl0WlhWelpYSnVZVzFsTWpwemIyMWxjR0Z6YzNkdmNtUXkiCiAgICB9CiAgfQp9
---
# Source: bigbang/templates/secrets/imagepullsecret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: private-registry
  namespace: somepackage
  labels:
    app.kubernetes.io/name: private-registry
    app.kubernetes.io/instance: bb
    app.kubernetes.io/version: 2.10.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/part-of: "bigbang"
    helm.sh/chart: bigbang-2.10.0
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: ewogICJhdXRocyI6IHsKICAgICJzb21lcmVnaXN0cnkiOiB7CiAgICAgICJ1c2VybmFtZSI6ICJzb21ldXNlcm5hbWUiLAogICAgICAicGFzc3dvcmQiOiAic29tZXBhc3N3b3JkIiwKICAgICAgImVtYWlsIjogIiIsCiAgICAgICJhdXRoIjogImMyOXRaWFZ6WlhKdVlXMWxPbk52YldWd1lYTnpkMjl5WkE9PSIKICAgIH0sCiAgICAic29tZXJlZ2lzdHJ5MiI6IHsKICAgICAgInVzZXJuYW1lIjogInNvbWV1c2VybmFtZTIiLAogICAgICAicGFzc3dvcmQiOiAic29tZXBhc3N3b3JkMiIsCiAgICAgICJlbWFpbCI6ICIiLAogICAgICAiYXV0aCI6ICJjMjl0WlhWelpYSnVZVzFsTWpwemIyMWxjR0Z6YzNkdmNtUXkiCiAgICB9CiAgfQp9

For Issue

Closes #1710 (closed)

Edited by Daniel Palmer

Merge request reports

Loading