Skip to content

Commit

Permalink
Use correct registries to integrate with new packages workflows (#8538)
Browse files Browse the repository at this point in the history
  • Loading branch information
abhay-krishna committed Aug 6, 2024
1 parent 1942816 commit 6cc8219
Show file tree
Hide file tree
Showing 9 changed files with 143 additions and 87 deletions.
36 changes: 15 additions & 21 deletions pkg/curatedpackages/packagecontrollerclient.go
Original file line number Diff line number Diff line change
Expand Up @@ -241,26 +241,26 @@ func (pc *PackageControllerClient) Enable(ctx context.Context) error {

// GetCuratedPackagesRegistries gets value for configurable registries from PBC.
func (pc *PackageControllerClient) GetCuratedPackagesRegistries(ctx context.Context) (sourceRegistry, defaultRegistry, defaultImageRegistry string) {
sourceRegistry = publicProdECR
defaultImageRegistry = packageProdDomain
accountName := prodAccount
if strings.Contains(pc.chart.Image(), devAccount) {
accountName = devAccount
defaultImageRegistry = packageDevDomain
sourceRegistry = publicDevECR
}
if strings.Contains(pc.chart.Image(), stagingAccount) {
accountName = stagingAccount
defaultImageRegistry = packageProdDomain
sourceRegistry = publicStagingECR
sourceRegistry = prodPublicRegistryURI
defaultImageRegistry = prodNonRegionalPrivateRegistryURI
registry := prodPublicRegistryAlias
if strings.Contains(pc.chart.Image(), devNonRegionalPublicRegistryAlias) {
registry = devRegionalPublicRegistryAlias
defaultImageRegistry = devRegionalPrivateRegistryURI
sourceRegistry = devRegionalPublicRegistryURI
}
if strings.Contains(pc.chart.Image(), stagingPublicRegistryAlias) {
registry = stagingPublicRegistryAlias
defaultImageRegistry = devRegionalPrivateRegistryURI
sourceRegistry = stagingPublicRegistryURI
}
defaultRegistry = sourceRegistry

if pc.registryMirror != nil {
// account is added as part of registry name in package controller helm chart
// registry name is added as part of sourceRegistry field in package controller helm chart
// https://github.com/aws/eks-anywhere-packages/blob/main/charts/eks-anywhere-packages/values.yaml#L15-L18
sourceRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), accountName)
defaultRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), accountName)
sourceRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), registry)
defaultRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), registry)
if gatedOCINamespace := pc.registryMirror.CuratedPackagesMirror(); gatedOCINamespace != "" {
defaultImageRegistry = gatedOCINamespace
}
Expand All @@ -273,12 +273,6 @@ func (pc *PackageControllerClient) GetCuratedPackagesRegistries(ctx context.Cont
if err := pc.registryAccessTester.Test(ctx, pc.eksaAccessKeyID, pc.eksaSecretAccessKey, pc.eksaRegion, pc.eksaAwsConfig, regionalRegistry); err == nil {
// use regional registry when the above credential is good
logger.V(6).Info("Using regional registry")
// In the dev case, we use a separate public ECR registry in the
// beta packages account to source the packages controller and
// credential provider package
if regionalRegistry == devRegionalECR {
sourceRegistry = devRegionalPublicECR
}
defaultRegistry = regionalRegistry
defaultImageRegistry = regionalRegistry
} else {
Expand Down
31 changes: 30 additions & 1 deletion pkg/curatedpackages/packagecontrollerclient_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1287,7 +1287,7 @@ func TestGetCuratedPackagesRegistries(s *testing.T) {
}
})

s.Run("get regional registries", func(t *testing.T) {
s.Run("get prod regional registries", func(t *testing.T) {
ctrl := gomock.NewController(t)
k := mocks.NewMockKubectlRunner(ctrl)
cm := mocks.NewMockChartManager(ctrl)
Expand Down Expand Up @@ -1315,6 +1315,35 @@ func TestGetCuratedPackagesRegistries(s *testing.T) {
t.Errorf("expected %q, got %q", expected, actualImageRegistry)
}
})

s.Run("get staging regional registries", func(t *testing.T) {
ctrl := gomock.NewController(t)
k := mocks.NewMockKubectlRunner(ctrl)
cm := mocks.NewMockChartManager(ctrl)
kubeConfig := "kubeconfig.kubeconfig"
chart := &artifactsv1.Image{
Name: "test_controller",
URI: "test_registry/w9m0f3l5/eks-anywhere-packages:v1",
}
clusterName := "billy"
writer, _ := filewriter.NewWriter(clusterName)
client := curatedpackages.NewPackageControllerClient(
cm, k, clusterName, kubeConfig, chart, nil,
curatedpackages.WithManagementClusterName(clusterName),
curatedpackages.WithValuesFileWriter(writer),
curatedpackages.WithRegistryAccessTester(&stubRegistryAccessTester{}),
)

expected := "724423470321.dkr.ecr.us-west-2.amazonaws.com"
_, actualDefaultRegistry, actualImageRegistry := client.GetCuratedPackagesRegistries(context.Background())

if actualDefaultRegistry != expected {
t.Errorf("expected %q, got %q", expected, actualDefaultRegistry)
}
if actualImageRegistry != expected {
t.Errorf("expected %q, got %q", expected, actualImageRegistry)
}
})
}

func TestReconcile(s *testing.T) {
Expand Down
31 changes: 31 additions & 0 deletions pkg/curatedpackages/packagereader_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,22 @@ func TestPackageReader_ReadImagesFromBundles(t *testing.T) {
tt.Expect(images).NotTo(BeEmpty())
}

func TestPackageReader_ReadImagesFromBundlesStaging(t *testing.T) {
tt := newPackageReaderTest(t)
artifact := registry.NewArtifactFromURI("public.ecr.aws/w9m0f3l5/eks-anywhere-packages-bundles:v1-21-latest")
repo, err := remote.NewRepository("owner/name")
assert.NoError(t, err)
tt.storageClient.EXPECT().GetStorage(tt.ctx, gomock.Any()).Return(repo, nil)
tt.storageClient.EXPECT().FetchBytes(tt.ctx, gomock.Any(), artifact).Return(desc, imageManifest, nil)
tt.storageClient.EXPECT().FetchBlob(tt.ctx, gomock.Any(), gomock.Any()).Return(packageBundle, nil)
tt.bundles.Spec.VersionsBundles[0].PackageController.Controller.URI = tt.registryName + "/w9m0f3l5/ctrl:v1"

images, err := tt.command.ReadImagesFromBundles(tt.ctx, tt.bundles)

tt.Expect(err).To(BeNil())
tt.Expect(images).NotTo(BeEmpty())
}

func TestPackageReader_ReadImagesFromBundlesProduction(t *testing.T) {
tt := newPackageReaderTest(t)
artifact := registry.NewArtifactFromURI("public.ecr.aws/eks-anywhere/eks-anywhere-packages-bundles:v1-21-latest")
Expand Down Expand Up @@ -159,6 +175,21 @@ func TestPackageReader_ReadChartsFromBundles(t *testing.T) {
tt.Expect(images).NotTo(BeEmpty())
}

func TestPackageReader_ReadChartsFromBundlesStaging(t *testing.T) {
tt := newPackageReaderTest(t)
artifact := registry.NewArtifactFromURI("public.ecr.aws/w9m0f3l5/eks-anywhere-packages-bundles:v1-21-latest")
repo, err := remote.NewRepository("owner/name")
assert.NoError(t, err)
tt.storageClient.EXPECT().GetStorage(tt.ctx, gomock.Any()).Return(repo, nil)
tt.storageClient.EXPECT().FetchBytes(tt.ctx, gomock.Any(), artifact).Return(desc, imageManifest, nil)
tt.storageClient.EXPECT().FetchBlob(tt.ctx, gomock.Any(), gomock.Any()).Return(packageBundle, nil)
tt.bundles.Spec.VersionsBundles[0].PackageController.Controller.URI = tt.registryName + "/w9m0f3l5/ctrl:v1"

images := tt.command.ReadChartsFromBundles(tt.ctx, tt.bundles)

tt.Expect(images).NotTo(BeEmpty())
}

func TestPackageReader_ReadChartsFromBundlesProduction(t *testing.T) {
tt := newPackageReaderTest(t)
artifact := registry.NewArtifactFromURI("public.ecr.aws/eks-anywhere/eks-anywhere-packages-bundles:v1-21-latest")
Expand Down
31 changes: 12 additions & 19 deletions pkg/curatedpackages/reader.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,19 +14,6 @@ import (
releasev1 "github.com/aws/eks-anywhere/release/api/v1alpha1"
)

// Temporary: Curated packages dev and prod accounts are currently hard coded
// This is because there is no mechanism to extract these values as of now.
const (
prodAccount = "eks-anywhere"
devAccount = "l0g8r8j6"
stagingAccount = "w9m0f3l5"
publicProdECR = "public.ecr.aws/" + prodAccount
publicDevECR = "public.ecr.aws/" + devAccount
publicStagingECR = "public.ecr.aws/" + stagingAccount
packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
packageDevDomain = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
)

type PackageReader struct {
cache *registry.Cache
credentialStore *registry.CredentialStore
Expand Down Expand Up @@ -146,15 +133,21 @@ func removeDuplicateImages(images []registry.Artifact) []registry.Artifact {
}

func getChartRegistry(uri string) string {
if strings.Contains(uri, publicProdECR) {
return publicProdECR
if strings.Contains(uri, prodPublicRegistryURI) {
return prodPublicRegistryURI
}
return publicDevECR
if strings.Contains(uri, stagingPublicRegistryURI) {
return stagingPublicRegistryURI
}
return devRegionalPublicRegistryURI
}

func getImageRegistry(uri, awsRegion string) string {
if strings.Contains(uri, publicProdECR) {
return strings.ReplaceAll(packageProdDomain, eksaDefaultRegion, awsRegion)
if strings.Contains(uri, prodPublicRegistryURI) {
return strings.ReplaceAll(prodNonRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
}
if strings.Contains(uri, stagingPublicRegistryURI) {
return strings.ReplaceAll(stagingRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
}
return strings.ReplaceAll(packageDevDomain, eksaDefaultRegion, awsRegion)
return strings.ReplaceAll(devRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
}
46 changes: 5 additions & 41 deletions pkg/curatedpackages/regional_registry.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,42 +14,6 @@ import (
"github.com/aws/aws-sdk-go-v2/service/ecr"
)

const (
devRegionalECR string = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
devRegionalPublicECR string = "public.ecr.aws/x3k6m8v0"
stagingRegionalECR string = "TODO.dkr.ecr.us-west-2.amazonaws.com"
)

var prodRegionalECRMap = map[string]string{
"af-south-1": "783635962247.dkr.ecr.af-south-1.amazonaws.com",
"ap-east-1": "804323328300.dkr.ecr.ap-east-1.amazonaws.com",
"ap-northeast-1": "143143237519.dkr.ecr.ap-northeast-1.amazonaws.com",
"ap-northeast-2": "447311122189.dkr.ecr.ap-northeast-2.amazonaws.com",
"ap-northeast-3": "376465423944.dkr.ecr.ap-northeast-3.amazonaws.com",
"ap-south-1": "357015164304.dkr.ecr.ap-south-1.amazonaws.com",
"ap-south-2": "388483641499.dkr.ecr.ap-south-2.amazonaws.com",
"ap-southeast-1": "654894141437.dkr.ecr.ap-southeast-1.amazonaws.com",
"ap-southeast-2": "299286866837.dkr.ecr.ap-southeast-2.amazonaws.com",
"ap-southeast-3": "703305448174.dkr.ecr.ap-southeast-3.amazonaws.com",
"ap-southeast-4": "106475008004.dkr.ecr.ap-southeast-4.amazonaws.com",
"ca-central-1": "064352486547.dkr.ecr.ca-central-1.amazonaws.com",
"eu-central-1": "364992945014.dkr.ecr.eu-central-1.amazonaws.com",
"eu-central-2": "551422459769.dkr.ecr.eu-central-2.amazonaws.com",
"eu-north-1": "826441621985.dkr.ecr.eu-north-1.amazonaws.com",
"eu-south-1": "787863792200.dkr.ecr.eu-south-1.amazonaws.com",
"eu-west-1": "090204409458.dkr.ecr.eu-west-1.amazonaws.com",
"eu-west-2": "371148654473.dkr.ecr.eu-west-2.amazonaws.com",
"eu-west-3": "282646289008.dkr.ecr.eu-west-3.amazonaws.com",
"il-central-1": "131750224677.dkr.ecr.il-central-1.amazonaws.com",
"me-central-1": "454241080883.dkr.ecr.me-central-1.amazonaws.com",
"me-south-1": "158698011868.dkr.ecr.me-south-1.amazonaws.com",
"sa-east-1": "517745584577.dkr.ecr.sa-east-1.amazonaws.com",
"us-east-1": "331113665574.dkr.ecr.us-east-1.amazonaws.com",
"us-east-2": "297090588151.dkr.ecr.us-east-2.amazonaws.com",
"us-west-1": "440460740297.dkr.ecr.us-west-1.amazonaws.com",
"us-west-2": "346438352937.dkr.ecr.us-west-2.amazonaws.com",
}

// RegistryAccessTester test if AWS credentials has valid permission to access an ECR registry.
type RegistryAccessTester interface {
Test(ctx context.Context, accessKey, secret, region, awsConfig, registry string) error
Expand Down Expand Up @@ -101,13 +65,13 @@ func TestRegistryWithAuthToken(authToken, registry string, do Do) error {

// GetRegionalRegistry get the regional registry corresponding to defaultRegistry in a specific region.
func GetRegionalRegistry(defaultRegistry, region string) string {
if strings.Contains(defaultRegistry, devAccount) {
return devRegionalECR
if strings.Contains(defaultRegistry, devNonRegionalPublicRegistryAlias) {
return devRegionalPrivateRegistryURI
}
if strings.Contains(defaultRegistry, stagingAccount) {
return stagingRegionalECR
if strings.Contains(defaultRegistry, stagingPublicRegistryAlias) {
return stagingRegionalPrivateRegistryURI
}
return prodRegionalECRMap[region]
return prodRegionalPrivateRegistryURIByRegion[region]
}

// RegistryAuthTokenProvider provides auth token for registry access.
Expand Down
45 changes: 45 additions & 0 deletions pkg/curatedpackages/registry_constants.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
package curatedpackages

const (
devNonRegionalPublicRegistryAlias = "l0g8r8j6"
devRegionalPublicRegistryAlias = "x3k6m8v0"
stagingPublicRegistryAlias = "w9m0f3l5"
prodPublicRegistryAlias = "eks-anywhere"
devNonRegionalPublicRegistryURI = "public.ecr.aws/" + devNonRegionalPublicRegistryAlias
devRegionalPublicRegistryURI = "public.ecr.aws/" + devRegionalPublicRegistryAlias
stagingPublicRegistryURI = "public.ecr.aws/" + stagingPublicRegistryAlias
prodPublicRegistryURI = "public.ecr.aws/" + prodPublicRegistryAlias
prodNonRegionalPrivateRegistryURI = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
devRegionalPrivateRegistryURI = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
stagingRegionalPrivateRegistryURI = "724423470321.dkr.ecr.us-west-2.amazonaws.com"
)

var prodRegionalPrivateRegistryURIByRegion = map[string]string{
"af-south-1": "783635962247.dkr.ecr.af-south-1.amazonaws.com",
"ap-east-1": "804323328300.dkr.ecr.ap-east-1.amazonaws.com",
"ap-northeast-1": "143143237519.dkr.ecr.ap-northeast-1.amazonaws.com",
"ap-northeast-2": "447311122189.dkr.ecr.ap-northeast-2.amazonaws.com",
"ap-northeast-3": "376465423944.dkr.ecr.ap-northeast-3.amazonaws.com",
"ap-south-1": "357015164304.dkr.ecr.ap-south-1.amazonaws.com",
"ap-south-2": "388483641499.dkr.ecr.ap-south-2.amazonaws.com",
"ap-southeast-1": "654894141437.dkr.ecr.ap-southeast-1.amazonaws.com",
"ap-southeast-2": "299286866837.dkr.ecr.ap-southeast-2.amazonaws.com",
"ap-southeast-3": "703305448174.dkr.ecr.ap-southeast-3.amazonaws.com",
"ap-southeast-4": "106475008004.dkr.ecr.ap-southeast-4.amazonaws.com",
"ca-central-1": "064352486547.dkr.ecr.ca-central-1.amazonaws.com",
"eu-central-1": "364992945014.dkr.ecr.eu-central-1.amazonaws.com",
"eu-central-2": "551422459769.dkr.ecr.eu-central-2.amazonaws.com",
"eu-north-1": "826441621985.dkr.ecr.eu-north-1.amazonaws.com",
"eu-south-1": "787863792200.dkr.ecr.eu-south-1.amazonaws.com",
"eu-west-1": "090204409458.dkr.ecr.eu-west-1.amazonaws.com",
"eu-west-2": "371148654473.dkr.ecr.eu-west-2.amazonaws.com",
"eu-west-3": "282646289008.dkr.ecr.eu-west-3.amazonaws.com",
"il-central-1": "131750224677.dkr.ecr.il-central-1.amazonaws.com",
"me-central-1": "454241080883.dkr.ecr.me-central-1.amazonaws.com",
"me-south-1": "158698011868.dkr.ecr.me-south-1.amazonaws.com",
"sa-east-1": "517745584577.dkr.ecr.sa-east-1.amazonaws.com",
"us-east-1": "331113665574.dkr.ecr.us-east-1.amazonaws.com",
"us-east-2": "297090588151.dkr.ecr.us-east-2.amazonaws.com",
"us-west-1": "440460740297.dkr.ecr.us-west-1.amazonaws.com",
"us-west-2": "346438352937.dkr.ecr.us-west-2.amazonaws.com",
}
4 changes: 2 additions & 2 deletions pkg/docker/registry.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ import (
// doesn't have support for root level.
const (
packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
packageDevDomain = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
packageDevDomain = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
publicProdECRName = "eks-anywhere"
publicDevECRName = "l0g8r8j6"
publicDevECRName = "x3k6m8v0"
)

// ImageRegistryDestination implements the ImageDestination interface, writing images and tags from
Expand Down
4 changes: 2 additions & 2 deletions pkg/docker/registry_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ func TestNewRegistryDestinationWhenPackagesDevProvided(t *testing.T) {
client := mocks.NewMockImageTaggerPusher(ctrl)

registry := "https://registry"
expectedRegistry := "https://registry/l0g8r8j6"
image := "857151390494.dkr.ecr.us-west-2.amazonaws.com:v1"
expectedRegistry := "https://registry/x3k6m8v0"
image := "067575901363.dkr.ecr.us-west-2.amazonaws.com:v1"
ctx := context.Background()
dstLoader := docker.NewRegistryDestination(client, registry)
client.EXPECT().TagImage(test.AContext(), image, expectedRegistry)
Expand Down
2 changes: 1 addition & 1 deletion pkg/executables/docker.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ const (
dockerPath = "docker"
defaultRegistry = "public.ecr.aws"
packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
packageDevDomain = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
packageDevDomain = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
)

type Docker struct {
Expand Down

0 comments on commit 6cc8219

Please sign in to comment.