Skip to content

Commit

Permalink
Use radix external registry default auth secret in buildah (#1187)
Browse files Browse the repository at this point in the history
  • Loading branch information
nilsgstrabo authored Sep 17, 2024
1 parent 073d878 commit dc04ac6
Show file tree
Hide file tree
Showing 37 changed files with 3,367 additions and 3,391 deletions.
14 changes: 8 additions & 6 deletions .vscode/launch.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,28 +15,29 @@
"--DEBUG=true",
"--RADIX_TEKTON_IMAGE=radix-tekton:main-latest",
"--RADIX_IMAGE_BUILDER=radix-image-builder:master-latest",
"--RADIX_BUILDAH_IMAGE_BUILDER=quay.io/buildah/stable:v1.31",
"--RADIX_BUILDKIT_IMAGE_BUILDER=radix-buildkit-builder:main-latest",
// "--RADIX_BUILDAH_IMAGE_BUILDER=quay.io/buildah/stable:v1.31",
"--SECCOMP_PROFILE_FILENAME=allow-buildah.json",
"--RADIX_PIPELINE_GIT_CLONE_NSLOOKUP_IMAGE=radixdevcache.azurecr.io/alpine:3.20",
"--RADIX_PIPELINE_GIT_CLONE_GIT_IMAGE=radixdevcache.azurecr.io/alpine/git:2.45.2",
"--RADIX_PIPELINE_GIT_CLONE_BASH_IMAGE=radixdevcache.azurecr.io/bash:5.2",
"--RADIX_CLUSTER_TYPE=development",
"--RADIX_ZONE=dev",
"--RADIX_CLUSTERNAME=weekly-23",
"--RADIX_CLUSTERNAME=weekly-37",
"--RADIX_CONTAINER_REGISTRY=radixdev.azurecr.io",
"--RADIX_APP_CONTAINER_REGISTRY=radixdevapp.azurecr.io",
"--AZURE_SUBSCRIPTION_ID=16ede44b-1f74-40a5-b428-46cca9a5741b",
"--IMAGE_TAG=abcdw",
"--IMAGE_TAG=abcde",
"--BRANCH=main",
// "--COMMIT_ID=4069bf49619be55ee7dbdd426194cc14c30fde10",
"--PUSH_IMAGE=true",
"--USE_CACHE=true",
"--RADIX_FILE_NAME=/workspace/radixconfig.yaml",
"--TO_ENVIRONMENT=dev",
// "--IMAGE_TAG_NAME=server=1.23-alpine-slim",
// "--IMAGE_TAG_NAME=server2=1.22.1-alpine-perl",
"--RADIX_RESERVED_APP_DNS_ALIASES=api=radix-api,canary=radix-canary-golang,console=radix-web-console,cost-api=radix-cost-allocation-api,webhook=radix-github-webhook",
"--RADIX_RESERVED_DNS_ALIASES=grafana,prometheus,www"
"--RADIX_RESERVED_DNS_ALIASES=grafana,prometheus,www",
"--RADIX_EXTERNAL_REGISTRY_DEFAULT_AUTH_SECRET=radix-external-registry-default-auth"
]
},
{
Expand Down Expand Up @@ -144,7 +145,8 @@
"RADIX_DEPLOYMENTS_PER_ENVIRONMENT_HISTORY_LIMIT": "10",
"RADIX_PIPELINE_JOBS_HISTORY_LIMIT": "5",
"SECCOMP_PROFILE_FILENAME": "allow-buildah.json",
"RADIX_BUILDAH_IMAGE_BUILDER": "quay.io/buildah/stable:v1.31",
// "RADIX_BUILDAH_IMAGE_BUILDER": "quay.io/buildah/stable:v1.31",
"RADIX_BUILDKIT_IMAGE_BUILDER": "radix-buildkit-builder:main-latest",
"RADIX_RESERVED_APP_DNS_ALIASES": "api=radix-api,canary=radix-canary-golang,console=radix-web-console,cost-api=radix-cost-allocation-api,webhook=radix-github-webhook",
"RADIX_RESERVED_DNS_ALIASES": "grafana,prometheus,www",
"RADIXOPERATOR_CERTIFICATE_AUTOMATION_CLUSTER_ISSUER": "digicert-http01",
Expand Down
12 changes: 7 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -89,17 +89,19 @@ mocks: bootstrap
mockgen -source ./pkg/apis/job/job_history.go -destination ./radix-operator/job/job_history_mock.go -package job
mockgen -source ./pipeline-runner/internal/wait/job.go -destination ./pipeline-runner/internal/wait/job_mock.go -package wait
mockgen -source ./pipeline-runner/internal/watcher/radix_deployment_watcher.go -destination ./pipeline-runner/internal/watcher/radix_deployment_watcher_mock.go -package watcher
mockgen -source ./pipeline-runner/internal/watcher/namespace.go -destination ./pipeline-runner/internal/watcher/namespace_mock.go -package watcher
mockgen -source ./pipeline-runner/internal/jobs/build/interface.go -destination ./pipeline-runner/internal/jobs/build/mock/job.go -package mock



.PHONY: build-pipeline
build-pipeline:
docker build -t $(DOCKER_REGISTRY)/radix-pipeline:$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(BRANCH)-$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(TAG) -f pipeline.Dockerfile .
docker buildx build -t $(DOCKER_REGISTRY)/radix-pipeline:$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(BRANCH)-$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(TAG) --platform linux/arm64,linux/amd64 -f pipeline.Dockerfile .

.PHONY: deploy-pipeline
deploy-pipeline: build-pipeline
deploy-pipeline:
az acr login --name $(CONTAINER_REPO)
docker push $(DOCKER_REGISTRY)/radix-pipeline:$(BRANCH)-$(VERSION)
docker push $(DOCKER_REGISTRY)/radix-pipeline:$(VERSION)
docker push $(DOCKER_REGISTRY)/radix-pipeline:$(TAG)
docker buildx build -t $(DOCKER_REGISTRY)/radix-pipeline:$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(BRANCH)-$(VERSION) -t $(DOCKER_REGISTRY)/radix-pipeline:$(TAG) --platform linux/arm64,linux/amd64 -f pipeline.Dockerfile --push .

.PHONY: build-operator
build-operator:
Expand Down
4 changes: 2 additions & 2 deletions charts/radix-operator/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: radix-operator
version: 1.38.4
appVersion: 1.58.4
version: 1.39.0
appVersion: 1.59.0
kubeVersion: ">=1.24.0"
description: Radix Operator
keywords:
Expand Down
6 changes: 3 additions & 3 deletions charts/radix-operator/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -95,8 +95,6 @@ spec:
value: {{ .Values.imageBuilder }}
- name: RADIXOPERATOR_JOB_SCHEDULER
value: {{ .Values.jobScheduler }}
- name: USE_CACHE
value: {{ .Values.useImageBuilderCache | quote }}
- name: LOG_LEVEL
value: {{ .Values.logLevel }}
- name: LOG_PRETTY
Expand Down Expand Up @@ -157,8 +155,10 @@ spec:
{{- end }}
- name: SECCOMP_PROFILE_FILENAME
value: {{ .Values.seccompProfile.fileNameOnNode }}
- name: RADIX_BUILDAH_IMAGE_BUILDER
- name: RADIX_BUILDAH_IMAGE_BUILDER # TODO: Deprecated, remove
value: {{ .Values.buildahImageBuilder }}
- name: RADIX_BUILDKIT_IMAGE_BUILDER
value: {{ .Values.buildKitImageBuilder }}
- name: RADIX_PIPELINE_GIT_CLONE_NSLOOKUP_IMAGE
value: {{ .Values.gitCloneNsLookupImage }}
- name: RADIX_PIPELINE_GIT_CLONE_GIT_IMAGE
Expand Down
4 changes: 2 additions & 2 deletions charts/radix-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ kubeClientRateLimitQPS: 5

configToMap: radix-config-2-map:master-latest
imageBuilder: radix-image-builder:master-latest
buildahImageBuilder: xx
buildKitImageBuilder: radix-buildkit-builder:main-latest # TODO: Configure in radix-flux
buildahImageBuilder: xx # TODO: Deprecated, remove
jobScheduler: radix-job-scheduler:main-latest
radixTekton: radix-tekton:main-latest

Expand All @@ -25,7 +26,6 @@ gitCloneNsLookupImage: "" # Image containing nslookup, e.g. "alpine:3.20". Defau
gitCloneGitImage: "" # Image containing git, e.g. "alpine/git:2.45.2". Defaults to "alpine/git:latest" if not set
gitCloneBashImage: "" # Image containing bash, e.g. "bash:5.2". Defaults to "bash:latest" if not set

useImageBuilderCache: 0
reservedAppDNSAlias:
api: radix-api
canary: radix-canary-golang
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ require (
github.com/spf13/viper v1.19.0
github.com/stretchr/testify v1.9.0
golang.org/x/crypto v0.26.0
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
golang.org/x/sync v0.8.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.31.0
Expand Down Expand Up @@ -80,7 +81,6 @@ require (
github.com/subosito/gotenv v1.6.0 // indirect
github.com/x448/float16 v0.8.4 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
golang.org/x/mod v0.20.0 // indirect
golang.org/x/net v0.28.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
Expand Down
5 changes: 1 addition & 4 deletions operator.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,4 @@ FROM gcr.io/distroless/static
WORKDIR /app
COPY --from=builder /build/radix-operator .
USER 1000
ENTRYPOINT ["/app/radix-operator"]



ENTRYPOINT ["/app/radix-operator"]
65 changes: 0 additions & 65 deletions pipeline-runner/internal/commandbuilder/command.go

This file was deleted.

54 changes: 0 additions & 54 deletions pipeline-runner/internal/commandbuilder/command_test.go

This file was deleted.

Loading

0 comments on commit dc04ac6

Please sign in to comment.