This is an automated email from the ASF dual-hosted git repository.
nferraro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-k.git
The following commit(s) were added to refs/heads/master by this push:
new 0e026f2 Fix #1771: use registry creds for pull and push
0e026f2 is described below
commit 0e026f2152685d87f8ca5883afe1ecb98c8ace19
Author: nicolaferraro <ni.ferr...@gmail.com>
AuthorDate: Mon Nov 9 13:23:09 2020 +0100
Fix #1771: use registry creds for pull and push
---
docs/modules/ROOT/nav.adoc | 2 ++
.../ROOT/pages/installation/digitalocean.adoc | 8 ++++++
.../pages/installation/registry/digitalocean.adoc | 17 ++++++++++++
.../ROOT/pages/installation/registry/gcr.adoc | 2 +-
pkg/builder/spectrum/publisher.go | 1 +
pkg/cmd/install.go | 30 +++++++++++++++++++---
pkg/install/secret.go | 16 ++++++++++++
pkg/platform/defaults.go | 9 ++++---
8 files changed, 77 insertions(+), 8 deletions(-)
diff --git a/docs/modules/ROOT/nav.adoc b/docs/modules/ROOT/nav.adoc
index ef1ff50..73aaaca 100644
--- a/docs/modules/ROOT/nav.adoc
+++ b/docs/modules/ROOT/nav.adoc
@@ -1,10 +1,12 @@
* xref:installation/installation.adoc[Installation]
** xref:installation/minikube.adoc[Minikube]
** xref:installation/minishift.adoc[Minishift]
+** xref:installation/digitalocean.adoc[DigitalOcean Kubernetes Cluster]
** xref:installation/gke.adoc[Google Kubernetes Engine (GKE)]
** xref:installation/openshift.adoc[OpenShift]
** xref:installation/iks.adoc[IBM Kubernetes Service (IKS)]
** xref:installation/registry/registry.adoc[Configuring Registry]
+*** xref:installation/registry/digitalocean.adoc[DigitalOcean]
*** xref:installation/registry/dockerhub.adoc[Docker Hub]
*** xref:installation/registry/github.adoc[Github Packages]
*** xref:installation/registry/gcr.adoc[Gcr.io]
diff --git a/docs/modules/ROOT/pages/installation/digitalocean.adoc
b/docs/modules/ROOT/pages/installation/digitalocean.adoc
new file mode 100644
index 0000000..42bad62
--- /dev/null
+++ b/docs/modules/ROOT/pages/installation/digitalocean.adoc
@@ -0,0 +1,8 @@
+[[installation-on-digitalocean]]
+= Installing Camel K on DigitalOcean
+
+This guide assumes you've already created a Kubernetes Engine cluster on
https://digitalocean.com.
+
+To install Camel K on a DigitalOcean Kubernetes cluster, just to
xref:installation/registry/digitalocean.adoc[configure the DigitalOcen
container registry] during installation.
+
+After doing that, you'll be ready to play with Camel K. Enjoy!
diff --git a/docs/modules/ROOT/pages/installation/registry/digitalocean.adoc
b/docs/modules/ROOT/pages/installation/registry/digitalocean.adoc
new file mode 100644
index 0000000..58b2e04
--- /dev/null
+++ b/docs/modules/ROOT/pages/installation/registry/digitalocean.adoc
@@ -0,0 +1,17 @@
+[[configuring-registry-digitalocean]]
+= Configuring a DigitalOcean Container Registry
+
+You can host your container images on the Digital Ocean container registry in
case your cluster doesn't provide a
xref:installation/registry/registry.adoc[default registry].
+
+After logging in into the DigitalOcean web console on
https://www.digitalocean.com/, access the *registry page* to do the following
actions:
+
+- Take note of the registry address and organization: you should find
something like `registry.digitalocean.com/<your-org-id>`
+- Download the "Docker Credentials" for the registry for **"Read & Write"**:
this will save a file named `docker-config.json` in your machine
+
+[source,bash]
+----
+# make sure you set the right organization parameter
+kamel install --registry registry.digitalocean.com --organization your-org-id
--registry-auth-file docker-config.json
+----
+
+Have fun with Camel K!
diff --git a/docs/modules/ROOT/pages/installation/registry/gcr.adoc
b/docs/modules/ROOT/pages/installation/registry/gcr.adoc
index 3f1e3b6..5c6f289 100644
--- a/docs/modules/ROOT/pages/installation/registry/gcr.adoc
+++ b/docs/modules/ROOT/pages/installation/registry/gcr.adoc
@@ -29,7 +29,7 @@ Ensure you have the
https://github.com/apache/camel-k/releases[*kamel* CLI] on y
You should now execute the following command to install cluster resources and
the operator (in the current namespace):
```
-kamel install --registry gcr.io --organization <<your-project-id>>
--registry-secret kaniko-secret
+kamel install --build-publish-strategy=Kaniko --registry gcr.io --organization
<<your-project-id>> --registry-secret kaniko-secret
```
Use the project id of your project on GKE. Usually this can be obtained from
the connection string.
diff --git a/pkg/builder/spectrum/publisher.go
b/pkg/builder/spectrum/publisher.go
index fbae10e..a50fd4e 100644
--- a/pkg/builder/spectrum/publisher.go
+++ b/pkg/builder/spectrum/publisher.go
@@ -79,6 +79,7 @@ func publisher(ctx *builder.Context) error {
options := spectrum.Options{
PullInsecure: pullInsecure,
PushInsecure: pl.Status.Build.Registry.Insecure,
+ PullConfigDir: registryConfigDir,
PushConfigDir: registryConfigDir,
Base: ctx.BaseImage,
Target: target,
diff --git a/pkg/cmd/install.go b/pkg/cmd/install.go
index 403b5d8..9a112aa 100644
--- a/pkg/cmd/install.go
+++ b/pkg/cmd/install.go
@@ -84,6 +84,7 @@ func newCmdInstall(rootCmdOptions *RootCmdOptions)
(*cobra.Command, *installCmdO
cmd.Flags().String("registry", "", "A Docker registry that can be used
to publish images")
cmd.Flags().String("registry-secret", "", "A secret used to push/pull
images to the Docker registry")
cmd.Flags().Bool("registry-insecure", false, "Configure to configure
registry access in insecure mode or not")
+ cmd.Flags().String("registry-auth-file", "", "A docker registry
configuration file containing authorization tokens for pushing and pulling
images")
cmd.Flags().String("registry-auth-server", "", "The docker registry
authentication server")
cmd.Flags().String("registry-auth-username", "", "The docker registry
authentication username")
cmd.Flags().String("registry-auth-password", "", "The docker registry
authentication password")
@@ -171,9 +172,11 @@ type installCmdOptions struct {
TraitProfile string `mapstructure:"trait-profile"`
HTTPProxySecret string `mapstructure:"http-proxy-secret"`
- registry v1.IntegrationPlatformRegistrySpec
- registryAuth registry.Auth
- olmOptions olm.Options
+ registry v1.IntegrationPlatformRegistrySpec
+ registryAuth registry.Auth
+ RegistryAuthFile string `mapstructure:"registry-auth-file"`
+
+ olmOptions olm.Options
}
// nolint: gocyclo
@@ -280,6 +283,11 @@ func (o *installCmdOptions) install(cobraCmd
*cobra.Command, _ []string) error {
if err != nil {
return err
}
+ } else if o.RegistryAuthFile != "" {
+ generatedSecretName, err =
install.RegistrySecretFromFileOrCollect(o.Context, c, namespace,
o.RegistryAuthFile, collection, o.Force)
+ if err != nil {
+ return err
+ }
}
platform, err := install.PlatformOrCollect(o.Context, c,
o.ClusterType, namespace, o.registry, collection)
@@ -507,11 +515,25 @@ func (o *installCmdOptions) validate(_ *cobra.Command, _
[]string) error {
}
}
- if o.registry.Secret != "" && o.registryAuth.IsSet() {
+ if o.registry.Secret != "" && (o.registryAuth.IsSet() ||
o.RegistryAuthFile != "") {
err := fmt.Errorf("incompatible options combinations: you
cannot set both registry-secret and registry-auth-[*] settings")
result = multierr.Append(result, err)
}
+ if o.registryAuth.IsSet() && o.RegistryAuthFile != "" {
+ err := fmt.Errorf("incompatible options combinations: you
cannot set registry-auth-file with other registry-auth-[*] settings")
+ result = multierr.Append(result, err)
+ }
+
+ if o.RegistryAuthFile != "" {
+ nfo, err := os.Stat(o.RegistryAuthFile)
+ if err != nil {
+ result = multierr.Append(result, err)
+ } else if nfo.IsDir() {
+ result = multierr.Append(result, errors.Wrapf(err,
"registry file cannot be a directory: %s", o.RegistryAuthFile))
+ }
+ }
+
if o.BuildStrategy != "" {
found := false
for _, s := range v1.IntegrationPlatformBuildStrategies {
diff --git a/pkg/install/secret.go b/pkg/install/secret.go
index 70a7536..9fe4fc5 100644
--- a/pkg/install/secret.go
+++ b/pkg/install/secret.go
@@ -19,6 +19,7 @@ package install
import (
"context"
+ "io/ioutil"
"github.com/apache/camel-k/pkg/client"
"github.com/apache/camel-k/pkg/util/kubernetes"
@@ -36,6 +37,21 @@ func RegistrySecretOrCollect(ctx context.Context, c
client.Client, namespace str
return "", err
}
+ return registrySecretFromDataOrCollect(ctx, c, namespace, secretData,
collection, force)
+}
+
+// RegistrySecretFromFileOrCollect generates a secret from a
docker-config.json file and creates it on the cluster (or appends it to the
collection)
+func RegistrySecretFromFileOrCollect(ctx context.Context, c client.Client,
namespace string, file string, collection *kubernetes.Collection, force bool)
(string, error) {
+ secretData, err := ioutil.ReadFile(file)
+ if err != nil {
+ return "", err
+ }
+
+ return registrySecretFromDataOrCollect(ctx, c, namespace, secretData,
collection, force)
+}
+
+// registrySecretFromDataOrCollect generates a secret from a docker config
file content file and creates it on the cluster (or appends it to the
collection)
+func registrySecretFromDataOrCollect(ctx context.Context, c client.Client,
namespace string, secretData []byte, collection *kubernetes.Collection, force
bool) (string, error) {
registrySecret := v1.Secret{
TypeMeta: metav1.TypeMeta{
Kind: "Secret",
diff --git a/pkg/platform/defaults.go b/pkg/platform/defaults.go
index c072152..5e83379 100644
--- a/pkg/platform/defaults.go
+++ b/pkg/platform/defaults.go
@@ -70,15 +70,18 @@ func ConfigureDefaults(ctx context.Context, c
client.Client, p *v1.IntegrationPl
if p.Status.Cluster == v1.IntegrationPlatformClusterOpenShift {
p.Status.Build.PublishStrategy =
v1.IntegrationPlatformBuildPublishStrategyS2I
} else {
- p.Status.Build.PublishStrategy =
v1.IntegrationPlatformBuildPublishStrategyBuildah
+ p.Status.Build.PublishStrategy =
v1.IntegrationPlatformBuildPublishStrategySpectrum
}
}
if p.Status.Build.BuildStrategy == "" {
// If the operator is global, a global build strategy should be
used
if IsCurrentOperatorGlobal() {
- // The only global strategy we have for now
- p.Status.Build.BuildStrategy =
v1.IntegrationPlatformBuildStrategyPod
+ if p.Status.Build.PublishStrategy ==
v1.IntegrationPlatformBuildPublishStrategySpectrum {
+ p.Status.Build.BuildStrategy =
v1.IntegrationPlatformBuildStrategyRoutine
+ } else {
+ p.Status.Build.BuildStrategy =
v1.IntegrationPlatformBuildStrategyPod
+ }
} else {
if p.Status.Build.PublishStrategy ==
v1.IntegrationPlatformBuildPublishStrategyS2I ||
p.Status.Build.PublishStrategy ==
v1.IntegrationPlatformBuildPublishStrategySpectrum {
