public_git
/
kubernetes-operator
mirror of https://github.com/jenkinsci/kubernetes-operator.git
1
0
Fork 0
Code Issues Releases Wiki Activity

#45 Improve feature

This commit is contained in:
Jakub Al-Khalili 2019-07-12 14:53:22 +02:00
parent 7849ddc6f5
commit feae4e6e3d
3 changed files with 33 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/getting-started.md
View File

@ -5,7 +5,7 @@ This document describes a getting started guide for **jenkins-operator** and an
1. [First Steps](#first-steps)
2. [Deploy Jenkins](#deploy-jenkins)
3. [Configure Seed Jobs and Pipelines](#configure-seed-jobs-and-pipelines)
4. [Pulling custom Jenkins image from Docker Registry](#Pulling custom Jenkins image from Docker Registry)
4. [Pulling Docker images from private repositories](#Pulling Docker images from private repositories)
5. [Install Plugins](#install-plugins)
6. [Configure Backup & Restore](#configure-backup-and-restore)
7. [AKS](#aks)
@ -294,8 +294,8 @@ data:
password: password_or_token
```
## Pulling custom Jenkins image from Docker Registry
Since **0.2.0** version it's possible to use custom prebuilt Jenkins Docker Image using `imagePullSecrets` annotation support.
## Pulling Docker images from private repositories
To pull Docker Image from private repository you can use `imagePullSecrets`.
Please follow the instructions on [creating a secret with a docker config](https://kubernetes.io/docs/concepts/containers/images/?origin_team=T42NTAGHM#creating-a-secret-with-a-docker-config).
@ -304,10 +304,10 @@ To use Docker Hub additional steps are required.
Edit the previously created secret:
```bash
kubectl edit secret <name>
kubectl -n <namespace> edit secret <name>
```
The `data..dockerconfigjson` key's value needs to be replaced with a modified version.
The `.dockerconfigjson` key's value needs to be replaced with a modified version.
After modifications it needs to be encoded as Base64 value before setting the `.dockerconfigjson` key:q.

27
pkg/controller/jenkins/configuration/base/validate.go
View File

@ -2,7 +2,6 @@ package base
import (
"context"
"errors"
"fmt"
"regexp"
@ -62,40 +61,40 @@ func (r *ReconcileJenkinsBaseConfiguration) Validate(jenkins *v1alpha2.Jenkins)
}
func (r *ReconcileJenkinsBaseConfiguration) validateImagePullSecrets() (bool, error) {
var err error
valid := true
ips := r.jenkins.Spec.Master.ImagePullSecrets
for _, sr := range ips {
valid, err = r.validateImagePullSecret(sr.Name)
for _, sr := range r.jenkins.Spec.Master.ImagePullSecrets {
valid, err := r.validateImagePullSecret(sr.Name)
if err != nil || !valid {
return valid, err
return true, err
}
}
return valid, err
return false, nil
}
func (r *ReconcileJenkinsBaseConfiguration) validateImagePullSecret(name string) (bool, error) {
secret := &corev1.Secret{}
err := r.k8sClient.Get(context.TODO(), types.NamespacedName{Name: name, Namespace: r.jenkins.ObjectMeta.Namespace}, secret)
if err != nil && apierrors.IsNotFound(err) {
r.logger.V(log.VWarn).Info(fmt.Sprintf("Secret '%s' not found", name))
r.logger.V(log.VWarn).Info(fmt.Sprintf("Secret %s not found defined in spec.master.imagePullSecrets", name))
return false, nil
} else if err != nil && !apierrors.IsNotFound(err) {
return false, stackerr.WithStack(err)
}
if secret.Data["docker-server"] == nil {
return false, errors.New("docker server not set")
r.logger.V(log.VWarn).Info("Docker Server is empty")
return false, nil
}
if secret.Data["docker-username"] == nil {
return false, errors.New("docker username not set")
r.logger.V(log.VWarn).Info("Docker Username is empty")
return false, nil
}
if secret.Data["docker-password"] == nil {
return false, errors.New("docker password not set")
r.logger.V(log.VWarn).Info("Docker Password is empty")
return false, nil
}
if secret.Data["docker-email"] == nil {
return false, errors.New("docker email not set")
r.logger.V(log.VWarn).Info("Docker Email is empty")
return false, nil
}
return true, nil

30
pkg/controller/jenkins/configuration/base/validate_test.go
View File

@ -134,7 +134,7 @@ func TestValidatePlugins(t *testing.T) {
func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T) {
t.Run("happy", func(t *testing.T) {
lor := &corev1.Secret{
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test-ref",
},
@ -150,14 +150,14 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
Spec: v1alpha2.JenkinsSpec{
Master: v1alpha2.JenkinsMaster{
ImagePullSecrets: []corev1.LocalObjectReference{
{Name: lor.ObjectMeta.Name},
{Name: secret.ObjectMeta.Name},
},
},
},
}
fakeClient := fake.NewFakeClient()
err := fakeClient.Create(context.TODO(), lor)
err := fakeClient.Create(context.TODO(), secret)
assert.NoError(t, err)
baseReconcileLoop := New(fakeClient, nil, logf.ZapLogger(false),
@ -189,7 +189,7 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
})
t.Run("no docker email", func(t *testing.T) {
lor := &corev1.Secret{
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test-ref",
},
@ -204,14 +204,14 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
Spec: v1alpha2.JenkinsSpec{
Master: v1alpha2.JenkinsMaster{
ImagePullSecrets: []corev1.LocalObjectReference{
{Name: lor.ObjectMeta.Name},
{Name: secret.ObjectMeta.Name},
},
},
},
}
fakeClient := fake.NewFakeClient()
err := fakeClient.Create(context.TODO(), lor)
err := fakeClient.Create(context.TODO(), secret)
assert.NoError(t, err)
baseReconcileLoop := New(fakeClient, nil, logf.ZapLogger(false),
@ -223,7 +223,7 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
})
t.Run("no docker password", func(t *testing.T) {
lor := &corev1.Secret{
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test-ref",
},
@ -238,14 +238,14 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
Spec: v1alpha2.JenkinsSpec{
Master: v1alpha2.JenkinsMaster{
ImagePullSecrets: []corev1.LocalObjectReference{
{Name: lor.ObjectMeta.Name},
{Name: secret.ObjectMeta.Name},
},
},
},
}
fakeClient := fake.NewFakeClient()
err := fakeClient.Create(context.TODO(), lor)
err := fakeClient.Create(context.TODO(), secret)
assert.NoError(t, err)
baseReconcileLoop := New(fakeClient, nil, logf.ZapLogger(false),
@ -257,7 +257,7 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
})
t.Run("no docker username", func(t *testing.T) {
lor := &corev1.Secret{
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test-ref",
},
@ -272,14 +272,14 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
Spec: v1alpha2.JenkinsSpec{
Master: v1alpha2.JenkinsMaster{
ImagePullSecrets: []corev1.LocalObjectReference{
{Name: lor.ObjectMeta.Name},
{Name: secret.ObjectMeta.Name},
},
},
},
}
fakeClient := fake.NewFakeClient()
err := fakeClient.Create(context.TODO(), lor)
err := fakeClient.Create(context.TODO(), secret)
assert.NoError(t, err)
baseReconcileLoop := New(fakeClient, nil, logf.ZapLogger(false),
@ -291,7 +291,7 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
})
t.Run("no docker server", func(t *testing.T) {
lor := &corev1.Secret{
secret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test-ref",
},
@ -306,14 +306,14 @@ func TestReconcileJenkinsBaseConfiguration_validateImagePullSecrets(t *testing.T
Spec: v1alpha2.JenkinsSpec{
Master: v1alpha2.JenkinsMaster{
ImagePullSecrets: []corev1.LocalObjectReference{
{Name: lor.ObjectMeta.Name},
{Name: secret.ObjectMeta.Name},
},
},
},
}
fakeClient := fake.NewFakeClient()
err := fakeClient.Create(context.TODO(), lor)
err := fakeClient.Create(context.TODO(), secret)
assert.NoError(t, err)
baseReconcileLoop := New(fakeClient, nil, logf.ZapLogger(false),