rancher/osbuilder
1
0
Fork 0
mirror of https://github.com/kairos-io/osbuilder.git synced 2025-09-16 15:18:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

allow osbuilder to inject ecr specific env var to exporter

Browse Source
This commit is contained in:
Sebastian Florek
2025-01-29 12:24:18 +01:00
parent d69f69a0c6
commit dcc3f0efc3
11 changed files with 66 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
controllers/job.go
View File

@@ -19,10 +19,11 @@ package controllers
import (
"fmt"
osbuilder "github.com/kairos-io/osbuilder/api/v1alpha2"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
osbuilder "github.com/kairos-io/osbuilder/api/v1alpha2"
)
func unpackContainer(id, containerImage, pullImage string) corev1.Container {

20
controllers/osartifact_controller.go
View File

@@ -319,10 +319,18 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
},
},
}
if artifact.Spec.OutputImage != nil && artifact.Spec.OutputImage.PasswordSecretKeyRef != nil {
if err := r.Get(ctx, client.ObjectKey{Namespace: artifact.Namespace, Name: artifact.Spec.OutputImage.PasswordSecretKeyRef.Name}, &corev1.Secret{}); err != nil {
if artifact.Spec.OutputImage != nil && artifact.Spec.OutputImage.Cloud == osbuilder.RegistryCloudECR {
container.Env = []corev1.EnvVar{
{Name: "AWS_SDK_LOAD_CONFIG", Value: "true"},
{Name: "AWS_EC2_METADATA_DISABLED", Value: "true"},
}
}
if artifact.Spec.OutputImage != nil && artifact.Spec.OutputImage.DockerConfigSecretKeyRef != nil {
if err := r.Get(ctx, client.ObjectKey{Namespace: artifact.Namespace, Name: artifact.Spec.OutputImage.DockerConfigSecretKeyRef.Name}, &corev1.Secret{}); err != nil {
if errors.IsNotFound(err) {
logger.Info(fmt.Sprintf("Secret %s/%s not found", artifact.Namespace, artifact.Spec.OutputImage.PasswordSecretKeyRef.Name))
logger.Info(fmt.Sprintf("Secret %s/%s not found", artifact.Namespace, artifact.Spec.OutputImage.DockerConfigSecretKeyRef.Name))
return requeue, nil
}
return ctrl.Result{}, err
@@ -335,7 +343,11 @@ func (r *OSArtifactReconciler) checkExport(ctx context.Context, artifact *osbuil
Name: "docker-secret",
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: artifact.Spec.OutputImage.PasswordSecretKeyRef.Name,
SecretName: artifact.Spec.OutputImage.DockerConfigSecretKeyRef.Name,
Items: []corev1.KeyToPath{{
Key: artifact.Spec.OutputImage.DockerConfigSecretKeyRef.Key,
Path: artifact.Spec.OutputImage.DockerConfigSecretKeyRef.Key,
}},
},
},
})