Mount imageSecrets in the worker pod

internal/controller/raczylo.com/clusterimage_controller.go

@@ -82,7 +82,7 @@ func (r *ClusterImageReconciler) Reconcile(ctx context.Context, req ctrl.Request
 	case shared.STATUS_SUCCESS, shared.STATUS_FAILED, shared.STATUS_PRESENT:
 		return ctrl.Result{}, nil // No further action needed
 	default:
-		l.Info("Unexpected ClusterImage status", "Status", clusterImage.Status.Progress)
+		// l.Info("Unexpected ClusterImage status", "Status", clusterImage.Status.Progress)
 		return ctrl.Result{}, nil
 	}
 }
@@ -188,7 +188,7 @@ func (r *ClusterImageReconciler) handleRunningClusterImage(ctx context.Context,
 		}
 	}
 
-	l.Info("Reconciling ClusterImage completed", "Name", clusterImage.Name, "Status", clusterImage.Status.Progress)
+	// l.Info("Reconciling ClusterImage completed", "Name", clusterImage.Name, "Status", clusterImage.Status.Progress)
 
 	return r.updateClusterImageExportStatus(ctx, clusterImage)
 }

internal/controller/raczylo.com/clusterimageexport_controller.go

@@ -45,7 +45,7 @@ const clusterImageExportFinalizer = "finalizer.clusterimageexport.raczylo.com"
 
 func (r *ClusterImageExportReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	l := log.FromContext(ctx)
-	l.Info("Reconciling ClusterImageExport")
+	// l.Info("Reconciling ClusterImageExport")
 
 	// Fetch the ClusterImageExport instance
 	clusterImageExport := &raczylocomv1.ClusterImageExport{}
@@ -224,7 +224,7 @@ func (r *ClusterImageExportReconciler) listImagesInCluster(ctx context.Context,
 	}
 
 	containersList = shared.RemoveDuplicates(containersList)
-	l.Info("List of containers in the cluster", "containers", containersList)
+	// l.Info("List of containers in the cluster", "containers", containersList)
 
 	return containersList, nil
 }
@@ -270,12 +270,13 @@ func (r *ClusterImageExportReconciler) runCleanupJob(ctx context.Context, cluste
 	}
 
 	jobParams := shared.JobParams{
-		Name:           normalisedImageName,
-		Namespace:      clusterImageExport.Namespace,
-		Image:          shared.BACKUP_JOB_IMAGE,
-		Commands:       defaultCommands,
-		Annotations:    clusterImageExport.Spec.JobAnnotations,
-		ServiceAccount: os.Getenv("POD_SERVICE_ACCOUNT"),
+		Name:             normalisedImageName,
+		Namespace:        clusterImageExport.Namespace,
+		Image:            shared.BACKUP_JOB_IMAGE,
+		Commands:         defaultCommands,
+		Annotations:      clusterImageExport.Spec.JobAnnotations,
+		ServiceAccount:   os.Getenv("POD_SERVICE_ACCOUNT"),
+		ImagePullSecrets: clusterImageExport.Spec.ImagePullSecrets,
 	}
 
 	cleanupJob := shared.CreateJob(jobParams, func(raczylocomv1.ClusterImageExport) []string { return nil })

internal/shared/jobs.go

@@ -24,7 +24,28 @@ type JobParams struct {
 }
 
 func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job {
-	return &batchv1.Job{
+	volumes := []corev1.Volume{}
+	volumeMounts := []corev1.VolumeMount{}
+
+	if len(params.ImagePullSecrets) > 0 {
+		for i, secret := range params.ImagePullSecrets {
+			volumes = append(volumes, corev1.Volume{
+				Name: fmt.Sprintf("secret-%d", i),
+				VolumeSource: corev1.VolumeSource{
+					Secret: &corev1.SecretVolumeSource{
+						SecretName: secret.Name,
+					},
+				},
+			})
+			volumeMounts = append(volumeMounts, corev1.VolumeMount{
+				Name:      fmt.Sprintf("secret-%d", i),
+				MountPath: fmt.Sprintf("/home/runner/.docker-secret-%d", i),
+				ReadOnly:  true,
+			})
+		}
+	}
+
+	j := &batchv1.Job{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:            params.Name,
 			Namespace:       params.Namespace,
@@ -46,17 +67,16 @@ func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job
 					RestartPolicy:      corev1.RestartPolicyOnFailure,
 					ServiceAccountName: params.ServiceAccount,
 					ImagePullSecrets:   params.ImagePullSecrets,
+					Volumes:            volumes,
 					Containers: []corev1.Container{
 						{
-							Name:  "export",
-							Image: params.Image,
-							TTY:   true,
-							Command: []string{
-								"bash",
-								"-c",
-								strings.Join(params.Commands, " && "),
-							},
-							Env: params.EnvVars,
+							Name:         "exporter",
+							Image:        params.Image,
+							TTY:          true,
+							Command:      []string{},
+							Args:         []string{"/bin/bash", "-c", strings.Join(params.Commands, " && ")},
+							VolumeMounts: volumeMounts,
+							Env:          params.EnvVars,
 							SecurityContext: &corev1.SecurityContext{
 								Privileged: pointer.Bool(true),
 							},
@@ -66,6 +86,7 @@ func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job
 			},
 		},
 	}
+	return j
 }
 
 func SetupS3Params(s3Config raczylocomv1.ClusterImageStorageS3) []string {