mirror of
https://github.com/lukaszraczylo/kubernetes-images-sync-operator.git
synced 2026-07-05 03:25:39 +00:00
Add ability to pull secrets.
This commit is contained in:
@@ -36,6 +36,8 @@ type ClusterImageReconciler struct {
|
||||
// # additional RBAC rules - create and manage jobs
|
||||
// +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete
|
||||
// +kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch;create;update;patch;delete
|
||||
// add access to secrets
|
||||
// +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch
|
||||
func (r *ClusterImageReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
|
||||
l := log.FromContext(ctx)
|
||||
|
||||
@@ -229,12 +231,13 @@ func (r *ClusterImageReconciler) createBackupJob(ctx context.Context, clusterIma
|
||||
defaultCommands = append(defaultCommands, "rm -f /tmp/"+normalisedImageName+".tar")
|
||||
|
||||
jobParams := shared.JobParams{
|
||||
Name: fmt.Sprintf("img-export-%s", clusterImage.Name),
|
||||
Namespace: clusterImage.Namespace,
|
||||
Image: shared.BACKUP_JOB_IMAGE,
|
||||
Annotations: clusterImage.Spec.JobAnnotations,
|
||||
Commands: defaultCommands,
|
||||
ServiceAccount: os.Getenv("POD_SERVICE_ACCOUNT"),
|
||||
Name: fmt.Sprintf("img-export-%s", clusterImage.Name),
|
||||
Namespace: clusterImage.Namespace,
|
||||
Image: shared.BACKUP_JOB_IMAGE,
|
||||
Annotations: clusterImage.Spec.JobAnnotations,
|
||||
Commands: defaultCommands,
|
||||
ServiceAccount: os.Getenv("POD_SERVICE_ACCOUNT"),
|
||||
ImagePullSecrets: clusterImage.Spec.ImagePullSecrets,
|
||||
OwnerReferences: []metav1.OwnerReference{
|
||||
{
|
||||
APIVersion: clusterImage.APIVersion,
|
||||
|
||||
@@ -131,15 +131,16 @@ func (r *ClusterImageExportReconciler) Reconcile(ctx context.Context, req ctrl.R
|
||||
},
|
||||
},
|
||||
Spec: raczylocomv1.ClusterImageSpec{
|
||||
Image: image.Image,
|
||||
Tag: image.Tag,
|
||||
Sha: image.Sha,
|
||||
FullName: image.FullName,
|
||||
ImageNamespace: image.ImageNamespace,
|
||||
Storage: clusterImageExport.Spec.Storage.StorageTarget,
|
||||
ExportName: clusterImageExport.Name,
|
||||
ExportPath: clusterImageExport.Spec.BasePath,
|
||||
JobAnnotations: clusterImageExport.Spec.JobAnnotations,
|
||||
Image: image.Image,
|
||||
Tag: image.Tag,
|
||||
Sha: image.Sha,
|
||||
FullName: image.FullName,
|
||||
ImageNamespace: image.ImageNamespace,
|
||||
Storage: clusterImageExport.Spec.Storage.StorageTarget,
|
||||
ExportName: clusterImageExport.Name,
|
||||
ExportPath: clusterImageExport.Spec.BasePath,
|
||||
JobAnnotations: clusterImageExport.Spec.JobAnnotations,
|
||||
ImagePullSecrets: clusterImageExport.Spec.ImagePullSecrets,
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
+10
-8
@@ -12,14 +12,15 @@ import (
|
||||
)
|
||||
|
||||
type JobParams struct {
|
||||
Name string
|
||||
Namespace string
|
||||
Annotations map[string]string
|
||||
Image string
|
||||
Commands []string
|
||||
EnvVars []corev1.EnvVar
|
||||
OwnerReferences []metav1.OwnerReference
|
||||
ServiceAccount string
|
||||
Name string
|
||||
Namespace string
|
||||
Annotations map[string]string
|
||||
Image string
|
||||
Commands []string
|
||||
EnvVars []corev1.EnvVar
|
||||
OwnerReferences []metav1.OwnerReference
|
||||
ServiceAccount string
|
||||
ImagePullSecrets []corev1.LocalObjectReference
|
||||
}
|
||||
|
||||
func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job {
|
||||
@@ -44,6 +45,7 @@ func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job
|
||||
Spec: corev1.PodSpec{
|
||||
RestartPolicy: corev1.RestartPolicyOnFailure,
|
||||
ServiceAccountName: params.ServiceAccount,
|
||||
ImagePullSecrets: params.ImagePullSecrets,
|
||||
Containers: []corev1.Container{
|
||||
{
|
||||
Name: "export",
|
||||
|
||||
Reference in New Issue
Block a user