Skip to content

Commit

Permalink
create dockerconfig secrets in namespaces
Browse files Browse the repository at this point in the history
  • Loading branch information
jokestax committed Dec 16, 2024
1 parent d3469e5 commit 1909c1e
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 4 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ require (
golang.org/x/text v0.20.0
google.golang.org/api v0.209.0
gopkg.in/yaml.v2 v2.4.0
k8s.io/api v0.31.3
k8s.io/api v0.31.0
k8s.io/apimachinery v0.31.3
k8s.io/client-go v0.31.3
sigs.k8s.io/aws-iam-authenticator v0.6.28
Expand Down
4 changes: 2 additions & 2 deletions internal/controller/cluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -428,7 +428,7 @@ func (clctrl *ClusterController) ContainerRegistryAuth() (string, error) {
ContainerRegistryHost: clctrl.ContainerRegistryHost,
Clientset: kcfg.Clientset,
}
containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth)
containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth, clctrl.CloudProvider)
if err != nil {
log.Error().Msgf("error generating container registry authentication: %s", err)
return "", fmt.Errorf("error generating container registry authentication for AWS: %w", err)
Expand Down Expand Up @@ -459,7 +459,7 @@ func (clctrl *ClusterController) ContainerRegistryAuth() (string, error) {
ContainerRegistryHost: clctrl.ContainerRegistryHost,
Clientset: kcfg.Clientset,
}
containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth)
containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth, clctrl.CloudProvider)
if err != nil {
log.Error().Msgf("error generating container registry authentication: %s", err)
return "", fmt.Errorf("error generating container registry authentication for cloud provider %s: %w", clctrl.CloudProvider, err)
Expand Down
27 changes: 26 additions & 1 deletion internal/gitShim/containerRegistryAuth.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ type ContainerRegistryAuth struct {
}

// CreateContainerRegistrySecret
func CreateContainerRegistrySecret(obj *ContainerRegistryAuth) (string, error) {
func CreateContainerRegistrySecret(obj *ContainerRegistryAuth, cloudProvider string) (string, error) {
// Handle secret creation for container registry authentication
switch obj.GitProvider {
// GitHub docker auth secret
Expand All @@ -49,6 +49,31 @@ func CreateContainerRegistrySecret(obj *ContainerRegistryAuth) (string, error) {
usernamePasswordStringB64,
)

namespaces := []string{
"github-runner",
"vault",
"atlantis",
"chartmuseum",
"external-dns",
"external-secrets-operator",
"ingress-nginx",
"kubefirst",
"reloader",
}

if cloudProvider == "aws" {
for _, val := range namespaces {
argoDeployTokenSecret := &v1.Secret{
ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: val},
Data: map[string][]byte{"config.json": []byte(dockerConfigString)},
Type: "Opaque",
}
err := k8s.CreateSecretV2(obj.Clientset, argoDeployTokenSecret)
if err != nil {
log.Error().Msgf("error while creating secret for container registry auth: %s", err)
}
}
}
// Create argo workflows pull secret
argoDeployTokenSecret := &v1.Secret{
ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: "argo"},
Expand Down

0 comments on commit 1909c1e

Please sign in to comment.