From 1909c1e299659a4d43301e77c2fe4ca15b3bdf44 Mon Sep 17 00:00:00 2001 From: mrrishi Date: Mon, 16 Dec 2024 12:49:27 +0530 Subject: [PATCH] create dockerconfig secrets in namespaces --- go.mod | 2 +- internal/controller/cluster.go | 4 ++-- internal/gitShim/containerRegistryAuth.go | 27 ++++++++++++++++++++++- 3 files changed, 29 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 0096bc91..ea30c8c1 100644 --- a/go.mod +++ b/go.mod @@ -79,7 +79,7 @@ require ( golang.org/x/text v0.20.0 google.golang.org/api v0.209.0 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.31.3 + k8s.io/api v0.31.0 k8s.io/apimachinery v0.31.3 k8s.io/client-go v0.31.3 sigs.k8s.io/aws-iam-authenticator v0.6.28 diff --git a/internal/controller/cluster.go b/internal/controller/cluster.go index 9764fc6d..137b2261 100644 --- a/internal/controller/cluster.go +++ b/internal/controller/cluster.go @@ -428,7 +428,7 @@ func (clctrl *ClusterController) ContainerRegistryAuth() (string, error) { ContainerRegistryHost: clctrl.ContainerRegistryHost, Clientset: kcfg.Clientset, } - containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth) + containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth, clctrl.CloudProvider) if err != nil { log.Error().Msgf("error generating container registry authentication: %s", err) return "", fmt.Errorf("error generating container registry authentication for AWS: %w", err) @@ -459,7 +459,7 @@ func (clctrl *ClusterController) ContainerRegistryAuth() (string, error) { ContainerRegistryHost: clctrl.ContainerRegistryHost, Clientset: kcfg.Clientset, } - containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth) + containerRegistryAuthToken, err := gitShim.CreateContainerRegistrySecret(&containerRegistryAuth, clctrl.CloudProvider) if err != nil { log.Error().Msgf("error generating container registry authentication: %s", err) return "", fmt.Errorf("error generating container registry authentication for cloud provider %s: %w", clctrl.CloudProvider, err) diff --git a/internal/gitShim/containerRegistryAuth.go b/internal/gitShim/containerRegistryAuth.go index 48651cf8..fc9fb189 100644 --- a/internal/gitShim/containerRegistryAuth.go +++ b/internal/gitShim/containerRegistryAuth.go @@ -32,7 +32,7 @@ type ContainerRegistryAuth struct { } // CreateContainerRegistrySecret -func CreateContainerRegistrySecret(obj *ContainerRegistryAuth) (string, error) { +func CreateContainerRegistrySecret(obj *ContainerRegistryAuth, cloudProvider string) (string, error) { // Handle secret creation for container registry authentication switch obj.GitProvider { // GitHub docker auth secret @@ -49,6 +49,31 @@ func CreateContainerRegistrySecret(obj *ContainerRegistryAuth) (string, error) { usernamePasswordStringB64, ) + namespaces := []string{ + "github-runner", + "vault", + "atlantis", + "chartmuseum", + "external-dns", + "external-secrets-operator", + "ingress-nginx", + "kubefirst", + "reloader", + } + + if cloudProvider == "aws" { + for _, val := range namespaces { + argoDeployTokenSecret := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: val}, + Data: map[string][]byte{"config.json": []byte(dockerConfigString)}, + Type: "Opaque", + } + err := k8s.CreateSecretV2(obj.Clientset, argoDeployTokenSecret) + if err != nil { + log.Error().Msgf("error while creating secret for container registry auth: %s", err) + } + } + } // Create argo workflows pull secret argoDeployTokenSecret := &v1.Secret{ ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: "argo"},