Skip to content

Commit

Permalink
CLOUDP-202467: Remove unused OpenShift credentials (#1219) (#1223)
Browse files Browse the repository at this point in the history 
Signed-off-by: Jose Vazquez <[email protected]>
  • Loading branch information
@josvazg
josvazg authored Nov 16, 2023
1 parent aa451e8 commit a1e83b5
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 38 deletions.
2 changes: 1 addition & 1 deletion .github/actions/build-push-image/action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ runs:
registry: quay.io
username: ${{ inputs.quay_username }}
password: ${{ inputs.quay_password }}
- name: Build and Push Operator to ${{ steps.tag.outputs.main_tag }}
- name: Build and Push Operator to ${{ inputs.tags }}
uses: docker/build-push-action@v5
with:
context: .
Expand Down
46 changes: 22 additions & 24 deletions .github/workflows/test-e2e.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
name: Prepare E2E configuration and image
runs-on: ubuntu-latest
env:
DOCKER_REPO: mongodb/mongodb-atlas-kubernetes-operator-prerelease
GHCR_REPO: ghcr.io/${{ github.repository_owner }}/mongodb-atlas-kubernetes-operator-prerelease
steps:
- if: ${{ inputs.forked == false }}
name: Check out code
Expand All @@ -33,24 +33,23 @@ jobs:
- name: Prepare tag
id: prepare
uses: ./.github/actions/set-tag
- name: Log in to ghcr.io registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
- name: Build and Push image
uses: ./.github/actions/build-push-image
with:
repository: ${{ env.DOCKER_REPO }}
repository: ${{ env.GHCR_REPO }}
version: ${{ steps.prepare.outputs.tag }}
tags: ${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }}
tags: ${{ env.GHCR_REPO }}:${{ steps.prepare.outputs.tag }}
platforms: linux/amd64
docker_username: ${{ secrets.DOCKER_USERNAME }}
docker_password: ${{ secrets.DOCKER_PASSWORD }}
push_to_quay: false
push_to_docker: false
forked: ${{ inputs.forked }}
prepare-e2e-bundle:
name: Prepare E2E Bundle configuration and image
runs-on: ubuntu-latest
env:
DOCKER_REGISTRY: quay.io
DOCKER_REPO: mongodb/mongodb-atlas-kubernetes-operator-prerelease
DOCKER_BUNDLES_REPO: mongodb/mongodb-atlas-kubernetes-bundles-prerelease
GHCR_REPO: ghcr.io/mongodb/mongodb-atlas-kubernetes-operator-prerelease
GHCR_BUNDLES_REPO: ghcr.io/mongodb/mongodb-atlas-kubernetes-bundles-prerelease
steps:
- if: ${{ inputs.forked == false }}
name: Check out code
Expand All @@ -72,7 +71,7 @@ jobs:
- name: Generate configuration for the tests
uses: ./.github/actions/gen-install-scripts
with:
IMAGE_URL: ${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }}
IMAGE_URL: ${{ env.GHCR_REPO }}:${{ steps.prepare.outputs.tag }}
VERSION: ${{ steps.prepare.outputs.tag }}
ENV: dev
- name: Change path for the test
Expand Down Expand Up @@ -100,32 +99,28 @@ jobs:
- name: Prepare docker tag
id: prepare-docker-bundle-tag
run: |
REPOSITORY=${{ env.DOCKER_BUNDLES_REPO }}
REPOSITORY=${{ env.GHCR_BUNDLES_REPO }}
TAG=${{ steps.prepare.outputs.tag }}
TAGS="${REPOSITORY}:${TAG}"
echo "tags=$TAGS" >> $GITHUB_OUTPUT
- name: Log in to ghcr.io registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
- name: Build and Push image
uses: ./.github/actions/build-push-image
with:
get-existing-cache: true
file: bundle.Dockerfile
repository: ${{ env.DOCKER_BUNDLES_REPO }}
repository: ${{ env.GHCR_BUNDLES_REPO }}
version: ${{ steps.prepare.outputs.tag }}
tags: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }}
tags: ${{ env.GHCR_BUNDLES_REPO }}:${{ steps.prepare.outputs.tag }}
platforms: linux/amd64
push_to_docker: false
push_to_quay: true
quay_username: mongodb+mongodb_atlas_kubernetes
quay_password: ${{ secrets.QUAY_PASSWORD }}
forked: ${{ inputs.forked }}
e2e:
name: E2E tests
needs: [prepare-e2e, prepare-e2e-bundle]
runs-on: ubuntu-latest
env:
DOCKER_REGISTRY: docker.io
DOCKER_REPO: mongodb/mongodb-atlas-kubernetes-operator-prerelease
DOCKER_BUNDLES_REPO: quay.io/mongodb/mongodb-atlas-kubernetes-bundles-prerelease
GHCR_REPO: ghcr.io/mongodb/mongodb-atlas-kubernetes-operator-prerelease
GHCR_BUNDLES_REPO: ghcr.io/mongodb/mongodb-atlas-kubernetes-bundles-prerelease
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -200,7 +195,7 @@ jobs:
- name: Generate configuration for the tests
uses: ./.github/actions/gen-install-scripts
with:
IMAGE_URL: ${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }}
IMAGE_URL: ${{ env.GHCR_REPO }}:${{ steps.prepare.outputs.tag }}
VERSION: ${{ steps.prepare.outputs.tag }}
ENV: dev

Expand Down Expand Up @@ -238,8 +233,11 @@ jobs:
MCLI_PRIVATE_API_KEY: ${{ secrets.ATLAS_PRIVATE_KEY }}
MCLI_ORG_ID: ${{ secrets.ATLAS_ORG_ID}}
MCLI_OPS_MANAGER_URL: "https://cloud-qa.mongodb.com/"
IMAGE_URL: "${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }}"
BUNDLE_IMAGE: "${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_BUNDLES_REPO}}:${{ steps.prepare.outputs.tag }}"
IMAGE_URL: "${{ env.GHCR_REPO }}:${{ steps.prepare.outputs.tag }}"
IMAGE_PULL_SECRET_REGISTRY: ghcr.io
IMAGE_PULL_SECRET_USERNAME: $
IMAGE_PULL_SECRET_PASSWORD: "${{ secrets.GITHUB_TOKEN }}"
BUNDLE_IMAGE: "${{ env.GHCR_BUNDLES_REPO}}:${{ steps.prepare.outputs.tag }}"
K8S_PLATFORM: "${{ steps.properties.outputs.k8s_platform }}"
K8S_VERSION: "${{ steps.properties.outputs.k8s_version }}"
TEST_NAME: "${{ matrix.test }}"
Expand Down
72 changes: 59 additions & 13 deletions test/e2e/cli/helm/helm.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,32 +101,42 @@ func UninstallCRD(input model.UserInputs) {
func InstallOperatorWideSubmodule(input model.UserInputs) {
packageChart(config.AtlasOperatorCRDHelmChartPath, filepath.Join(config.AtlasOperatorHelmChartPath, "charts"))
repo, tag := splitDockerImage()
Install(
"atlas-operator-"+input.Project.GetProjectName(),
createNamespace(input.Namespace)
installArgs := []string{
"atlas-operator-" + input.Project.GetProjectName(),
config.AtlasOperatorHelmChartPath,
"--set-string", fmt.Sprintf("atlasURI=%s", config.AtlasHost),
"--set", "objectDeletionProtection=false",
"--set", "subobjectDeletionProtection=false",
"--set-string", fmt.Sprintf("image.repository=%s", repo),
"--set-string", fmt.Sprintf("image.tag=%s", tag),
"--namespace", input.Namespace,
"--create-namespace",
)
}
pullSecretPassword := os.Getenv("IMAGE_PULL_SECRET_PASSWORD")
if pullSecretPassword != "" {
installArgs = addPullSecret(installArgs, pullSecretPassword, input.Namespace)
}
Install(installArgs...)
}

// InstallOperatorNamespacedFromLatestRelease install latest released version of the
// Atlas Operator from Helm charts repo.
func InstallOperatorNamespacedFromLatestRelease(input model.UserInputs) {
Install(
"atlas-operator-"+input.Project.GetProjectName(),
createNamespace(input.Namespace)
installArgs := []string{
"atlas-operator-" + input.Project.GetProjectName(),
"mongodb/mongodb-atlas-operator",
"--set", fmt.Sprintf("watchNamespaces={%s}", input.Namespace),
"--set-string", fmt.Sprintf("atlasURI=%s", config.AtlasHost),
"--set", "objectDeletionProtection=false",
"--set", "subobjectDeletionProtection=false",
"--namespace="+input.Namespace,
"--create-namespace",
)
"--namespace=" + input.Namespace,
}
pullSecretPassword := os.Getenv("IMAGE_PULL_SECRET_PASSWORD")
if pullSecretPassword != "" {
installArgs = addPullSecret(installArgs, pullSecretPassword, input.Namespace)
}
Install(installArgs...)
}

// InstallOperatorNamespacedSubmodule installs the operator from `helm-charts` directory.
Expand All @@ -135,8 +145,9 @@ func InstallOperatorNamespacedFromLatestRelease(input model.UserInputs) {
func InstallOperatorNamespacedSubmodule(input model.UserInputs) {
packageChart(config.AtlasOperatorCRDHelmChartPath, filepath.Join(config.AtlasOperatorHelmChartPath, "charts"))
repo, tag := splitDockerImage()
Install(
"atlas-operator-"+input.Project.GetProjectName(),
createNamespace(input.Namespace)
installArgs := []string{
"atlas-operator-" + input.Project.GetProjectName(),
config.AtlasOperatorHelmChartPath,
"--set-string", fmt.Sprintf("atlasURI=%s", config.AtlasHost),
"--set-string", fmt.Sprintf("image.repository=%s", repo),
Expand All @@ -145,9 +156,44 @@ func InstallOperatorNamespacedSubmodule(input model.UserInputs) {
"--set", "mongodb-atlas-operator-crds.enabled=false",
"--set", "objectDeletionProtection=false",
"--set", "subobjectDeletionProtection=false",
"--namespace="+input.Namespace,
"--create-namespace",
fmt.Sprintf("--namespace=%s", input.Namespace),
}
pullSecretPassword := os.Getenv("IMAGE_PULL_SECRET_PASSWORD")
if pullSecretPassword != "" {
installArgs = addPullSecret(installArgs, pullSecretPassword, input.Namespace)
}
Install(installArgs...)
}

func addPullSecret(installArgs []string, pullSecretPassword, namespace string) []string {
registry := os.Getenv("IMAGE_PULL_SECRET_REGISTRY")
pullSecretUsername := os.Getenv("IMAGE_PULL_SECRET_USERNAME")
secretName := fmt.Sprintf("ako-pull-secret-%s", registry)
createPullSecret(secretName, namespace, registry, pullSecretUsername, pullSecretPassword)
return append(installArgs,
"--set-string", fmt.Sprintf("imagePullSecrets[0].name=%s", secretName))
}

func createNamespace(namespace string) {
session := cli.Execute("kubectl", "create", "namespace", namespace)
msg := cli.GetSessionExitMsg(session)
Expect(session.ExitCode()).To(Equal(0), "namespace creation failed: %s", msg)
}

func createPullSecret(secretName, namespace, registry, username, password string) {
session := cli.Execute(
"kubectl",
"create",
"secret",
"docker-registry",
secretName,
fmt.Sprintf("--namespace=%s", namespace),
fmt.Sprintf("--docker-server=%s", registry),
fmt.Sprintf("--docker-username=%s", username),
fmt.Sprintf("--docker-password=%s", password),
)
msg := cli.GetSessionExitMsg(session)
Expect(session.ExitCode()).To(Equal(0), "pull secret creation failed: %s", msg)
}

// splitDockerImage returns the image name and tag.
Expand Down

0 comments on commit a1e83b5

Please sign in to comment.