4a3b8ff654
The functionality of local docker registry authentication will be enabled in commit https://review.openstack.org/#/c/626355/. However, the OSH doesn't support a way to pass credentials to kubernetes to pull images from a registry with authentication turned on. This commit adds a "imagePullSecrets" field in service account template resource and references the well-known secret "default-registry-key" which created in sysinv during application apply. With this change, kubernetes will pull images from local registry using this secret. Note: - This is short-term solution. The long-term solution is to implement the BP https://blueprints.launchpad.net/openstack-helm/+spec/support -docker-registry-with-authentication-turned-on which creates the secret in chart and pass the secret in service account conditionally. - It works with an unauthed registry and non-existent or existent secret "default-registry-key" as well. Change-Id: Icdff8b385cee7f8b0311086ae892b3b1edacea37 Story: 2002840 Task: 28945 Signed-off-by: Angie Wang <angie.wang@windriver.com>
82 lines
2.1 KiB
RPMSpec
82 lines
2.1 KiB
RPMSpec
%global sha 5d356f9265b337b75f605dee839faa8cd0ed3ab2
|
|
%global helm_folder /usr/lib/helm
|
|
|
|
Summary: Openstack-Helm-Infra charts
|
|
Name: openstack-helm-infra
|
|
Version: 1.0
|
|
Release: %{tis_patch_ver}%{?_tis_dist}
|
|
License: Apache-2.0
|
|
Group: base
|
|
Packager: Wind River <info@windriver.com>
|
|
URL: https://github.com/openstack/openstack-helm-infra
|
|
|
|
Source0: %{name}-%{sha}.tar.gz
|
|
Source1: repositories.yaml
|
|
|
|
BuildArch: noarch
|
|
|
|
Patch01: 0001-gnocchi-chart-updates.patch
|
|
Patch02: Mariadb-Support-adoption-of-running-single-node-mari.patch
|
|
Patch03: Mariadb-Share-container-PID-namespaces-under-docker.patch
|
|
Patch04: 0004-Allow-multiple-containers-per-daemonset-pod.patch
|
|
Patch05: fix-type-error-to-streamline-single-replica-mariadb-.patch
|
|
Patch06: Add-imagePullSecrets-in-service-account.patch
|
|
|
|
BuildRequires: helm
|
|
|
|
%description
|
|
Openstack Helm Infra charts
|
|
|
|
%prep
|
|
%setup -n openstack-helm-infra
|
|
%patch01 -p1
|
|
%patch02 -p1
|
|
%patch03 -p1
|
|
%patch04 -p1
|
|
%patch05 -p1
|
|
%patch06 -p1
|
|
|
|
%build
|
|
# initialize helm and build the toolkit
|
|
# helm init --client-only does not work if there is no networking
|
|
# The following commands do essentially the same as: helm init
|
|
%define helm_home %{getenv:HOME}/.helm
|
|
mkdir %{helm_home}
|
|
mkdir %{helm_home}/repository
|
|
mkdir %{helm_home}/repository/cache
|
|
mkdir %{helm_home}/repository/local
|
|
mkdir %{helm_home}/plugins
|
|
mkdir %{helm_home}/starters
|
|
mkdir %{helm_home}/cache
|
|
mkdir %{helm_home}/cache/archive
|
|
|
|
# Stage a repository file that only has a local repo
|
|
cp %{SOURCE1} %{helm_home}/repository/repositories.yaml
|
|
|
|
# Host a server for the charts
|
|
helm serve /tmp/charts --address localhost:8879 --url http://localhost:8879/charts &
|
|
helm repo rm local
|
|
helm repo add local http://localhost:8879/charts
|
|
|
|
# Make the charts. These produce tgz files
|
|
make helm-toolkit
|
|
make gnocchi
|
|
make ingress
|
|
make libvirt
|
|
make mariadb
|
|
make memcached
|
|
make openvswitch
|
|
make rabbitmq
|
|
|
|
# terminate helm server (the last backgrounded task)
|
|
kill %1
|
|
|
|
%install
|
|
install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder}
|
|
install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder}
|
|
|
|
%files
|
|
%dir %attr(0755,root,root) %{helm_folder}
|
|
%defattr(-,root,root,-)
|
|
%{helm_folder}/*
|