Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mount agent-upgrade credentials default location in filesystem #1044

Merged
merged 8 commits into from
Nov 26, 2024
Merged

Mount agent-upgrade credentials default location in filesystem #1044

merged 8 commits into from
Nov 26, 2024

Conversation

rain-on
Copy link
Contributor

@rain-on rain-on commented Nov 25, 2024
edited
Loading

Background

To avoid rate-limiting when polling docker for agent versions/charts - helm must be provided with credentials via the ~/.config/helm/registry/config.json file (though will fallback to docker config/env).

This change is responsible for mapping the secret in the helm chart, into the filesystem of the script-pod.

It is optional, such that if the secret does not exist, and empty directory is mounted instead.

The change was required to be made to both raw, and normal script pods (though there should be a nicer way of doing this to avoid string-matching across files :( ).

Fixes: #1045

How to review this PR

Quality ✔️

Pre-requisites

  • I have read How we use GitHub Issues for help deciding when and where it's appropriate to make an issue.
  • I have considered informing or consulting the right people, according to the ownership map.
  • I have considered appropriate testing for my change.

@rain-on rain-on requested a review from a team as a code owner November 25, 2024 05:33
APErebus
APErebus approved these changes Nov 26, 2024
View reviewed changes
Copy link
Contributor

@APErebus APErebus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just 1 suggestion to reduce duplication, but not blocking

source/Octopus.Tentacle/Kubernetes/KubernetesRawScriptPodCreator.cs Outdated
Comment on lines 84 to 100
new()
{
Name = "agent-upgrade",
Secret = new V1SecretVolumeSource
{
SecretName = "agent-upgrade-secret",
Items = new List<V1KeyToPath>()
{
new()
{
Key = ".dockerconfigjson",
Path = "config.json"
}
},
Optional = true,
},
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we define this as a method in the base KubernetesScriptPodCreator, so we don't have it defined twice?

@rain-on rain-on merged commit 3aeb42e into main Nov 26, 2024
52 of 53 checks passed
@rain-on rain-on deleted the tmm/mount_helm_upgrade_cfg branch November 26, 2024 22:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@APErebus APErebus APErebus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Health checks and upgrades sometimes fail due to docker rate limiting.
2 participants
@rain-on @APErebus