Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of [NET-10985] Fix bug where imagePullSecrets were not set up for Gateways into release/1.6.x #4375

Merged
merged 13 commits into from
Sep 27, 2024
Merged

Backport of [NET-10985] Fix bug where imagePullSecrets were not set up for Gateways into release/1.6.x #4375

merged 13 commits into from
Sep 27, 2024

Conversation

hc-github-team-consul-core
Copy link

Backport

This PR is auto-generated from #4316 to be assessed for backporting due to the inclusion of the label backport/1.6.x.

The below text is copied from the body of the original PR.

Fixes #4312

Note

In order for the pull secrets to work for a Gateway, they must be available in any namespace that a Gateway is deployed to. This is already the case with injected mesh sidecars if you, for example, consume consul-dataplane from a private image registry, so I have not made any special accomadations for Gateways.

Changes proposed in this PR

Plumb global.imagePullSecrets onto the ServiceAccount created for each Gateway

How I've tested this PR

  1. Created a private registry on DockerHub for consul-dataplane, which is used by the gateway's Deployment

    docker pull hashicorp/consul-dataplane:1.5.3
docker tag hashicorp/consul-dataplane:1.5.3 <your_dockerhub_username>/consul-dataplane:1.5.3
docker login
docker push <your_dockerhub_username>/consul-dataplane:1.5.3

  2. Created an image pull secret for DockerHub in my K8s cluster

  3. Set global.imageConsulDataplane to the private registry version

  4. Install using this version of the Helm chart and this build of consul-k8s-control-plane

    values.yaml 
    global:
  name: consul
  datacenter: dc1
  imageConsulDataplane: docker.io/<your_dockerhub_username>/consul-dataplane:1.5.3
  imageK8S: consul-k8s-control-plane:local
  imagePullSecrets:
  - name: regcred
  tls:
    enabled: true
    enableAutoEncrypt: true
  acls:
    manageSystemACLs: true
connectInject:
  enabled: true
    kind create cluster
make dev-docker && kind load docker-image consul-k8s-control-plane:local
helm upgrade --install consul /path/to/consul-k8s/charts/consul --namespace consul --create-namespace --values ./values.yaml

How I expect reviewers to test this PR

See above

Checklist

Overview of commits

@hc-github-team-consul-core hc-github-team-consul-core merged commit fbe0ae4 into release/1.6.x Sep 27, 2024
48 of 49 checks passed
@hc-github-team-consul-core hc-github-team-consul-core deleted the backport/gateway-image-pull-secrets/primarily-coherent-cougar branch September 27, 2024 19:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nathancoleman nathancoleman nathancoleman approved these changes

Assignees

@nathancoleman nathancoleman

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hc-github-team-consul-core @nathancoleman