trow icon indicating copy to clipboard operation
trow copied to clipboard

Published 20 hours ago verified publisher icon Trow-Registry

Showcase kustomize setters

Open blaggacao opened this issue 4 years ago • 4 comments

Showcase #183

cd ./install

$ kustomize cfg list-setters .
    NAME             VALUE            SET BY          DESCRIPTION           COUNT
  fqdn       myregistry.mydomain.io            full qualified domain name   6
  username   myuser                            registry user name           1

$ kustomize cfg set . fqdn registry.example.com
set 6 fields

diff --git a/install/Krmfile b/install/Krmfile
index 8f6d616..7ac4924 100644
--- a/install/Krmfile
+++ b/install/Krmfile
@@ -7,7 +7,8 @@ openAPI:
       x-k8s-cli:
         setter:
           name: fqdn
-          value: "myregistry.mydomain.io"
+          value: "registry.example.com"
+          isSet: true
     io.k8s.cli.setters.username:
       description: registry user name
       x-k8s-cli:
diff --git a/install/base/stateful-set.yaml b/install/base/stateful-set.yaml
index f34c456..0dd4f10 100644
--- a/install/base/stateful-set.yaml
+++ b/install/base/stateful-set.yaml
@@ -17,7 +17,7 @@ spec:
         args:
         - "--no-tls"
         - "-n"
-        - "myregistry.mydomain.io" # {"$openapi":"fqdn"}
+        - "registry.example.com" # {"$openapi":"fqdn"}
         - "-u"
         - "myuser" # {"$openapi":"username"}
         - "--password-file"
diff --git a/install/base/validate.yaml b/install/base/validate.yaml
index f1f1602..e7517da 100644
--- a/install/base/validate.yaml
+++ b/install/base/validate.yaml
@@ -3,7 +3,7 @@ kind: ValidatingWebhookConfiguration
 metadata:
   name: trow-validator
 webhooks:
-- name: myregistry.mydomain.com # {"$openapi":"fqdn"}
+- name: registry.example.com # {"$openapi":"fqdn"}
   clientConfig:
     service:
       name: trow
diff --git a/install/overlays/cert-manager-nginx/ingress.yaml b/install/overlays/cert-manager-nginx/ingress.yaml
index 6a4a410..5c6f9d2 100644
--- a/install/overlays/cert-manager-nginx/ingress.yaml
+++ b/install/overlays/cert-manager-nginx/ingress.yaml
@@ -10,7 +10,7 @@ metadata:
     nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
 spec:
   rules:
-  - host: myregistry.mydomain.io # {"$openapi":"fqdn"}
+  - host: registry.example.com # {"$openapi":"fqdn"}
     http:
       paths:
       - backend:
@@ -19,5 +19,5 @@ spec:
         path: /
   tls:
   - hosts:
-    - myregistry.mydomain.io # {"$openapi":"fqdn"}
+    - registry.example.com # {"$openapi":"fqdn"}
     secretName: trow-registry-tls
diff --git a/install/overlays/example-overlay/kustomization.yaml b/install/overlays/example-overlay/kustomization.yaml
index 48c6466..7aa0438 100644
--- a/install/overlays/example-overlay/kustomization.yaml
+++ b/install/overlays/example-overlay/kustomization.yaml
@@ -12,6 +12,6 @@ secretGenerator:
 - name: trow-cred
   type: docker-registry
   literals:
-  - docker-server=example.registry.com # {"$openapi":"fqdn"}
+  - registry.example.com # {"$openapi":"fqdn"}
   - docker-username=example
   - docker-password=s3cr3tp@55
diff --git a/install/overlays/gke/cert.yaml b/install/overlays/gke/cert.yaml
index e0943fc..e3b6957 100644
--- a/install/overlays/gke/cert.yaml
+++ b/install/overlays/gke/cert.yaml
@@ -4,4 +4,4 @@ metadata:
   name: trow-certificate
 spec:
   domains:
-  - myregistry.mydomain.com # {"$openapi":"fqdn"}
+  - registry.example.com # {"$openapi":"fqdn"}

Oooops... (this is solved via a so called substituters) https://github.com/ContainerSolutions/trow/pull/186/commits/d50752c0fd8a815b0aa31b954e164e6c390493ec

-  - docker-server=example.registry.com # {"$openapi":"fqdn"}
+  - registry.example.com # {"$openapi":"fqdn"}

blaggacao avatar Oct 06 '20 23:10 blaggacao

Thanks for this @blaggacao! It definitely looks like a better solution.

My main question/worry is how supported is this? I can't find much about krmfiles in the docs and it seems to have only been recently merged. Will it actually work with the version of kustomize in kubectl?

amouat avatar Oct 07 '20 16:10 amouat

Will it actually work with the version of kustomize in kubectl?

Not yet. But see how work is progressing on: https://github.com/kubernetes-sigs/kustomize/issues/1500 New versions are expected to land in 20.* onwards.

The underlying cli primitives are actually from a upstream repo that I can't find right now, they are shared with kpt. So what I do: I read the kpt documentation and apply it to kustomize. Since kustomize will be upstreamed my prediction is it's the more generic approach (eg. kpt doesn't call it openapi but some branded token, afaik).

I think as a maintainer of this project your best bet is to keep an eye on this. I'll put it in draft as to signal it's no intended to merge.

That is unless you want to get adventurous, of course. :wink:

blaggacao avatar Oct 07 '20 17:10 blaggacao

Thanks, yeah, I don't think we can merge this until it's more standard.

It is nice though, thanks for bringing it to my attention.

amouat avatar Oct 09 '20 08:10 amouat

I added the blocked label, it can be removed when support has been in kubectl for a reasonable amount of time (so the average user could be expected to have then feature)

amouat avatar Oct 09 '20 08:10 amouat

kustomize is not used anymore

awoimbee avatar Sep 25 '23 10:09 awoimbee