From c5834d2096406c43980dbb33e1be963a2a28f41f Mon Sep 17 00:00:00 2001 From: Yury Kovalev Date: Mon, 2 Dec 2024 17:20:09 +0100 Subject: [PATCH] ROX-27209: Change image pull secret for operator deployments --- .../fleetshard-operator/07-serviceaccount.yaml | 2 -- .../fleetshard-operator/51-fleetshard-cr.yaml | 3 +-- .../01-fleetshard-sync-secrets.yaml | 2 -- dev/env/scripts/bootstrap.sh | 1 - dev/env/scripts/create-imagepullsecrets | 18 ++---------------- dev/env/scripts/up.sh | 6 ------ dp-terraform/helm/rhacs-terraform/values.yaml | 4 ++-- .../rhacs-operator-service-account.yaml | 2 +- fleetshard/pkg/central/operator/upgrade.go | 3 ++- 9 files changed, 8 insertions(+), 33 deletions(-) diff --git a/dev/env/manifests/fleetshard-operator/07-serviceaccount.yaml b/dev/env/manifests/fleetshard-operator/07-serviceaccount.yaml index 1354cc2c45..a07ba2d295 100644 --- a/dev/env/manifests/fleetshard-operator/07-serviceaccount.yaml +++ b/dev/env/manifests/fleetshard-operator/07-serviceaccount.yaml @@ -3,5 +3,3 @@ kind: ServiceAccount metadata: name: acs-fleetshard-operator namespace: "$ACSCS_NAMESPACE" -imagePullSecrets: - - name: acs-fleetshard-operator diff --git a/dev/env/manifests/fleetshard-operator/51-fleetshard-cr.yaml b/dev/env/manifests/fleetshard-operator/51-fleetshard-cr.yaml index 1a1d59d1cd..5cc5decbe9 100644 --- a/dev/env/manifests/fleetshard-operator/51-fleetshard-cr.yaml +++ b/dev/env/manifests/fleetshard-operator/51-fleetshard-cr.yaml @@ -29,8 +29,7 @@ spec: secretEncryption: type: "local" tenantImagePullSecret: - name: "fleetshard-sync" - key: "tenant-image-pull-secret" + create: false # created by create-imagepullsecrets script nodeSelector: null tolerations: null addonAutoUpgradeEnabled: false diff --git a/dev/env/manifests/fleetshard-sync/01-fleetshard-sync-secrets.yaml b/dev/env/manifests/fleetshard-sync/01-fleetshard-sync-secrets.yaml index 20c70ca5de..a0ea54f109 100644 --- a/dev/env/manifests/fleetshard-sync/01-fleetshard-sync-secrets.yaml +++ b/dev/env/manifests/fleetshard-sync/01-fleetshard-sync-secrets.yaml @@ -8,8 +8,6 @@ stringData: aws-access-key-id: "${AWS_ACCESS_KEY_ID}" aws-secret-access-key: "${AWS_SECRET_ACCESS_KEY}" telemetry-storage-key: "${TELEMETRY_STORAGE_KEY}" - tenant-image-pull-secret: | - ${TENANT_IMAGE_PULL_SECRET} --- apiVersion: v1 kind: Secret diff --git a/dev/env/scripts/bootstrap.sh b/dev/env/scripts/bootstrap.sh index f8f1dd89c6..f80bbe6ac7 100755 --- a/dev/env/scripts/bootstrap.sh +++ b/dev/env/scripts/bootstrap.sh @@ -38,7 +38,6 @@ wait_for_default_service_account "$ACSCS_NAMESPACE" if [[ "$INHERIT_IMAGEPULLSECRETS" == "true" ]]; then create-imagepullsecrets inject_ips "$ACSCS_NAMESPACE" "default" "quay-ips" - inject_ips "$STACKROX_OPERATOR_NAMESPACE" "default" "quay-ips" else log "Skipping creation of ImagePullSecrets because INHERIT_IMAGEPULLSECRETS is not true" fi diff --git a/dev/env/scripts/create-imagepullsecrets b/dev/env/scripts/create-imagepullsecrets index 4c1c8c55d6..c16e4888fa 100755 --- a/dev/env/scripts/create-imagepullsecrets +++ b/dev/env/scripts/create-imagepullsecrets @@ -69,7 +69,7 @@ function print_auth() { registry_auth="$(print_auth "$(mkauth "${username}" "${password}")")" -log "Creating quay-ips image pull secret in namespace ${STACKROX_OPERATOR_NAMESPACE}" +log "Creating rhacs-registry image pull secret in namespace ${STACKROX_OPERATOR_NAMESPACE}" resOperatorImage=$( cat <