This is an automated email from the ASF dual-hosted git repository.
marat pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-karavan.git
The following commit(s) were added to refs/heads/main by this push:
new d83b360d Prepare to work in Openshift for #885
d83b360d is described below
commit d83b360df306c0297ca8823852781a21f4fc665d
Author: Marat Gubaidullin <[email protected]>
AuthorDate: Sun Sep 17 13:52:03 2023 -0400
Prepare to work in Openshift for #885
---
.../karavan/kubernetes/KubernetesService.java | 39 ++++++++++++++++++----
.../camel/karavan/service/ProjectService.java | 12 +++++--
.../org/apache/camel/karavan/shared/Constants.java | 1 +
.../snippets/openshift-application.properties | 2 +-
.../src/main/resources/snippets/openshift-build.sh | 9 +++--
.../karavan/installer/resources/KaravanRole.java | 3 +-
6 files changed, 53 insertions(+), 13 deletions(-)
diff --git
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/kubernetes/KubernetesService.java
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/kubernetes/KubernetesService.java
index d8068b0e..14a6d6a0 100644
---
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/kubernetes/KubernetesService.java
+++
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/kubernetes/KubernetesService.java
@@ -95,7 +95,8 @@ public class KubernetesService implements HealthCheck {
KubernetesClient client = kubernetesClient();
SharedIndexInformer<Deployment> deploymentInformer =
client.apps().deployments().inNamespace(getNamespace())
-
.withLabels(labels).inform();deploymentInformer.addEventHandlerWithResyncPeriod(new
DeploymentEventHandler(infinispanService, this), 30 * 1000L);
+ .withLabels(labels).inform();
+ deploymentInformer.addEventHandlerWithResyncPeriod(new
DeploymentEventHandler(infinispanService, this), 30 * 1000L);
informers.add(deploymentInformer);
SharedIndexInformer<Service> serviceInformer =
client.services().inNamespace(getNamespace())
@@ -195,11 +196,37 @@ public class KubernetesService implements HealthCheck {
}
private Pod getBuilderPod(String name, List<String> env, Map<String,
String> labels) {
- List<EnvVar> envVars = env.stream().map(s -> s.split("=")).filter(s ->
s.length > 0).map(parts -> {
+ List<EnvVar> envVars = new ArrayList<>();
+ env.stream().map(s -> s.split("=")).filter(s -> s.length >
0).forEach(parts -> {
String varName = parts[0];
String varValue = parts[1];
- return new
EnvVarBuilder().withName(varName).withValue(varValue).build();
- }).toList();
+ envVars.add(new
EnvVarBuilder().withName(varName).withValue(varValue).build());
+ });
+
+ envVars.add(
+ new EnvVar("IMAGE_REGISTRY", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("image-registry",
KARAVAN_SECRET_NAME, false)).build())
+ );
+ envVars.add(
+ new EnvVar("IMAGE_REGISTRY_USERNAME", null, new
EnvVarSourceBuilder().withSecretKeyRef(new
SecretKeySelector("image-registry-username", KARAVAN_SECRET_NAME,
false)).build())
+ );
+ envVars.add(
+ new EnvVar("IMAGE_REGISTRY_PASSWORD", null, new
EnvVarSourceBuilder().withSecretKeyRef(new
SecretKeySelector("image-registry-password", KARAVAN_SECRET_NAME,
false)).build())
+ );
+ envVars.add(
+ new EnvVar("IMAGE_GROUP", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("image-group",
KARAVAN_SECRET_NAME, false)).build())
+ );
+ envVars.add(
+ new EnvVar("GIT_REPOSITORY", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("git-repository",
KARAVAN_SECRET_NAME, false)).build())
+ );
+ envVars.add(
+ new EnvVar("GIT_USERNAME", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("git-username",
KARAVAN_SECRET_NAME, false)).build())
+ );
+ envVars.add(
+ new EnvVar("GIT_PASSWORD", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("git-password",
KARAVAN_SECRET_NAME, false)).build())
+ );
+ envVars.add(
+ new EnvVar("GIT_BRANCH", null, new
EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelector("git-branch",
KARAVAN_SECRET_NAME, false)).build())
+ );
ObjectMeta meta = new ObjectMetaBuilder()
.withName(name)
@@ -474,14 +501,14 @@ public class KubernetesService implements HealthCheck {
public String getKaravanSecret(String key) {
try (KubernetesClient client = kubernetesClient()) {
- Secret secret =
client.secrets().inNamespace(getNamespace()).withName("karavan").get();
+ Secret secret =
client.secrets().inNamespace(getNamespace()).withName("karavan").get();
Map<String, String> data = secret.getData();
return decodeSecret(data.get(key));
}
}
private String decodeSecret(String data) {
- if (data != null){
+ if (data != null) {
return new
String(Base64.getDecoder().decode(data.getBytes(StandardCharsets.UTF_8)));
}
return null;
diff --git
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/service/ProjectService.java
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/service/ProjectService.java
index bb9d47d4..f838fdfb 100644
---
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/service/ProjectService.java
+++
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/service/ProjectService.java
@@ -125,15 +125,16 @@ public class ProjectService implements HealthCheck {
? tag
: Instant.now().toString().substring(0, 19).replace(":", "-");
String script = codeService.getBuilderScript();
- List<String> env = getEnvForBuild(project, tag);
+ List<String> env = getProjectEnvForBuild(project, tag);
if (ConfigService.inKubernetes()) {
kubernetesService.runBuildProject(project, script, env, tag);
} else {
+ env.addAll(getConnectionsEnvForBuild());
dockerForKaravan.runBuildProject(project, script, env, tag);
}
}
- private List<String> getEnvForBuild(Project project, String tag) {
+ private List<String> getProjectEnvForBuild(Project project, String tag) {
List<String> env = new ArrayList<>();
env.addAll(registryService.getEnvForBuild());
env.addAll(gitService.getEnvForBuild());
@@ -144,6 +145,13 @@ public class ProjectService implements HealthCheck {
return env;
}
+ private List<String> getConnectionsEnvForBuild() {
+ List<String> env = new ArrayList<>();
+ env.addAll(registryService.getEnvForBuild());
+ env.addAll(gitService.getEnvForBuild());
+ return env;
+ }
+
public List<Project> getAllProjects(String type) {
if (infinispanService.isReady()) {
List<ProjectFile> files =
infinispanService.getProjectFilesByName(PROJECT_COMPOSE_FILENAME);
diff --git
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/shared/Constants.java
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/shared/Constants.java
index 71c3af32..4cf59d2e 100644
---
a/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/shared/Constants.java
+++
b/karavan-web/karavan-app/src/main/java/org/apache/camel/karavan/shared/Constants.java
@@ -28,6 +28,7 @@ public class Constants {
public static final String BUILDER_SUFFIX = "-builder";
public static final String CAMEL_PREFIX = "camel";
+ public static final String KARAVAN_SECRET_NAME = "karavan";
public static final String KARAVAN_SERVICE_ACCOUNT = "karavan";
public static final String KARAVAN_PREFIX = "karavan";
public static final String JBANG_CACHE_SUFFIX = "jbang-cache";
diff --git
a/karavan-web/karavan-app/src/main/resources/snippets/openshift-application.properties
b/karavan-web/karavan-app/src/main/resources/snippets/openshift-application.properties
index ff0c5b6a..fe9786e0 100644
---
a/karavan-web/karavan-app/src/main/resources/snippets/openshift-application.properties
+++
b/karavan-web/karavan-app/src/main/resources/snippets/openshift-application.properties
@@ -12,7 +12,7 @@ camel.server.healthCheckEnabled=true
camel.server.devConsoleEnabled=true
camel.context.dev-console=true
camel.main.beanIntrospectionExtendedStatistics=true
-label.runtime=app.kubernetes.io/runtime
+label.runtime=app.openshift.io/runtime
jib.from.image=gcr.io/distroless/java17@sha256:3a4ea21bd7b412b8b6ae61313b39337d8f03bb6844013810e8e4625d8c765edb
jkube.version=1.14.0
jkube.skip.build=true
diff --git
a/karavan-web/karavan-app/src/main/resources/snippets/openshift-build.sh
b/karavan-web/karavan-app/src/main/resources/snippets/openshift-build.sh
index f8edb112..fa2854d3 100644
--- a/karavan-web/karavan-app/src/main/resources/snippets/openshift-build.sh
+++ b/karavan-web/karavan-app/src/main/resources/snippets/openshift-build.sh
@@ -22,12 +22,15 @@ jbang -Dcamel.jbang.version=${CAMEL_VERSION}
camel@apache/camel export --local-k
export LAST_COMMIT=$(git rev-parse --short HEAD)
export DATE=${TAG}
+export CERT=$(cat /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt)
export TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
export NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
-mvn package jib:build org.eclipse.jkube:openshift-maven-plugin:1.14.0:resource
org.eclipse.jkube:openshift-maven-plugin:1.14.0:apply \
+sed -i 's/kubernetes-maven-plugin/openshift-maven-plugin/g' pom.xml
+
+mvn package jib:build oc:resource oc:apply \
-Djkube.namespace=${NAMESPACE} \
-Djib.allowInsecureRegistries=true \
-Djib.to.image=${IMAGE_REGISTRY}/${IMAGE_GROUP}/${PROJECT_ID}:${DATE} \
- -Djib.to.auth.username=${IMAGE_REGISTRY_USERNAME} \
- -Djib.to.auth.password=${IMAGE_REGISTRY_PASSWORD}
\ No newline at end of file
+ -Djib.to.auth.username=${TOKEN} \
+ -Djib.to.auth.password=${TOKEN}
\ No newline at end of file
diff --git
a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanRole.java
b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanRole.java
index 5d01ddce..52eb3f49 100644
---
a/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanRole.java
+++
b/karavan-web/karavan-installer/src/main/java/org/apache/camel/karavan/installer/resources/KaravanRole.java
@@ -33,7 +33,8 @@ public class KaravanRole {
new
PolicyRuleBuilder().withApiGroups("").withResources("persistentvolumes",
"persistentvolumeclaims").withVerbs("*").build(),
new
PolicyRuleBuilder().withApiGroups("").withResources("pods", "services",
"replicationcontrollers").withVerbs("*").build(),
new
PolicyRuleBuilder().withApiGroups("route.openshift.io").withResources("routes").withVerbs("*").build(),
- new
PolicyRuleBuilder().withApiGroups("apps").withResources("deployments").withVerbs("*").build()
+ new
PolicyRuleBuilder().withApiGroups("apps").withResources("deployments").withVerbs("*").build(),
+ new PolicyRuleBuilder().withApiGroups("",
"image.openshift.io").withResources("imagestreams/layers").withVerbs("get",
"update").build()
)
.build();
}
