search

datreeio / admission-webhook-datree

Datree offers cluster integration that allows you to validate your resources against your configured policy upon pushing them into a cluster, by using an admission webhook.
https://datree.io/
Apache License 2.0
24 stars 10 forks source link

feat: helm chart support private registry #328

Closed alifiroozi80 closed 1 year ago

alifiroozi80 commented 1 year ago

Hello everyone, Based on this feature request, I added an imagePullSecrets field to the Datree charts. The Datree chart supports the registry field but hasn't had an imagePullSecrets field (What if the user had its own registry?) Thanks to @eyarz and @myishay for encouraging me to open this PR.

myishay commented 1 year ago

Hi @alifiroozi80 ! Thank you for your contribution! ๐Ÿš€ One of our team will review it in the upcoming days ๐Ÿ‘€

alifiroozi80 commented 1 year ago

Hello @TzlilSwimmer123, I applied all suggestions. Thanks for your feedback.

TzlilSwimmer123 commented 1 year ago

I left 2 comments before:) https://github.com/datreeio/admission-webhook-datree/pull/328#pullrequestreview-1435498037

Did you managed to install the helm chart with private registry?

alifiroozi80 commented 1 year ago

Hello again, @TzlilSwimmer123. I just fixed another thing and Installed the Chart successfully.

TzlilSwimmer123 commented 1 year ago

@alifiroozi80 there is a chance you forgot to push?

alifiroozi80 commented 1 year ago

No, I pushed the Fix the helper commit.

With this commit and this sample values.yaml file like the one below, it would be installed:

datree:
  token: "xxx"
  clusterName: "xxx"

imageCredentials:
  enabled: true
  registry: xxx
  username: xxx
  password: xxx
  email: xxx@xxx.com
helm install xxx --dry-run --debug .
TzlilSwimmer123 commented 1 year ago

@alifiroozi80 there are 2 things to change plz check this review https://github.com/datreeio/admission-webhook-datree/pull/328#pullrequestreview-1435498037

alifiroozi80 commented 1 year ago

Hello @TzlilSwimmer123 Yes, I install it :)

Here are my values.yaml:

namespace: "test"
datree:
  token: "xxx"
  clusterName: "xxx"

image:
  repository: alifiroozizamani/datree
  tag: "1"

imageCredentials:
  enabled: true
  registry: docker.io
  username: alifiroozizamani
  password: "SuperSecretPassword"
  email: alifiroozizamani@gmail.com

clusterScanner:
  image:
    repository: alifiroozizamani/datree
    tag: "1"
helm install -n test test .

$ k -n test describe pod datree-webhook-server-7d9f479ff5-4s4tt
[...]
Events:
  Type     Reason     Age                From               Message
  ----     ------     ----               ----               -------
  Normal   Scheduled  30s                default-scheduler  Successfully assigned test/datree-webhook-server-7d9f479ff5-4s4tt to worker2
  Normal   Pulled     18s                kubelet            Successfully pulled image "alifiroozizamani/datree:1" in 11.185828103s
  Normal   Pulling    16s                kubelet            Pulling image "alifiroozizamani/datree:1"
  Normal   Created    15s                kubelet            Created container server
  Normal   Started    15s                kubelet            Started container server
[...]
TzlilSwimmer123 commented 1 year ago

@alifiroozi80 Maybe there is a problem with the review url so here is a print screen: Screen Shot 2023-05-21 at 15 06 19

alifiroozi80 commented 1 year ago

Hello @TzlilSwimmer123, Thanks, I change the README.md file. But I didn't realize the second comment about the image-credentials.yaml, (Forgot to remove new line:))

Did you mean to add a new line at the end of the image-credentials.yaml?

TzlilSwimmer123 commented 1 year ago

@alifiroozi80 Did you mean to add a new line at the end of the - never mind, not important - the new line suppose to be deleted.

1 important thing to be done, run: make generate-helm-docs and commit the changes

alifiroozi80 commented 1 year ago

Hello @TzlilSwimmer123, Doneโœ… P.S: I also added that new line at the end of the image-credentials.yaml

alifiroozi80 commented 1 year ago

Thank @TzlilSwimmer123 :)