We would like to ease the usage of credentials for ImagePullSecrets with images our Operator is using. It is important that this supports both vanilla Kubernetes and OpenShift.
Hi all, I customized some of the images used by the operator (tackle-ui, tackle-pathfinder and tackle-hub), I pushed them to a private registry which requires authentication. Any suggestion on how to make konveyor authenticate to pull the images? I've tried defining a secret and then added the secret under imagePullSecrets (in the yaml file described at "create the Tackle instance" of the installation guide). But still the POD does not even try to authenticate. Thank you folks
For OpenShift:
get the existing secret, update it with your additional credentials for your private registry, and push back
Similar secret creation, then the pod definition is updated to use the pull secret:
https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
As long as the operator is using strategic merge strategy for the deployments (this is the default, so unless it needed to be changed for a reason) you should be able to add this to the deployment definitions. Either way this could/should probably be an RFE for the operator so someone can hand us a secret name and we can update the deployment pod definitions. Shouldn't be too hard. I'm not sure I want to be in the business of managing the secret itself, but that's up for debate.
We would like to ease the usage of credentials for ImagePullSecrets with images our Operator is using. It is important that this supports both vanilla Kubernetes and OpenShift.
See discussion from #konveyor slack with @jmontleon helping: https://kubernetes.slack.com/archives/CR85S82A2/p1689684174225349?thread_ts=1689597418.341729&cid=CR85S82A2
Highlights from slack:
For OpenShift:
https://docs.openshift.com/container-platform/4.13/openshift_images/managing_images/using-image-pull-secrets.html#images-update-g[…]age-pull-secrets
For Kubernetes (non-OpenShift)