search

rancher / dashboard

The Rancher UI
https://rancher.com
Apache License 2.0
463 stars 261 forks source link

Registry secrets are not available in the UI when creating a deployment #7220

Closed brudnak closed 2 years ago

brudnak commented 2 years ago

Reproduction Environment

Component Version / Type
Rancher version v2.7-9f1e0435bb45e104ba897c5c329e1f23735843d9-head
Rancher commit link https://github.com/rancher/rancher/commit/9f1e0435bb45e104ba897c5c329e1f23735843d9
Installation option Helm (high availability)
If Helm Chart k8s cluster v1.24.6+k3s1
Cert Details Let's Encrypt / traefik
k3s ha external db Aurora MySQL 5.7.mysql_aurora.2.10.2
Helm version v2.16.8-rancher2
Downstream cluster type RKE1 Linode
Downstream K8s version v1.24.6-rancher1-1
Authentication providers enabled local & GitHub
Logged in user role Administrator & Standard User
Browser type Google Chrome
Browser version 106.0.5249.119 (Official Build) (x86_64)
🚨 Additional Reproduction Setup Details: Click to Expand ```shell helm install rancher rancher-latest/rancher \ --namespace cattle-system \ --set hostname=$URL_VAR \ --set bootstrapPassword=$PW_VAR \ --set ingress.tls.source=letsEncrypt \ --set letsEncrypt.email=$EMAIL_VAR \ --set letsEncrypt.ingress.class=traefik \ --version 2.6.9 \ --set rancherImageTag=v2.7-head ```

Describe the bug

Unable to create a deployment using a private docker image. Unable to select a Pull Secrets from the UI.

Reproduction steps

  1. Create a registry secret with Dockerhub
  2. Start the process of creating a deployment
  3. Under the Image section in deployments ==> click the drop down for Pull Secrets
  4. It just displays Sorry, no matching options

When checking the network tab in the browser dev tools, it looks like the secrets endpoint that is being hit is <rancher-url>/api/v1/namespaces/default/secrets although in 2.6.8 and 2.6.9 the secrets endpoint that gets hit on the same page is <rancher-url>/v1/secrets.

Additional Info

RESULTS

βœ… Expected

Expected to be able to create a deployment with a private image from Dockerhub.

❌ Actual

Was unable to create a deployment with a private image from Dockerhub because the UI is not giving options to choose a set pull secret.

nwmac commented 2 years ago

@aalves08 I'm guessing this is to do with the secondary resource changes - can you take a look

brudnak commented 2 years ago

βœ… PASSED

Reproduction Environment

Not required.

Validation Environment

Component Version / Type
Rancher version v2.7-9f1e0435bb45e104ba897c5c329e1f23735843d9-head
Installation option Helm (high availability)
If Helm Chart k8s cluster v1.24.6+k3s1
Cert Details Let's Encrypt / traefik
k3s ha external db Aurora MySQL 5.7.mysql_aurora.2.10.2
Helm version v2.16.8-rancher2
Downstream cluster type RKE1 Linode
Downstream K8s version v1.24.6-rancher1-1
Authentication providers enabled local & GitHub
Logged in user role Administrator & Standard User
Browser type Google Chrome
Browser version 106.0.5249.119 (Official Build) (x86_64)

Validation steps

  1. Create a registry secret with Dockerhub
  2. Start the process of creating a deployment
  3. Under the Image section in deployments ==> click the drop down for Pull Secrets
  4. The registry secret is now displayed, select it
  5. Deploy the workload with a private dockerhub image
  6. Image successfully runs

Additional Info

RESULTS

βœ… Expected

To be able to use a registry secret to launch a workload with a private image from Dockerhub

βœ… Actual

Was able to use a registry secret to launch a workload with a private image from Dockerhub

πŸ“‹ QA Test Plan

Scenario Steps Expected Actual & Pass/Fail
Unsure that using a pull secret works for all Workload types
  1. CronJobs
  2. DaemonSets
  3. Deployments
  4. Jobs
  5. StatefulSets
  6. Pod
 Expected: To be able to use a registry secret to launch a workload with a private image from Dockerhub Actual: Was able to use a registry secret to launch a workload with a private image from Dockerhub

Pass/Fail: βœ…PASS
Secret created with kubectl shows up
  1. Follow doc at https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  2. Run the following command via kubectl
  3. kubectl create secret docker-registry regcred --docker-server=your-registry-server --docker-username=your-name --docker-password=your-pword --docker-email=your-email
 Expected: Secret created with kubectl shows up in the drop down Actual: Secret created with kubectl did show up in the drop down

Pass/Fail: βœ…PASS
Secret is useable
  1. Use the registry secret to launch a private dockerhub image
  2. Ensure that the secret actually works to pull the priviate image
 Expected: Private image to successfully pull Actual: Private image was pulled and successfully ran

Pass/Fail: βœ…PASS