-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow for addons to prompt for data input #1143
Allow for addons to prompt for data input #1143
Conversation
Can one of the admins verify this patch? |
@minikube-bot ok to test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @stevesloka for the PR! I left some comments.
@@ -0,0 +1,76 @@ | |||
package config |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add the Apache License to the top of this file? We have a test that this is at the top of every .go
file in our repo, that's why the travis test is failing. This is the header: https://github.com/kubernetes/minikube/blob/master/pkg/minikube/cluster/cluster.go#L1
cmd/minikube/cmd/config/util.go
Outdated
enableGCR := AskForYesNoConfirmation("\nDo you want to enable Google Container Registry?", posResponses, negResponses) | ||
if enableGCR { | ||
fmt.Println("-- Enter applicatoin_default_credentials.json as base64 by running following command:") | ||
gcrApplicationDefaultCredentials := AskForStaticValue(" base64 -w $HOME/.config/gcloud/application_default_credentials.json: ") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There needs to be a 0 arg in the base64 command, it is base64 -w 0 $HOME/.config/gcloud/application_default_credentials.json
. This was a typo I made in the README
cmd/minikube/cmd/config/util.go
Outdated
|
||
cluster.CreateSecret( | ||
"kube-system", | ||
"gcr-creds", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name of the secret that registry-creds look for now is gcr-secret
.
cmd/minikube/cmd/config/util.go
Outdated
} else { | ||
// Cleanup existing secrets | ||
cluster.DeleteSecret("kube-system", "awsecr-creds") | ||
cluster.DeleteSecret("kube-system", "gcr-creds") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above.
cmd/minikube/cmd/config/util.go
Outdated
awsRegion := AskForStaticValue("-- Enter AWS Region: ") | ||
awsAccount := AskForStaticValue("-- Enter 12 digit AWS Account ID: ") | ||
|
||
cluster.CreateSecret( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe that for GCR/ECR to work in registry-creds current state, both secrets will need to be created for the pod to start properly. This was the case in my experience at least. Maybe empty values can be used for secrets specify which mode is enabled? We can also make changes to registry-creds itself.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm working on some changes to make this easier, will get back to you when I do. I just finished cleaning up the k8s interfaces and implemented the client-go. Will get back soon!
c79c116
to
3ec41da
Compare
Hey @aaron-prindle, I did a bunch of rework on the registry-creds addon. We can now run both registries at the same time. Each cloud gets their own secret. I can't get GCR to work for me, the credentials don't work. But they also don't match the path you have in the readme. Not sure if my setup is wrong, or something else. Could you give it a shot? I think the only remaining item I need to add to registry-creds is to watch the secrets in kube-system. What I've found is you enable the addon, then create the secrets, but the addon won't have the correct secrets until the pod is restarted. So I want to make that experience a bit better. Oh, and for GCR creds, I couldn't get the copy / paste to work. So to avoid all the base64 encode on users machines, just prompted for path on disk. So it reads it from there. Let me know what you think about that. |
GCR is working for me on registry-creds:1.6 if I try to build and run it from: https://github.com/upmc-enterprises/registry-creds. It worked after I copied my ~/.config/gcloud/application_default_credentials.json files into the secret.yaml. I did have to run
I definitely agree the ability to watch for a secret would be a great addition instead of having to create the secret prior. |
Currently I cannot build the updated version of this addon branch though as there seems to be a build issue with client-go: |
3ec41da
to
60d9d1e
Compare
This is working for me. It seems there is a boilerplate license issue though: |
@aaron-prindle yeah somehow the spacing was off, just fixed and pushed up now. |
Codecov Report
@@ Coverage Diff @@
## master #1143 +/- ##
==========================================
- Coverage 44.86% 44.02% -0.84%
==========================================
Files 47 47
Lines 2113 2151 +38
==========================================
- Hits 948 947 -1
- Misses 1010 1049 +39
Partials 155 155
Continue to review full report at Codecov.
|
LGTM |
This allows for an addon to prompt for data. My use case is registry-creds needs additional secrets to enable pulling credentials from a registry. This should vastly simplify this need by prompting the user.
Looking for feedback on the implementation as well as I need to update the registry-creds repo to handle correctly before merging this in.
Here's a screenshot of what it looks like:
// cc #901 upmc-enterprises/registry-creds#34 @aaron-prindle