Skip to content

(CONT-585) allow deferred function for auth password #637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 5, 2023
Merged

(CONT-585) allow deferred function for auth password #637

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions REFERENCE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -626,7 +626,7 @@ the files if they do not exist.
[*containerd_config_template*]
The template to use for containerd configuration
This value is ignored if containerd_config_source is defined
Default to 'kubernetes/containerd/config.toml.erb'
Default to 'kubernetes/containerd/config.toml.epp'

[*containerd_config_source*]
The source of the containerd configuration
Expand Down Expand Up @@ -1946,7 +1946,7 @@ Data type: `String`



Default value: `'kubernetes/containerd/config.toml.erb'`
Default value: `'kubernetes/containerd/config.toml.epp'`

##### <a name="-kubernetes--containerd_socket"></a>`containerd_socket`

Expand Down
4 changes: 2 additions & 2 deletions manifests/init.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
# [*containerd_config_template*]
# The template to use for containerd configuration
# This value is ignored if containerd_config_source is defined
# Default to 'kubernetes/containerd/config.toml.erb'
# Default to 'kubernetes/containerd/config.toml.epp'
#
# [*containerd_config_source*]
# The source of the containerd configuration
Expand Down Expand Up @@ -686,7 +686,7 @@
Optional[String] $containerd_archive_checksum = undef,
String $containerd_source =
"https://github.com/containerd/containerd/releases/download/v${containerd_version}/${containerd_archive}",
String $containerd_config_template = 'kubernetes/containerd/config.toml.erb',
String $containerd_config_template = 'kubernetes/containerd/config.toml.epp',
Variant[Stdlib::Unixpath, String] $containerd_socket = '/run/containerd/containerd.sock',
Optional[String] $containerd_config_source = undef,
Hash $containerd_plugins_registry = {
Expand Down
26 changes: 22 additions & 4 deletions manifests/packages.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@
# Defaults to https://github.com/containerd/containerd/releases/download/v${containerd_version}/${containerd_archive}
# @param containerd_config_template
# The template to use for containerd configuration
# This value is ignored if containerd_config_source is defined. Default to 'kubernetes/containerd/config.toml.erb'
# This value is ignored if containerd_config_source is defined. Default to 'kubernetes/containerd/config.toml.epp'
# @param containerd_config_source
# The source of the containerd configuration
# This value overrides containerd_config_template. Default to undef
Expand Down Expand Up @@ -350,7 +350,13 @@
if $containerd_config_source {
$_containerd_config_content = undef
} else {
$_containerd_config_content = template($containerd_config_template)
$_containerd_config_content = stdlib::deferrable_epp($containerd_config_template, {
'containerd_plugins_registry' => $containerd_plugins_registry,
'containerd_socket' => $containerd_socket,
'containerd_sandbox_image' => $containerd_sandbox_image,
'docker_cgroup_driver' => $docker_cgroup_driver,
'containerd_default_runtime_name' => $containerd_default_runtime_name,
})
}
# Generate using 'containerd config default'
file { '/etc/containerd/config.toml':
Expand Down Expand Up @@ -379,7 +385,13 @@
if $containerd_config_source {
$_containerd_config_content = undef
} else {
$_containerd_config_content = template($containerd_config_template)
$_containerd_config_content = stdlib::deferrable_epp($containerd_config_template, {
'containerd_plugins_registry' => $containerd_plugins_registry,
'containerd_socket' => $containerd_socket,
'containerd_sandbox_image' => $containerd_sandbox_image,
'docker_cgroup_driver' => $docker_cgroup_driver,
'containerd_default_runtime_name' => $containerd_default_runtime_name,
})
}
# Generate using 'containerd config default'
file { '/etc/containerd/config.toml':
Expand Down Expand Up @@ -430,7 +442,13 @@
owner => 'root',
group => 'root',
mode => '0644',
content => template('kubernetes/containerd/config.toml.erb'),
content => stdlib::deferrable_epp('kubernetes/containerd/config.toml.epp', {
'containerd_plugins_registry' => $containerd_plugins_registry,
'containerd_socket' => $containerd_socket,
'containerd_sandbox_image' => $containerd_sandbox_image,
'docker_cgroup_driver' => $docker_cgroup_driver,
'containerd_default_runtime_name' => $containerd_default_runtime_name,
}),
require => [File['/etc/containerd'], Archive[$containerd_archive]],
notify => Service['containerd'],
}
Expand Down
20 changes: 10 additions & 10 deletions spec/classes/packages_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -145,7 +145,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -245,7 +245,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -466,7 +466,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'nvidia',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -549,7 +549,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -648,7 +648,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -753,7 +753,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -835,7 +835,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -930,7 +930,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down Expand Up @@ -1030,7 +1030,7 @@
'containerd_package_name' => 'containerd.io',
'containerd_archive' => 'containerd-1.4.3-linux-amd64.tar.gz',
'containerd_source' => 'https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz',
'containerd_config_template' => 'kubernetes/containerd/config.toml.erb',
'containerd_config_template' => 'kubernetes/containerd/config.toml.epp',
'containerd_default_runtime_name' => 'runc',
'etcd_archive' => 'etcd-v3.1.12-linux-amd64.tar.gz',
'etcd_source' => 'https://github.com/etcd-v3.1.12.tar.gz',
Expand Down
98 changes: 49 additions & 49 deletions templates/containerd/config.toml.erb → templates/containerd/config.toml.epp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ required_plugins = []
oom_score = 0

[grpc]
address = "<%= @containerd_socket -%>"
address = "<%= $containerd_socket -%>"
tcp_address = ""
tcp_tls_cert = ""
tcp_tls_key = ""
Expand Down Expand Up @@ -54,7 +54,7 @@ oom_score = 0
stream_idle_timeout = "4h0m0s"
enable_selinux = false
selinux_category_range = 1024
sandbox_image = "<%= @containerd_sandbox_image %>"
sandbox_image = "<%= $containerd_sandbox_image %>"
stats_collect_period = 10
systemd_cgroup = false
enable_tls_streaming = false
Expand All @@ -70,7 +70,7 @@ oom_score = 0
ignore_image_defined_volumes = false
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
default_runtime_name = "<%= @containerd_default_runtime_name %>"
default_runtime_name = "<%= $containerd_default_runtime_name %>"
no_pivot = false
disable_snapshot_annotations = true
discard_unpacked_layers = false
Expand All @@ -94,10 +94,10 @@ oom_score = 0
privileged_without_host_devices = false
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
<%- if @docker_cgroup_driver == 'systemd' -%>
<% if $docker_cgroup_driver == 'systemd' { -%>
SystemdCgroup = true
<%- end -%>
<%- if @containerd_default_runtime_name == 'nvidia' -%>
<% } -%>
<% if $containerd_default_runtime_name == 'nvidia' { -%>
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia]
runtime_type = "io.containerd.runc.v2"
runtime_engine = ""
Expand All @@ -106,57 +106,57 @@ oom_score = 0
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia.options]
BinaryName = "/usr/bin/nvidia-container-runtime"
<%- end -%>
<% } -%>
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
max_conf_num = 1
conf_template = ""
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
<%- @containerd_plugins_registry.each do |registry, sections| -%>
<%- if sections['mirrors'] and not sections['mirrors'].empty? -%>
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."<%= registry %>"]
<%- if sections['mirrors']['endpoint'] -%>
endpoint = ["<%= sections['mirrors']['endpoint'] %>"]
<%- end -%>
<%- end -%>
<%- end -%>
<% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
<% if $sections['mirrors'] and !$sections['mirrors'].empty { -%>
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."<%= $registry %>"]
<% if $sections['mirrors']['endpoint'] { -%>
endpoint = ["<%= $sections['mirrors']['endpoint'] %>"]
<% } -%>
<% } -%>
<% } -%>
[plugins."io.containerd.grpc.v1.cri".registry.configs]
<%- @containerd_plugins_registry.each do |registry, sections| -%>
<%- if sections['auth'] and not sections['auth'].empty? -%>
[plugins."io.containerd.grpc.v1.cri".registry.configs."<%= registry %>".auth]
<%- if sections['auth']['username'] -%>
username = "<%= sections['auth']['username'] %>"
<%- end -%>
<%- if sections['auth']['password'] -%>
password = "<%= sections['auth']['password'] %>"
<%- end -%>
<%- if sections['auth']['auth'] -%>
auth = "<%= sections['auth']['auth'] %>"
<%- end -%>
<%- if sections['auth']['identitytoken'] -%>
identitytoken = "<%= sections['auth']['identitytoken'] %>"
<%- end -%>
<%- end -%>
<%- end -%>
<%- @containerd_plugins_registry.each do |registry, sections| -%>
<%- if sections['tls'] and not sections['tls'].empty? -%>
[plugins."io.containerd.grpc.v1.cri".registry.configs."<%= registry %>".tls]
<%- if sections['tls']['ca_file'] -%>
ca_file = "<%= sections['tls']['ca_file'] %>"
<%- end -%>
<%- if sections['tls']['cert_file'] -%>
cert_file = "<%= sections['tls']['cert_file'] %>"
<%- end -%>
<%- if sections['tls']['key_file'] -%>
key_file = "<%= sections['tls']['key_file'] %>"
<%- end -%>
<%- if sections['tls']['insecure_skip_verify'] -%>
insecure_skip_verify = <%= sections['tls']['insecure_skip_verify'] %>
<%- end -%>
<%- end -%>
<%- end -%>
<% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
<% if $sections['auth'] and !$sections['auth'].empty { -%>
[plugins."io.containerd.grpc.v1.cri".registry.configs."<%= $registry %>".auth]
<% if $sections['auth']['username'] { -%>
username = "<%= $sections['auth']['username'] %>"
<% } -%>
<% if $sections['auth']['password'] { -%>
password = "<%= $sections['auth']['password'] %>"
<% } -%>
<% if $sections['auth']['auth'] { -%>
auth = "<%= $sections['auth']['auth'] %>"
<% } -%>
<% if $sections['auth']['identitytoken'] { -%>
identitytoken = "<%= $sections['auth']['identitytoken'] %>"
<% } -%>
<% } -%>
<% } -%>
<% $containerd_plugins_registry.map |Any $registry, Any $sections| { -%>
<% if $sections['tls'] and !$sections['tls'].empty { -%>
[plugins."io.containerd.grpc.v1.cri".registry.configs."<%= $registry %>".tls]
<% if $sections['tls']['ca_file'] { -%>
ca_file = "<%= $sections['tls']['ca_file'] %>"
<% } -%>
<% if $sections['tls']['cert_file'] { -%>
cert_file = "<%= $sections['tls']['cert_file'] %>"
<% } -%>
<% if $sections['tls']['key_file'] { -%>
key_file = "<%= $sections['tls']['key_file'] %>"
<% } -%>
<% if $sections['tls']['insecure_skip_verify'] { -%>
insecure_skip_verify = <%= $sections['tls']['insecure_skip_verify'] %>
<% } -%>
<% } -%>
<% } -%>
[plugins."io.containerd.grpc.v1.cri".image_decryption]
key_model = ""
[plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
Expand Down