From 4c82933824a6ddc865978f990beb0e4d6a16b26c Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 19:31:38 +0000 Subject: [PATCH 01/11] change is internal to function Signed-off-by: Austin Abro --- src/cmd/tools/zarf.go | 2 +- src/internal/packager/git/push.go | 2 +- src/pkg/cluster/state.go | 12 +--- src/pkg/cluster/state_test.go | 95 +++++++++++++------------------ src/types/k8s.go | 13 +++-- 5 files changed, 52 insertions(+), 72 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 3f97be20eb..ce857a7a98 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -175,7 +175,7 @@ var updateCredsCmd = &cobra.Command{ message.Warnf(lang.CmdToolsUpdateCredsUnableUpdateRegistry, err.Error()) } } - if slices.Contains(args, message.GitKey) && newState.GitServer.InternalServer { + if slices.Contains(args, message.GitKey) && newState.GitServer.IsInternal() { g := git.New(newState.GitServer) err = g.UpdateZarfGiteaUsers(ctx, oldState) if err != nil { diff --git a/src/internal/packager/git/push.go b/src/internal/packager/git/push.go index 494ee40db6..61abce204f 100644 --- a/src/internal/packager/git/push.go +++ b/src/internal/packager/git/push.go @@ -54,7 +54,7 @@ func (g *Git) PushRepo(srcURL, targetFolder string) error { } // Add the read-only user to this repo - if g.Server.InternalServer { + if g.Server.IsInternal() { // Get the upstream URL remote, err := repo.Remote(onlineRemoteName) if err != nil { diff --git a/src/pkg/cluster/state.go b/src/pkg/cluster/state.go index bdc14e5989..39d4c7281b 100644 --- a/src/pkg/cluster/state.go +++ b/src/pkg/cluster/state.go @@ -329,21 +329,13 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions // TODO: Replace use of reflections with explicit setting newState.GitServer = helpers.MergeNonZero(newState.GitServer, initOptions.GitServer) - // Set the state of the internal git server if it has changed - // TODO: Internal server should be a function of the address and not a property. - if newState.GitServer.Address == types.ZarfInClusterGitServiceURL { - newState.GitServer.InternalServer = true - } else { - newState.GitServer.InternalServer = false - } - // Set the new passwords if they should be autogenerated - if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.InternalServer { + if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.IsInternal() { if newState.GitServer.PushPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } } - if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && oldState.GitServer.InternalServer { + if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && oldState.GitServer.IsInternal() { if newState.GitServer.PullPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } diff --git a/src/pkg/cluster/state_test.go b/src/pkg/cluster/state_test.go index cf52d195dc..6848bcbd94 100644 --- a/src/pkg/cluster/state_test.go +++ b/src/pkg/cluster/state_test.go @@ -299,51 +299,46 @@ func TestMergeZarfStateGit(t *testing.T) { { name: "internal server auto generate", oldGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - InternalServer: true, + Address: types.ZarfInClusterGitServiceURL, }, expectedGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - InternalServer: true, + Address: types.ZarfInClusterGitServiceURL, }, }, { name: "external server", oldGitServer: types.GitServerInfo{ - Address: "example.com", - InternalServer: false, - PushPassword: "push", - PullPassword: "pull", + Address: "example.com", + + PushPassword: "push", + PullPassword: "pull", }, expectedGitServer: types.GitServerInfo{ - Address: "example.com", - InternalServer: false, - PushPassword: "push", - PullPassword: "pull", + Address: "example.com", + + PushPassword: "push", + PullPassword: "pull", }, }, { name: "init options merged", initGitServer: types.GitServerInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - InternalServer: false, + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", }, expectedGitServer: types.GitServerInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - InternalServer: false, + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", }, }, { name: "empty init options not merged", expectedGitServer: types.GitServerInfo{ - PushUsername: "", - PullUsername: "", - Address: "", - InternalServer: false, + PushUsername: "", + PullUsername: "", + Address: "", }, }, } @@ -360,7 +355,6 @@ func TestMergeZarfStateGit(t *testing.T) { require.Equal(t, tt.expectedGitServer.PushUsername, newState.GitServer.PushUsername) require.Equal(t, tt.expectedGitServer.PullUsername, newState.GitServer.PullUsername) require.Equal(t, tt.expectedGitServer.Address, newState.GitServer.Address) - require.Equal(t, tt.expectedGitServer.InternalServer, newState.GitServer.InternalServer) }) } } @@ -386,14 +380,12 @@ func TestMergeZarfStateArtifact(t *testing.T) { { name: "old state is internal server auto generate push token", oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "foobar", + Address: types.ZarfInClusterArtifactServiceURL, }, expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "", + Address: types.ZarfInClusterArtifactServiceURL, }, }, { @@ -402,51 +394,44 @@ func TestMergeZarfStateArtifact(t *testing.T) { PushToken: "hello world", }, oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: false, + PushToken: "foobar", + Address: types.ZarfInClusterArtifactServiceURL, }, expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "hello world", - Address: types.ZarfInClusterArtifactServiceURL, - InternalServer: true, + PushToken: "hello world", + Address: types.ZarfInClusterArtifactServiceURL, }, }, { name: "external server same push token", oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", - InternalServer: false, + PushToken: "foobar", + Address: "http://example.com", }, expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", - InternalServer: false, + PushToken: "foobar", + Address: "http://example.com", }, }, { name: "init options merged", initArtifactServer: types.ArtifactServerInfo{ - PushUsername: "user", - PushToken: "token", - Address: "address", - InternalServer: false, + PushUsername: "user", + PushToken: "token", + Address: "address", }, expectedArtifactServer: types.ArtifactServerInfo{ - PushUsername: "user", - PushToken: "token", - Address: "address", - InternalServer: false, + PushUsername: "user", + PushToken: "token", + Address: "address", }, }, { name: "empty init options not merged", expectedArtifactServer: types.ArtifactServerInfo{ - PushUsername: "", - PushToken: "", - Address: "", - InternalServer: false, + PushUsername: "", + PushToken: "", + Address: "", }, }, } diff --git a/src/types/k8s.go b/src/types/k8s.go index a8f61856ce..dae9499c58 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -110,8 +110,12 @@ type GitServerInfo struct { PullUsername string `json:"pullUsername" jsonschema:"description=Username of a user with pull-only access to the git repository. If not provided for an external repository then the push-user is used"` PullPassword string `json:"pullPassword" jsonschema:"description=Password of a user with pull-only access to the git repository. If not provided for an external repository then the push-user is used"` - Address string `json:"address" jsonschema:"description=URL address of the git server"` - InternalServer bool `json:"internalServer" jsonschema:"description=Indicates if we are using a git server that Zarf is directly managing"` + Address string `json:"address" jsonschema:"description=URL address of the git server"` +} + +// IsInternal returns true if the git server is the Zarf git service deployed by the init package +func (gs GitServerInfo) IsInternal() bool { + return gs.Address == ZarfInClusterGitServiceURL } // FillInEmptyValues sets every necessary value that's currently empty to a reasonable default @@ -120,7 +124,6 @@ func (gs *GitServerInfo) FillInEmptyValues() error { // Set default svc url if an external repository was not provided if gs.Address == "" { gs.Address = ZarfInClusterGitServiceURL - gs.InternalServer = true } // Generate a push-user password if not provided by init flag @@ -132,14 +135,14 @@ func (gs *GitServerInfo) FillInEmptyValues() error { // Set read-user information if using an internal repository, otherwise copy from the push-user if gs.PullUsername == "" { - if gs.InternalServer { + if gs.IsInternal() { gs.PullUsername = ZarfGitReadUser } else { gs.PullUsername = gs.PushUsername } } if gs.PullPassword == "" { - if gs.InternalServer { + if gs.IsInternal() { if gs.PullPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { return fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } From 872a8bd289733bf6da6cb52f72dc7fdcfb49b7c8 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 19:35:01 +0000 Subject: [PATCH 02/11] comment Signed-off-by: Austin Abro --- src/types/k8s.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/types/k8s.go b/src/types/k8s.go index dae9499c58..002fe0be90 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -113,7 +113,7 @@ type GitServerInfo struct { Address string `json:"address" jsonschema:"description=URL address of the git server"` } -// IsInternal returns true if the git server is the Zarf git service deployed by the init package +// IsInternal returns true if the git server has the Zarf init package git server URL func (gs GitServerInfo) IsInternal() bool { return gs.Address == ZarfInClusterGitServiceURL } From 2ca2a78df511322b5998286674d5ec87195208e7 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 19:35:42 +0000 Subject: [PATCH 03/11] whitespace Signed-off-by: Austin Abro --- src/types/k8s.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/types/k8s.go b/src/types/k8s.go index 002fe0be90..e6a08d6603 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -109,8 +109,7 @@ type GitServerInfo struct { PushPassword string `json:"pushPassword" jsonschema:"description=Password of a user with push access to the git repository"` PullUsername string `json:"pullUsername" jsonschema:"description=Username of a user with pull-only access to the git repository. If not provided for an external repository then the push-user is used"` PullPassword string `json:"pullPassword" jsonschema:"description=Password of a user with pull-only access to the git repository. If not provided for an external repository then the push-user is used"` - - Address string `json:"address" jsonschema:"description=URL address of the git server"` + Address string `json:"address" jsonschema:"description=URL address of the git server"` } // IsInternal returns true if the git server has the Zarf init package git server URL From 7d544e2a7f83327d43a93b29f78b80e4e1834260 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 20:04:22 +0000 Subject: [PATCH 04/11] more functions Signed-off-by: Austin Abro --- src/cmd/internal.go | 2 +- src/cmd/tools/zarf.go | 4 +- src/internal/agent/hooks/flux-helmrepo.go | 2 +- src/internal/agent/hooks/flux-ocirepo.go | 2 +- src/internal/packager/template/template.go | 2 +- src/pkg/cluster/state.go | 21 +----- src/pkg/cluster/state_test.go | 84 +++++++--------------- src/pkg/cluster/tunnel.go | 2 +- src/pkg/message/credentials.go | 2 +- src/pkg/packager/deploy.go | 2 +- src/types/k8s.go | 33 +++++---- 11 files changed, 54 insertions(+), 102 deletions(-) diff --git a/src/cmd/internal.go b/src/cmd/internal.go index 7ff0315356..3877e729be 100644 --- a/src/cmd/internal.go +++ b/src/cmd/internal.go @@ -236,7 +236,7 @@ var createPackageRegistryToken = &cobra.Command{ } // If we are setup to use an internal artifact server, create the artifact registry token - if state.ArtifactServer.InternalServer { + if state.ArtifactServer.IsInternal() { token, err := git.New(state.GitServer).CreatePackageRegistryToken(ctx) if err != nil { message.WarnErr(err, lang.CmdInternalArtifactRegistryGiteaTokenErr) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index ce857a7a98..eb2938e0d0 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -148,7 +148,7 @@ var updateCredsCmd = &cobra.Command{ } // Update artifact token (if internal) - if slices.Contains(args, message.ArtifactKey) && newState.ArtifactServer.PushToken == "" && newState.ArtifactServer.InternalServer { + if slices.Contains(args, message.ArtifactKey) && newState.ArtifactServer.PushToken == "" && newState.ArtifactServer.IsInternal() { g := git.New(oldState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken(ctx) if err != nil { @@ -168,7 +168,7 @@ var updateCredsCmd = &cobra.Command{ // Update Zarf 'init' component Helm releases if present h := helm.NewClusterOnly(&types.PackagerConfig{}, template.GetZarfVariableConfig(), newState, c) - if slices.Contains(args, message.RegistryKey) && newState.RegistryInfo.InternalRegistry { + if slices.Contains(args, message.RegistryKey) && newState.RegistryInfo.IsInternal() { err = h.UpdateZarfRegistryValues(ctx) if err != nil { // Warn if we couldn't actually update the registry (it might not be installed and we should try to continue) diff --git a/src/internal/agent/hooks/flux-helmrepo.go b/src/internal/agent/hooks/flux-helmrepo.go index c053bb669b..bcd63558f3 100644 --- a/src/internal/agent/hooks/flux-helmrepo.go +++ b/src/internal/agent/hooks/flux-helmrepo.go @@ -80,7 +80,7 @@ func mutateHelmRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluste message.Debugf("original HelmRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) - patches := populateHelmRepoPatchOperations(patchedURL, zarfState.RegistryInfo.InternalRegistry) + patches := populateHelmRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal()) patches = append(patches, getLabelPatch(src.Labels)) diff --git a/src/internal/agent/hooks/flux-ocirepo.go b/src/internal/agent/hooks/flux-ocirepo.go index 021a0a619d..96ef3c90f5 100644 --- a/src/internal/agent/hooks/flux-ocirepo.go +++ b/src/internal/agent/hooks/flux-ocirepo.go @@ -99,7 +99,7 @@ func mutateOCIRepo(ctx context.Context, r *v1.AdmissionRequest, cluster *cluster message.Debugf("original OCIRepo URL of (%s) got mutated to (%s)", src.Spec.URL, patchedURL) - patches := populateOCIRepoPatchOperations(patchedURL, zarfState.RegistryInfo.InternalRegistry, patchedRef) + patches := populateOCIRepoPatchOperations(patchedURL, zarfState.RegistryInfo.IsInternal(), patchedRef) patches = append(patches, getLabelPatch(src.Labels)) return &operations.Result{ diff --git a/src/internal/packager/template/template.go b/src/internal/packager/template/template.go index 70f7808cc2..645982865e 100644 --- a/src/internal/packager/template/template.go +++ b/src/internal/packager/template/template.go @@ -107,7 +107,7 @@ func GetZarfTemplates(componentName string, state *types.ZarfState) (templateMap // generateHtpasswd returns an htpasswd string for the current state's RegistryInfo. func generateHtpasswd(regInfo *types.RegistryInfo) (string, error) { // Only calculate this for internal registries to allow longer external passwords - if regInfo.InternalRegistry { + if regInfo.IsInternal() { pushUser, err := utils.GetHtpasswdString(regInfo.PushUsername, regInfo.PushPassword) if err != nil { return "", fmt.Errorf("error generating htpasswd string: %w", err) diff --git a/src/pkg/cluster/state.go b/src/pkg/cluster/state.go index 39d4c7281b..49aefb951a 100644 --- a/src/pkg/cluster/state.go +++ b/src/pkg/cluster/state.go @@ -305,21 +305,14 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions if slices.Contains(services, message.RegistryKey) { // TODO: Replace use of reflections with explicit setting newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, initOptions.RegistryInfo) - // Set the state of the internal registry if it has changed - // TODO: Internal registry should be a function of the address and not a property. - if newState.RegistryInfo.Address == fmt.Sprintf("%s:%d", helpers.IPV4Localhost, newState.RegistryInfo.NodePort) { - newState.RegistryInfo.InternalRegistry = true - } else { - newState.RegistryInfo.InternalRegistry = false - } // Set the new passwords if they should be autogenerated - if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.InternalRegistry { + if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.IsInternal() { if newState.RegistryInfo.PushPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } } - if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && oldState.RegistryInfo.InternalRegistry { + if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && oldState.RegistryInfo.IsInternal() { if newState.RegistryInfo.PullPassword, err = helpers.RandomString(types.ZarfGeneratedPasswordLen); err != nil { return nil, fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } @@ -345,16 +338,8 @@ func MergeZarfState(oldState *types.ZarfState, initOptions types.ZarfInitOptions // TODO: Replace use of reflections with explicit setting newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, initOptions.ArtifactServer) - // Set the state of the internal artifact server if it has changed - // TODO: Internal server should be a function of the address and not a property. - if newState.ArtifactServer.Address == types.ZarfInClusterArtifactServiceURL { - newState.ArtifactServer.InternalServer = true - } else { - newState.ArtifactServer.InternalServer = false - } - // Set an empty token if it should be autogenerated - if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && oldState.ArtifactServer.InternalServer { + if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && oldState.ArtifactServer.IsInternal() { newState.ArtifactServer.PushToken = "" } } diff --git a/src/pkg/cluster/state_test.go b/src/pkg/cluster/state_test.go index 6848bcbd94..7434d034b0 100644 --- a/src/pkg/cluster/state_test.go +++ b/src/pkg/cluster/state_test.go @@ -199,59 +199,52 @@ func TestMergeZarfStateRegistry(t *testing.T) { { name: "internal server auto generate", oldRegistry: types.RegistryInfo{ - Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), - NodePort: 1, - InternalRegistry: true, + Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), + NodePort: 1, }, expectedRegistry: types.RegistryInfo{ - Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), - NodePort: 1, - InternalRegistry: true, + Address: fmt.Sprintf("%s:%d", helpers.IPV4Localhost, 1), + NodePort: 1, }, }, { name: "external server", oldRegistry: types.RegistryInfo{ - Address: "example.com", - InternalRegistry: false, - PushPassword: "push", - PullPassword: "pull", + Address: "example.com", + PushPassword: "push", + PullPassword: "pull", }, expectedRegistry: types.RegistryInfo{ - Address: "example.com", - InternalRegistry: false, - PushPassword: "push", - PullPassword: "pull", + Address: "example.com", + PushPassword: "push", + PullPassword: "pull", }, }, { name: "init options merged", initRegistry: types.RegistryInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - NodePort: 1, - InternalRegistry: false, - Secret: "secret", + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", + NodePort: 1, + Secret: "secret", }, expectedRegistry: types.RegistryInfo{ - PushUsername: "push-user", - PullUsername: "pull-user", - Address: "address", - NodePort: 1, - InternalRegistry: false, - Secret: "secret", + PushUsername: "push-user", + PullUsername: "pull-user", + Address: "address", + NodePort: 1, + Secret: "secret", }, }, { name: "init options not merged", expectedRegistry: types.RegistryInfo{ - PushUsername: "", - PullUsername: "", - Address: "", - NodePort: 0, - InternalRegistry: false, - Secret: "", + PushUsername: "", + PullUsername: "", + Address: "", + NodePort: 0, + Secret: "", }, }, } @@ -269,7 +262,6 @@ func TestMergeZarfStateRegistry(t *testing.T) { require.Equal(t, tt.expectedRegistry.PullUsername, newState.RegistryInfo.PullUsername) require.Equal(t, tt.expectedRegistry.Address, newState.RegistryInfo.Address) require.Equal(t, tt.expectedRegistry.NodePort, newState.RegistryInfo.NodePort) - require.Equal(t, tt.expectedRegistry.InternalRegistry, newState.RegistryInfo.InternalRegistry) require.Equal(t, tt.expectedRegistry.Secret, newState.RegistryInfo.Secret) }) } @@ -296,30 +288,6 @@ func TestMergeZarfStateGit(t *testing.T) { PullUsername: "pull-user", }, }, - { - name: "internal server auto generate", - oldGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - }, - expectedGitServer: types.GitServerInfo{ - Address: types.ZarfInClusterGitServiceURL, - }, - }, - { - name: "external server", - oldGitServer: types.GitServerInfo{ - Address: "example.com", - - PushPassword: "push", - PullPassword: "pull", - }, - expectedGitServer: types.GitServerInfo{ - Address: "example.com", - - PushPassword: "push", - PullPassword: "pull", - }, - }, { name: "init options merged", initGitServer: types.GitServerInfo{ @@ -378,7 +346,7 @@ func TestMergeZarfStateArtifact(t *testing.T) { }, }, { - name: "old state is internal server auto generate push token", + name: "old state auto generate push token", oldArtifactServer: types.ArtifactServerInfo{ PushToken: "foobar", Address: types.ZarfInClusterArtifactServiceURL, diff --git a/src/pkg/cluster/tunnel.go b/src/pkg/cluster/tunnel.go index 719d81e008..5bfab1fd3e 100644 --- a/src/pkg/cluster/tunnel.go +++ b/src/pkg/cluster/tunnel.go @@ -149,7 +149,7 @@ func (c *Cluster) ConnectToZarfRegistryEndpoint(ctx context.Context, registryInf var err error var tunnel *Tunnel - if registryInfo.InternalRegistry { + if registryInfo.IsInternal() { // Establish a registry tunnel to send the images to the zarf registry if tunnel, err = c.NewTunnel(ZarfNamespaceName, SvcResource, ZarfRegistryName, "", 0, ZarfRegistryPort); err != nil { return "", tunnel, err diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index 34134e6484..a0fc97537c 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -35,7 +35,7 @@ func PrintCredentialTable(state *types.ZarfState, componentsToDeploy []types.Dep } loginData := [][]string{} - if state.RegistryInfo.InternalRegistry { + if state.RegistryInfo.IsInternal() { loginData = append(loginData, []string{"Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry", RegistryKey}, []string{"Registry (read-only)", state.RegistryInfo.PullUsername, state.RegistryInfo.PullPassword, "zarf connect registry", RegistryReadKey}, diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go index 735a0b69db..7177db7f45 100644 --- a/src/pkg/packager/deploy.go +++ b/src/pkg/packager/deploy.go @@ -307,7 +307,7 @@ func (p *Packager) deployComponent(ctx context.Context, component types.ZarfComp } // Disable the registry HPA scale down if we are deploying images and it is not already disabled - if hasImages && !p.hpaModified && p.state.RegistryInfo.InternalRegistry { + if hasImages && !p.hpaModified && p.state.RegistryInfo.IsInternal() { if err := p.cluster.DisableRegHPAScaleDown(ctx); err != nil { message.Debugf("unable to disable the registry HPA scale down: %s", err.Error()) } else { diff --git a/src/types/k8s.go b/src/types/k8s.go index e6a08d6603..0caa868209 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -112,7 +112,7 @@ type GitServerInfo struct { Address string `json:"address" jsonschema:"description=URL address of the git server"` } -// IsInternal returns true if the git server has the Zarf init package git server URL +// IsInternal returns true if the git server URL is equivalent to a git server deployed through the default init package func (gs GitServerInfo) IsInternal() bool { return gs.Address == ZarfInClusterGitServiceURL } @@ -158,8 +158,12 @@ type ArtifactServerInfo struct { PushUsername string `json:"pushUsername" jsonschema:"description=Username of a user with push access to the artifact registry"` PushToken string `json:"pushPassword" jsonschema:"description=Password of a user with push access to the artifact registry"` - Address string `json:"address" jsonschema:"description=URL address of the artifact registry"` - InternalServer bool `json:"internalServer" jsonschema:"description=Indicates if we are using a artifact registry that Zarf is directly managing"` + Address string `json:"address" jsonschema:"description=URL address of the artifact registry"` +} + +// IsInternal returns true if the artifact server URL is equivalent to the artifact server deployed through the default init package +func (as ArtifactServerInfo) IsInternal() bool { + return as.Address == ZarfInClusterArtifactServiceURL } // FillInEmptyValues sets every necessary value that's currently empty to a reasonable default @@ -167,7 +171,6 @@ func (as *ArtifactServerInfo) FillInEmptyValues() { // Set default svc url if an external registry was not provided if as.Address == "" { as.Address = ZarfInClusterArtifactServiceURL - as.InternalServer = true } // Set the push username to the git push user if not specified @@ -182,12 +185,14 @@ type RegistryInfo struct { PushPassword string `json:"pushPassword" jsonschema:"description=Password of a user with push access to the registry"` PullUsername string `json:"pullUsername" jsonschema:"description=Username of a user with pull-only access to the registry. If not provided for an external registry than the push-user is used"` PullPassword string `json:"pullPassword" jsonschema:"description=Password of a user with pull-only access to the registry. If not provided for an external registry than the push-user is used"` + Address string `json:"address" jsonschema:"description=URL address of the registry"` + NodePort int `json:"nodePort" jsonschema:"description=Nodeport of the registry. Only needed if the registry is running inside the kubernetes cluster"` + Secret string `json:"secret" jsonschema:"description=Secret value that the registry was seeded with"` +} - Address string `json:"address" jsonschema:"description=URL address of the registry"` - NodePort int `json:"nodePort" jsonschema:"description=Nodeport of the registry. Only needed if the registry is running inside the kubernetes cluster"` - InternalRegistry bool `json:"internalRegistry" jsonschema:"description=Indicates if we are using a registry that Zarf is directly managing"` - - Secret string `json:"secret" jsonschema:"description=Secret value that the registry was seeded with"` +// IsInternal returns true if the registry URL is equivalent to the registry deployed through the default init package +func (ri RegistryInfo) IsInternal() bool { + return ri.Address == fmt.Sprintf("%s:%d", helpers.IPV4Localhost, ri.NodePort) } // FillInEmptyValues sets every necessary value not already set to a reasonable default @@ -198,12 +203,6 @@ func (ri *RegistryInfo) FillInEmptyValues() error { ri.NodePort = ZarfInClusterContainerRegistryNodePort } - // Set default url if an external registry was not provided - if ri.Address == "" { - ri.InternalRegistry = true - ri.Address = fmt.Sprintf("%s:%d", helpers.IPV4Localhost, ri.NodePort) - } - // Generate a push-user password if not provided by init flag if ri.PushPassword == "" { if ri.PushPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { @@ -213,7 +212,7 @@ func (ri *RegistryInfo) FillInEmptyValues() error { // Set pull-username if not provided by init flag if ri.PullUsername == "" { - if ri.InternalRegistry { + if ri.IsInternal() { ri.PullUsername = ZarfRegistryPullUser } else { // If this is an external registry and a pull-user wasn't provided, use the same credentials as the push user @@ -221,7 +220,7 @@ func (ri *RegistryInfo) FillInEmptyValues() error { } } if ri.PullPassword == "" { - if ri.InternalRegistry { + if ri.IsInternal() { if ri.PullPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { return fmt.Errorf("%s: %w", lang.ErrUnableToGenerateRandomSecret, err) } From 4de95c50b1073d3b017af326849ee9d6198bbc5b Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 20:17:15 +0000 Subject: [PATCH 05/11] improve tests Signed-off-by: Austin Abro --- src/pkg/cluster/state_test.go | 50 +++++++++++++++++++---------------- 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/src/pkg/cluster/state_test.go b/src/pkg/cluster/state_test.go index 7434d034b0..8664c152e6 100644 --- a/src/pkg/cluster/state_test.go +++ b/src/pkg/cluster/state_test.go @@ -208,20 +208,14 @@ func TestMergeZarfStateRegistry(t *testing.T) { }, }, { - name: "external server", + name: "init options merged", oldRegistry: types.RegistryInfo{ - Address: "example.com", - PushPassword: "push", - PullPassword: "pull", - }, - expectedRegistry: types.RegistryInfo{ - Address: "example.com", - PushPassword: "push", - PullPassword: "pull", + PushUsername: "doesn't matter", + PullUsername: "doesn't matter", + Address: "doesn't matter", + NodePort: 0, + Secret: "doesn't matter", }, - }, - { - name: "init options merged", initRegistry: types.RegistryInfo{ PushUsername: "push-user", PullUsername: "pull-user", @@ -278,18 +272,34 @@ func TestMergeZarfStateGit(t *testing.T) { expectedGitServer types.GitServerInfo }{ { - name: "username is unmodified", + name: "address and usernames are unmodified", oldGitServer: types.GitServerInfo{ + Address: "address", PushUsername: "push-user", PullUsername: "pull-user", }, expectedGitServer: types.GitServerInfo{ + Address: "address", PushUsername: "push-user", PullUsername: "pull-user", }, }, + { + name: "internal server auto generate", + oldGitServer: types.GitServerInfo{ + Address: types.ZarfInClusterGitServiceURL, + }, + expectedGitServer: types.GitServerInfo{ + Address: types.ZarfInClusterGitServiceURL, + }, + }, { name: "init options merged", + oldGitServer: types.GitServerInfo{ + Address: "doesn't matter", + PushUsername: "doesn't matter", + PullUsername: "doesn't matter", + }, initGitServer: types.GitServerInfo{ PushUsername: "push-user", PullUsername: "pull-user", @@ -371,18 +381,12 @@ func TestMergeZarfStateArtifact(t *testing.T) { }, }, { - name: "external server same push token", + name: "init options merged", oldArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", + PushUsername: "doesn't matter", + PushToken: "doesn't matter", + Address: "doesn't matter", }, - expectedArtifactServer: types.ArtifactServerInfo{ - PushToken: "foobar", - Address: "http://example.com", - }, - }, - { - name: "init options merged", initArtifactServer: types.ArtifactServerInfo{ PushUsername: "user", PushToken: "token", From a133fc7da21c6fdc1046ec2567874e789b317f18 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 20:21:42 +0000 Subject: [PATCH 06/11] fix Signed-off-by: Austin Abro --- src/types/k8s.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/types/k8s.go b/src/types/k8s.go index 0caa868209..9782836cc1 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -203,6 +203,11 @@ func (ri *RegistryInfo) FillInEmptyValues() error { ri.NodePort = ZarfInClusterContainerRegistryNodePort } + // Set default url if an external registry was not provided + if ri.Address == "" { + ri.Address = fmt.Sprintf("%s:%d", helpers.IPV4Localhost, ri.NodePort) + } + // Generate a push-user password if not provided by init flag if ri.PushPassword == "" { if ri.PushPassword, err = helpers.RandomString(ZarfGeneratedPasswordLen); err != nil { From 91c80b6ec6e5799b69b6a75e7357b5e796300b98 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 25 Jul 2024 20:23:24 +0000 Subject: [PATCH 07/11] wording Signed-off-by: Austin Abro --- src/pkg/cluster/state_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pkg/cluster/state_test.go b/src/pkg/cluster/state_test.go index 8664c152e6..fd3497cc7f 100644 --- a/src/pkg/cluster/state_test.go +++ b/src/pkg/cluster/state_test.go @@ -356,7 +356,7 @@ func TestMergeZarfStateArtifact(t *testing.T) { }, }, { - name: "old state auto generate push token", + name: "old state is internal server auto generate push token", oldArtifactServer: types.ArtifactServerInfo{ PushToken: "foobar", Address: types.ZarfInClusterArtifactServiceURL, From ae721db52044eb773f08d97310813980d8a9e04f Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 1 Aug 2024 19:33:05 +0000 Subject: [PATCH 08/11] remove isinternal variables Signed-off-by: Austin Abro --- src/types/k8s.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/types/k8s.go b/src/types/k8s.go index 2554cc2af7..490c262139 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -134,8 +134,6 @@ type GitServerInfo struct { PullPassword string `json:"pullPassword"` // URL address of the git server Address string `json:"address"` - // Indicates if we are using a git server that Zarf is directly managing - InternalServer bool `json:"internalServer"` } // IsInternal returns true if the git server URL is equivalent to a git server deployed through the default init package @@ -187,8 +185,6 @@ type ArtifactServerInfo struct { PushToken string `json:"pushPassword"` // URL address of the artifact registry Address string `json:"address"` - // Indicates if we are using a artifact registry that Zarf is directly managing - InternalServer bool `json:"internalServer"` } // IsInternal returns true if the artifact server URL is equivalent to the artifact server deployed through the default init package @@ -223,8 +219,6 @@ type RegistryInfo struct { Address string `json:"address"` // Nodeport of the registry. Only needed if the registry is running inside the kubernetes cluster NodePort int `json:"nodePort"` - // Indicates if we are using a registry that Zarf is directly managing - InternalRegistry bool `json:"internalRegistry"` // Secret value that the registry was seeded with Secret string `json:"secret"` } From 3379a5bff4631e55cbc2cf9604b06c9024bc0188 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 1 Aug 2024 21:09:13 +0000 Subject: [PATCH 09/11] only set nodeport if the registry is internal Signed-off-by: Austin Abro --- src/types/k8s.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/types/k8s.go b/src/types/k8s.go index 490c262139..6277a0f7d7 100644 --- a/src/types/k8s.go +++ b/src/types/k8s.go @@ -231,8 +231,8 @@ func (ri RegistryInfo) IsInternal() bool { // FillInEmptyValues sets every necessary value not already set to a reasonable default func (ri *RegistryInfo) FillInEmptyValues() error { var err error - // Set default NodePort if none was provided - if ri.NodePort == 0 { + // Set default NodePort if none was provided and the registry is internal + if ri.NodePort == 0 && ri.Address == "" { ri.NodePort = ZarfInClusterContainerRegistryNodePort } From fc160b08f52d93f8de12070519e254110c68a53d Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Thu, 1 Aug 2024 21:28:40 +0000 Subject: [PATCH 10/11] update flux version Signed-off-by: Austin Abro --- examples/podinfo-flux/git/podinfo-kustomization.yaml | 2 +- examples/podinfo-flux/git/podinfo-source.yaml | 2 +- src/test/external/docker-compose.yml | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/examples/podinfo-flux/git/podinfo-kustomization.yaml b/examples/podinfo-flux/git/podinfo-kustomization.yaml index bc8d5d50ef..aa251f98ce 100644 --- a/examples/podinfo-flux/git/podinfo-kustomization.yaml +++ b/examples/podinfo-flux/git/podinfo-kustomization.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: name: podinfo-git diff --git a/examples/podinfo-flux/git/podinfo-source.yaml b/examples/podinfo-flux/git/podinfo-source.yaml index 3b6351955c..937ebb4e5e 100644 --- a/examples/podinfo-flux/git/podinfo-source.yaml +++ b/examples/podinfo-flux/git/podinfo-source.yaml @@ -1,5 +1,5 @@ --- -apiVersion: source.toolkit.fluxcd.io/v1beta2 +apiVersion: source.toolkit.fluxcd.io/v1 kind: GitRepository metadata: name: podinfo diff --git a/src/test/external/docker-compose.yml b/src/test/external/docker-compose.yml index 401476653b..7e180fdbab 100644 --- a/src/test/external/docker-compose.yml +++ b/src/test/external/docker-compose.yml @@ -1,5 +1,3 @@ -version: "3" - services: server: image: gitea/gitea:1.18.1 From bdbaf496b1c5d924fad6629c4122c6f8ab8932a6 Mon Sep 17 00:00:00 2001 From: Austin Abro Date: Fri, 2 Aug 2024 12:38:40 +0000 Subject: [PATCH 11/11] remove non relevant changes Signed-off-by: Austin Abro --- examples/podinfo-flux/git/podinfo-kustomization.yaml | 2 +- examples/podinfo-flux/git/podinfo-source.yaml | 2 +- src/test/external/docker-compose.yml | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/podinfo-flux/git/podinfo-kustomization.yaml b/examples/podinfo-flux/git/podinfo-kustomization.yaml index aa251f98ce..bc8d5d50ef 100644 --- a/examples/podinfo-flux/git/podinfo-kustomization.yaml +++ b/examples/podinfo-flux/git/podinfo-kustomization.yaml @@ -1,5 +1,5 @@ --- -apiVersion: kustomize.toolkit.fluxcd.io/v1 +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 kind: Kustomization metadata: name: podinfo-git diff --git a/examples/podinfo-flux/git/podinfo-source.yaml b/examples/podinfo-flux/git/podinfo-source.yaml index 937ebb4e5e..3b6351955c 100644 --- a/examples/podinfo-flux/git/podinfo-source.yaml +++ b/examples/podinfo-flux/git/podinfo-source.yaml @@ -1,5 +1,5 @@ --- -apiVersion: source.toolkit.fluxcd.io/v1 +apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: GitRepository metadata: name: podinfo diff --git a/src/test/external/docker-compose.yml b/src/test/external/docker-compose.yml index 7e180fdbab..401476653b 100644 --- a/src/test/external/docker-compose.yml +++ b/src/test/external/docker-compose.yml @@ -1,3 +1,5 @@ +version: "3" + services: server: image: gitea/gitea:1.18.1