diff --git a/README.md b/README.md index 4b8d51c0f..637b535f8 100644 --- a/README.md +++ b/README.md @@ -321,24 +321,25 @@ That is, if you pass a param via CLI, for example, it will overwrite the corresp ###### Registry -| CLI | Config | Default | Type | Description | -|-----|--------|---------|------|-------------| -| `--registry` | `registry.active` | `false` | Boolean | Installs a simple cluster-local registry for demonstration purposes. Warning: Registry does not provide authentication! | -| `--internal-registry-port` | `registry.internalPort` | `30000` | Integer | Port of registry registry. Ignored when a registry*url params are set | -| `--registry-url` | `registry.url` | `''` | String | The url of your external registry, used for pushing images | -| `--registry-path` | `registry.path` | `''` | String | Optional when registry-url is set | -| `--registry-username` | `registry.username` | `''` | String | Optional when registry-url is set | -| `--registry-password` | `registry.password` | `''` | String | Optional when registry-url is set | -| `--registry-proxy-url` | `registry.proxyUrl` | `''` | String | The url of your proxy-registry. Used in pipelines to authorize pull base images | -| `--registry-proxy-username` | `registry.proxyUsername` | `''` | String | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets | -| `--registry-proxy-password` | `registry.proxyPassword` | `''` | String | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets | -| `--registry-username-read-only` | `registry.readOnlyUsername` | `''` | String | Optional alternative username for registry-url with read-only permissions | -| `--registry-password-read-only` | `registry.readOnlyPassword` | `''` | String | Optional alternative password for registry-url with read-only permissions | -| `--create-image-pull-secrets` | `registry.createImagePullSecrets` | `false` | Boolean | Create image pull secrets for registry and proxy-registry for all GOP namespaces | -| - | `registry.helm.chart` | `'docker-registry'` | String | Name of the Helm chart | -| - | `registry.helm.repoURL` | `'https://helm.twun.io'` | String | Repository url from which the Helm chart should be obtained | -| - | `registry.helm.version` | `'2.2.3'` | String | The version of the Helm chart to be installed | -| - | `registry.helm.values` | `[:]` | Map | Helm values of the chart | +| CLI | Config | Default | Type | Description | +|---------------------------------|-----------------------------------|---------|------|-------------| +| `--registry` | `registry.active` | `false` | Boolean | Installs a simple cluster-local registry for demonstration purposes. Warning: Registry does not provide authentication! | +| `--internal-registry-port` | `registry.internalPort` | `30000` | Integer | Port of registry registry. Ignored when a registry*url params are set | +| `--registry-url` | `registry.url` | `''` | String | The url of your external registry, used for pushing images | +| `--registry-path` | `registry.path` | `''` | String | Optional when registry-url is set | +| `--registry-username` | `registry.username` | `''` | String | Optional when registry-url is set | +| `--registry-password` | `registry.password` | `''` | String | Optional when registry-url is set | +| `--registry-proxy-url` | `registry.proxyUrl` | `''` | String | The url of your proxy-registry. Used in pipelines to authorize pull base images | +| `--registry-proxy-path` | `registry.proxyPath` | `''` | String | Optional when registry-proxy-url is set and the registry is running on a non root web path. | +| `--registry-proxy-username` | `registry.proxyUsername` | `''` | String | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets | +| `--registry-proxy-password` | `registry.proxyPassword` | `''` | String | Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets | +| `--registry-username-read-only` | `registry.readOnlyUsername` | `''` | String | Optional alternative username for registry-url with read-only permissions | +| `--registry-password-read-only` | `registry.readOnlyPassword` | `''` | String | Optional alternative password for registry-url with read-only permissions | +| `--create-image-pull-secrets` | `registry.createImagePullSecrets` | `false` | Boolean | Create image pull secrets for registry and proxy-registry for all GOP namespaces | +| - | `registry.helm.chart` | `'docker-registry'` | String | Name of the Helm chart | +| - | `registry.helm.repoURL` | `'https://helm.twun.io'` | String | Repository url from which the Helm chart should be obtained | +| - | `registry.helm.version` | `'2.2.3'` | String | The version of the Helm chart to be installed | +| - | `registry.helm.values` | `[:]` | Map | Helm values of the chart | ###### Jenkins diff --git a/docs/configuration.schema.json b/docs/configuration.schema.json index 0a8416f3f..8077cb007 100644 --- a/docs/configuration.schema.json +++ b/docs/configuration.schema.json @@ -776,6 +776,10 @@ "type" : [ "string", "null" ], "description" : "Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets, when create-image-pull-secrets is set." }, + "proxyPath" : { + "type" : [ "string", "null" ], + "description" : "Optional when registry-proxy-url is set and the registry is running on a non root web path." + }, "proxyUrl" : { "type" : [ "string", "null" ], "description" : "The url of your proxy-registry. Used in pipelines to authorize pull base images. Use in conjunction with petclinic base image. Used in helm charts when create-image-pull-secrets is set. Use in conjunction with helm.*image fields." diff --git a/docs/content-loader/example-tenant/petclinic-helm/Jenkinsfile.ftl b/docs/content-loader/example-tenant/petclinic-helm/Jenkinsfile.ftl index 1f4c102bb..28eaf3241 100644 --- a/docs/content-loader/example-tenant/petclinic-helm/Jenkinsfile.ftl +++ b/docs/content-loader/example-tenant/petclinic-helm/Jenkinsfile.ftl @@ -11,6 +11,7 @@ String getDockerRegistryCredentials() { 'registry-user' } <#if config.registry.twoRegistries> String getDockerRegistryProxyBaseUrl() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_URL } +String getDockerRegistryProxyPath() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH } String getDockerRegistryProxyCredentials() { 'registry-proxy-user' } @@ -82,7 +83,8 @@ node { <#if config.registry.twoRegistries> <#noparse> - docker.withRegistry("https://${dockerRegistryProxyBaseUrl}", dockerRegistryProxyCredentials) { + String proxyPathPrefix = !dockerRegistryProxyPath?.trim() ? "" : "${dockerRegistryProxyPath.trim()}/" + docker.withRegistry("https://${dockerRegistryProxyBaseUrl}/${proxyPathPrefix}", dockerRegistryProxyCredentials) { image = docker.build(imageName, '.') } diff --git a/docs/content-loader/example-tenant/petclinic-plain/Jenkinsfile.ftl b/docs/content-loader/example-tenant/petclinic-plain/Jenkinsfile.ftl index 22425caeb..853e2cfe9 100644 --- a/docs/content-loader/example-tenant/petclinic-plain/Jenkinsfile.ftl +++ b/docs/content-loader/example-tenant/petclinic-plain/Jenkinsfile.ftl @@ -11,6 +11,7 @@ String getDockerRegistryCredentials() { 'registry-user' } <#if config.registry.twoRegistries> String getDockerRegistryProxyBaseUrl() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_URL } +String getDockerRegistryProxyPath() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH } String getDockerRegistryProxyCredentials() { 'registry-proxy-user' } <#noparse> diff --git a/docs/developers.md b/docs/developers.md index d69dda499..bc44a84a8 100644 --- a/docs/developers.md +++ b/docs/developers.md @@ -536,7 +536,7 @@ EOF * Deploy playground: ```bash -# Create a docker container or use an available immage from a registry +# Create a docker container or use an available image from a registry # docker build -t gop:dev . GOP_IMAGE=gop:ingress PATH_TWO_REGISTRIES=scripts/local/two-registries.yaml #Adjust to path above diff --git a/examples/example-apps-via-content-loader/argocd/petclinic-helm/Jenkinsfile.ftl b/examples/example-apps-via-content-loader/argocd/petclinic-helm/Jenkinsfile.ftl index 6f7dff0b5..defc4152d 100644 --- a/examples/example-apps-via-content-loader/argocd/petclinic-helm/Jenkinsfile.ftl +++ b/examples/example-apps-via-content-loader/argocd/petclinic-helm/Jenkinsfile.ftl @@ -12,6 +12,7 @@ String getDockerRegistryCredentials() { 'registry-user' } <#if config.registry.twoRegistries> String getDockerRegistryProxyBaseUrl() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_URL } +String getDockerRegistryProxyPath() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH } String getDockerRegistryProxyCredentials() { 'registry-proxy-user' } @@ -83,7 +84,8 @@ node { <#if config.registry.twoRegistries> <#noparse> - docker.withRegistry("https://${dockerRegistryProxyBaseUrl}", dockerRegistryProxyCredentials) { + String proxyPathPrefix = !dockerRegistryProxyPath?.trim() ? "" : "${dockerRegistryProxyPath}/" + docker.withRegistry("https://${dockerRegistryProxyBaseUrl}/${proxyPathPrefix}", dockerRegistryProxyCredentials) { image = docker.build(imageName, '.') } diff --git a/examples/example-apps-via-content-loader/argocd/petclinic-plain/Jenkinsfile.ftl b/examples/example-apps-via-content-loader/argocd/petclinic-plain/Jenkinsfile.ftl index ec482116f..fd14f8625 100644 --- a/examples/example-apps-via-content-loader/argocd/petclinic-plain/Jenkinsfile.ftl +++ b/examples/example-apps-via-content-loader/argocd/petclinic-plain/Jenkinsfile.ftl @@ -12,6 +12,7 @@ String getDockerRegistryCredentials() { 'registry-user' } <#if config.registry.twoRegistries> String getDockerRegistryProxyBaseUrl() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_URL } +String getDockerRegistryProxyPath() { env.${config.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH } String getDockerRegistryProxyCredentials() { 'registry-proxy-user' } @@ -76,7 +77,8 @@ node { <#if config.registry.twoRegistries> <#noparse> - docker.withRegistry("https://${dockerRegistryProxyBaseUrl}", dockerRegistryProxyCredentials) { + String proxyPathPrefix = !dockerRegistryProxyPath?.trim() ? "" : "${dockerRegistryProxyPath}/" + docker.withRegistry("https://${dockerRegistryProxyBaseUrl}/${proxyPathPrefix}", dockerRegistryProxyCredentials) { image = docker.build(imageName, '.') } diff --git a/src/main/groovy/com/cloudogu/gitops/config/Config.groovy b/src/main/groovy/com/cloudogu/gitops/config/Config.groovy index 617833002..94f1c067f 100644 --- a/src/main/groovy/com/cloudogu/gitops/config/Config.groovy +++ b/src/main/groovy/com/cloudogu/gitops/config/Config.groovy @@ -208,6 +208,10 @@ class Config { @JsonPropertyDescription(REGISTRY_PROXY_URL_DESCRIPTION) String proxyUrl = '' + @Option(names = ['--registry-proxy-path'], description = REGISTRY_PROXY_PATH_DESCRIPTION) + @JsonPropertyDescription(REGISTRY_PROXY_PATH_DESCRIPTION) + String proxyPath = '' + @Option(names = ['--registry-proxy-username'], description = REGISTRY_PROXY_PASSWORD_DESCRIPTION) @JsonPropertyDescription(REGISTRY_PROXY_USERNAME_DESCRIPTION) String proxyUsername = '' diff --git a/src/main/groovy/com/cloudogu/gitops/config/ConfigConstants.groovy b/src/main/groovy/com/cloudogu/gitops/config/ConfigConstants.groovy index 9f6bfc01e..1b2ce659a 100644 --- a/src/main/groovy/com/cloudogu/gitops/config/ConfigConstants.groovy +++ b/src/main/groovy/com/cloudogu/gitops/config/ConfigConstants.groovy @@ -16,6 +16,7 @@ interface ConfigConstants { String REGISTRY_PASSWORD_DESCRIPTION = 'Optional when registry-url is set' String REGISTRY_PROXY_URL_DESCRIPTION = 'The url of your proxy-registry. Used in pipelines to authorize pull base images. Use in conjunction with petclinic base image. Used in helm charts when create-image-pull-secrets is set. Use in conjunction with helm.*image fields.' + String REGISTRY_PROXY_PATH_DESCRIPTION = 'Optional when registry-proxy-url is set and the registry is running on a non root web path.' String REGISTRY_PROXY_USERNAME_DESCRIPTION = 'Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets, when create-image-pull-secrets is set.' String REGISTRY_PROXY_PASSWORD_DESCRIPTION = 'Use with registry-proxy-url, added to Jenkins as credentials and created as pull secrets, when create-image-pull-secrets is set.' diff --git a/src/main/groovy/com/cloudogu/gitops/destroy/JenkinsDestructionHandler.groovy b/src/main/groovy/com/cloudogu/gitops/destroy/JenkinsDestructionHandler.groovy index 6ea7f5202..7767678c0 100644 --- a/src/main/groovy/com/cloudogu/gitops/destroy/JenkinsDestructionHandler.groovy +++ b/src/main/groovy/com/cloudogu/gitops/destroy/JenkinsDestructionHandler.groovy @@ -26,6 +26,8 @@ class JenkinsDestructionHandler implements DestructionHandler { globalPropertyManager.deleteGlobalProperty("${configuration.application.namePrefixForEnvVars}REGISTRY_URL") globalPropertyManager.deleteGlobalProperty("${configuration.application.namePrefixForEnvVars}REGISTRY_PATH") globalPropertyManager.deleteGlobalProperty("${configuration.application.namePrefixForEnvVars}REGISTRY_PROXY_URL") + globalPropertyManager.deleteGlobalProperty("${configuration.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH") + globalPropertyManager.deleteGlobalProperty("${configuration.application.namePrefixForEnvVars}K8S_VERSION") } } diff --git a/src/main/groovy/com/cloudogu/gitops/features/Jenkins.groovy b/src/main/groovy/com/cloudogu/gitops/features/Jenkins.groovy index 3b867fd58..bef0262cd 100644 --- a/src/main/groovy/com/cloudogu/gitops/features/Jenkins.groovy +++ b/src/main/groovy/com/cloudogu/gitops/features/Jenkins.groovy @@ -144,6 +144,7 @@ class Jenkins extends Feature { if (config.registry.twoRegistries) { globalPropertyManager.setGlobalProperty("${config.application.namePrefixForEnvVars}REGISTRY_PROXY_URL", config.registry.proxyUrl) + globalPropertyManager.setGlobalProperty("${config.application.namePrefixForEnvVars}REGISTRY_PROXY_PATH", config.registry.proxyPath) } if (config.jenkins.mavenCentralMirror) { diff --git a/src/test/groovy/com/cloudogu/gitops/features/JenkinsTest.groovy b/src/test/groovy/com/cloudogu/gitops/features/JenkinsTest.groovy index a976f89f0..14903f6ac 100644 --- a/src/test/groovy/com/cloudogu/gitops/features/JenkinsTest.groovy +++ b/src/test/groovy/com/cloudogu/gitops/features/JenkinsTest.groovy @@ -182,6 +182,7 @@ me:x:1000:''') config.registry.username = 'reg-usr' config.registry.password = 'reg-pw' config.registry.proxyUrl = 'reg-proxy-url' + config.registry.proxyPath = 'reg-proxy-path' config.registry.proxyUsername = 'reg-proxy-usr' config.registry.proxyPassword = 'reg-proxy-pw' config.jenkins.internal = false @@ -224,6 +225,7 @@ me:x:1000:''') verify(globalPropertyManager).setGlobalProperty('MY_PREFIX_REGISTRY_URL', 'reg-url') verify(globalPropertyManager).setGlobalProperty('MY_PREFIX_REGISTRY_PATH', 'reg-path') verify(globalPropertyManager, never()).setGlobalProperty(eq('MY_PREFIX_REGISTRY_PROXY_URL'), anyString()) + verify(globalPropertyManager, never()).setGlobalProperty(eq('MY_PREFIX_REGISTRY_PROXY_PATH'), anyString()) verify(globalPropertyManager, never()).setGlobalProperty(eq('MAVEN_CENTRAL_MIRROR'), anyString()) verify(userManager).createUser('metrics-usr', 'metrics-pw') @@ -293,12 +295,14 @@ me:x:1000:''') config.registry.username = 'reg-usr' config.registry.password = 'reg-pw' config.registry.proxyUrl = 'reg-proxy-url' + config.registry.proxyPath = 'reg-proxy-path' config.registry.proxyUsername = 'reg-proxy-usr' config.registry.proxyPassword = 'reg-proxy-pw' createJenkins().install() verify(globalPropertyManager).setGlobalProperty('MY_PREFIX_REGISTRY_PROXY_URL', 'reg-proxy-url') + verify(globalPropertyManager).setGlobalProperty('MY_PREFIX_REGISTRY_PROXY_PATH', 'reg-proxy-path') verify(globalPropertyManager).setGlobalProperty(eq('MY_PREFIX_REGISTRY_URL'), anyString()) verify(globalPropertyManager).setGlobalProperty(eq('MY_PREFIX_REGISTRY_PATH'), anyString()) diff --git a/src/test/groovy/com/cloudogu/gitops/features/argocd/ArgoCDTest.groovy b/src/test/groovy/com/cloudogu/gitops/features/argocd/ArgoCDTest.groovy index 21199166e..af3a110b6 100644 --- a/src/test/groovy/com/cloudogu/gitops/features/argocd/ArgoCDTest.groovy +++ b/src/test/groovy/com/cloudogu/gitops/features/argocd/ArgoCDTest.groovy @@ -712,7 +712,9 @@ class ArgoCDTest { 'imageName = "${dockerRegistryBaseUrl}/${pathPrefix}${application}:${imageTag}"' ] List twoRegistriesExpectedLines = [ - 'docker.withRegistry("https://${dockerRegistryProxyBaseUrl}", dockerRegistryProxyCredentials) {'] + 'String proxyPathPrefix = !dockerRegistryProxyPath?.trim() ? "" : "${dockerRegistryProxyPath}/"', + 'docker.withRegistry("https://${dockerRegistryProxyBaseUrl}/${proxyPathPrefix}", dockerRegistryProxyCredentials) {', + ] for (def petclinicRepo : petClinicRepos) { String jenkinsfile = new File(petclinicRepo.absoluteLocalRepoTmpDir, 'Jenkinsfile').text