feat: rework pull of images which requires secret

Signed-off-by: Karel Simon <ksimon@redhat.com>
kubevirt · Aug 24, 2023 · d1bcf99 · d1bcf99
1 parent 0aba844
commit d1bcf99
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 26 deletions.
diff --git a/automation/test-linux.sh b/automation/test-linux.sh
@@ -12,7 +12,6 @@ image_url=""
 secret_ref=""
 if [[ $TARGET =~ rhel.* ]]; then
   image_url="docker://quay.io/openshift-cnv/ci-common-templates-images:${TARGET}"
-  secret_ref="secretRef: common-templates-container-disk-puller"
 else
   image_url="docker://quay.io/kubevirt/common-templates:${TARGET}"
 fi
@@ -31,7 +30,6 @@ spec:
     registry:
       pullMethod: node
       url: "${image_url}"
-      ${secret_ref}
   pvc:
     accessModes:
       - ReadWriteOnce

diff --git a/automation/test-windows.sh b/automation/test-windows.sh
@@ -19,7 +19,6 @@ spec:
   source:
     registry:
       pullMethod: node
-      secretRef: common-templates-container-disk-puller
       url: "docker://quay.io/openshift-cnv/ci-common-templates-images:${TARGET}"
   pvc:
     accessModes:

diff --git a/automation/test.sh b/automation/test.sh
@@ -66,6 +66,19 @@ function latest_version() {
     tail -n1
 }
 
+if [[ $TARGET =~ rhel.* ]] || [[ $TARGET =~ windows.* ]]; then
+    key="/tmp/secrets/accessKeyId"
+    token="/tmp/secrets/secretKey"
+    if test -f "$key" && test -f "$token"; then
+      id=$(cat $key | tr -d '\n')
+      token=$(cat $token | tr -d '\n')
+
+      oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' > secrets.json
+      oc registry login --registry="quay.io/openshift-cnv/ci-common-templates-images" --auth-basic="$id:$token" --to=secrets.json
+      oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=secrets.json
+    fi
+fi
+
 # Latest released Kubevirt version
 export KUBEVIRT_VERSION=$(latest_version "kubevirt")
 
@@ -161,29 +174,6 @@ oc wait --for=condition=Available --timeout=${timeout}s kubevirt/kubevirt -n $na
 
 oc patch kubevirt kubevirt -n $namespace --type merge -p '{"spec":{"configuration":{"developerConfiguration":{"featureGates": ["DataVolumes", "CPUManager", "NUMA", "DownwardMetrics"]}}}}'
 
-key="/tmp/secrets/accessKeyId"
-token="/tmp/secrets/secretKey"
-
-if [ "${CLUSTERENV}" == "$ocenv" ]
-then
-    if test -f "$key" && test -f "$token"; then
-      id=$(cat $key | tr -d '\n' | base64)
-      token=$(cat $token | tr -d '\n' | base64 | tr -d ' \n')
-
-      oc apply -n $namespace -f - <<EOF
-apiVersion: v1
-kind: Secret
-metadata:
-  name: common-templates-container-disk-puller
-  labels:
-    app: containerized-data-importer
-type: Opaque
-data:
-  accessKeyId: "${id}"
-  secretKey: "${token}"
-EOF
-    fi
-fi
 echo "Deploying CDI"
 oc apply -f https://github.com/kubevirt/containerized-data-importer/releases/download/$CDI_VERSION/cdi-operator.yaml
 oc apply -f https://github.com/kubevirt/containerized-data-importer/releases/download/$CDI_VERSION/cdi-cr.yaml