Manager image patch #101
Manager image patch #101
Conversation
Signed-off-by: Craig Tabita <ctab@google.com>
* Update gitignore to not ignore logs packages Signed-off-by: Max Smythe <smythe@google.com> * Explicitly include vendor directory Signed-off-by: Max Smythe <smythe@google.com> * No need to run dep ensure Signed-off-by: Max Smythe <smythe@google.com> * No need to install dep Signed-off-by: Max Smythe <smythe@google.com> * Fix error in explicit inclusion of all vendor subpackages Signed-off-by: Max Smythe <smythe@google.com> * Remove vistigial config/default/manager_image_patch.yaml Signed-off-by: Max Smythe <smythe@google.com> * Add requirement that user have cluster-admin rolebinding to install instructions Signed-off-by: Max Smythe <smythe@google.com> Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com> Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
ctab
force-pushed
the
manager-image-patch
branch
from
9efa568
to
6eea024
Compare
Signed-off-by: Craig Tabita <ctab@google.com>
ctab
force-pushed
the
manager-image-patch
branch
from
5360928
to
376fc0f
Compare
Signed-off-by: Craig Tabita <ctab@google.com>
README.md
Outdated
| If you want to deploy a released version of Gatekeeper in your cluster with a prebuilt image, then first copy the following kustomize configuration patch: | ||
|
|
||
| ```sh | ||
| cp config/manager_image_patch_template.yaml config/manager_image_patch.yaml |
There was a problem hiding this comment.
Prebuilt Image here refers to a published image as part of a release we have previous cut. For example: quay.io/open-policy-agent/gatekeeper:v3.0.0
This deployment yaml https://raw.githubusercontent.com/open-policy-agent/gatekeeper/master/deploy/gatekeeper-constraint.yaml should work out of the box, without any modification. If you want to build you own image, then there are two options:
- Follow this to deploy head using Make
- Replace the gatekeeper image in gatekeeper-constraint.yaml with your own image.
There was a problem hiding this comment.
Don't think this step is needed if user is using a prebuilt image.
There was a problem hiding this comment.
Thanks @ritazh, I wasn't sure since I've only been doing the make deploy process. I'll remove this then.
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
|
Getting close. The biggest use-case we haven't met is someone who downloads a blank repository. Currently if you were to delete We should test for non-existence of |
Signed-off-by: Craig Tabita <ctab@google.com>
|
@maxsmythe Good call. I added a touch line to the deploy rule to address that. |
|
LGTM |
Signed-off-by: GitHub <noreply@github.com> Co-authored-by: JaydipGabani <JaydipGabani@users.noreply.github.com>
Removing the image patch file from the repo and adding a template that can be used. Right now the repo's patch file has Max's image name and that gets overwritten with your own when you run
make deploy.I couldn't find a way to make the patch file optional (kustomize throws an error if it's not there) so
make deploycreates a dummy file with an empty comment for now. Down the line hopefully we can figure out a better way.