-
Notifications
You must be signed in to change notification settings - Fork 743
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Manager image patch #101
Manager image patch #101
Conversation
Signed-off-by: Craig Tabita <ctab@google.com>
* Update gitignore to not ignore logs packages Signed-off-by: Max Smythe <smythe@google.com> * Explicitly include vendor directory Signed-off-by: Max Smythe <smythe@google.com> * No need to run dep ensure Signed-off-by: Max Smythe <smythe@google.com> * No need to install dep Signed-off-by: Max Smythe <smythe@google.com> * Fix error in explicit inclusion of all vendor subpackages Signed-off-by: Max Smythe <smythe@google.com> * Remove vistigial config/default/manager_image_patch.yaml Signed-off-by: Max Smythe <smythe@google.com> * Add requirement that user have cluster-admin rolebinding to install instructions Signed-off-by: Max Smythe <smythe@google.com> Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com> Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
9efa568
to
6eea024
Compare
Signed-off-by: Craig Tabita <ctab@google.com>
5360928
to
376fc0f
Compare
Signed-off-by: Craig Tabita <ctab@google.com>
README.md
Outdated
If you want to deploy a released version of Gatekeeper in your cluster with a prebuilt image, then first copy the following kustomize configuration patch: | ||
|
||
```sh | ||
cp config/manager_image_patch_template.yaml config/manager_image_patch.yaml |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prebuilt Image
here refers to a published image as part of a release we have previous cut. For example: quay.io/open-policy-agent/gatekeeper:v3.0.0
This deployment yaml https://raw.githubusercontent.com/open-policy-agent/gatekeeper/master/deploy/gatekeeper-constraint.yaml should work out of the box, without any modification. If you want to build you own image, then there are two options:
- Follow this to deploy head using Make
- Replace the gatekeeper image in gatekeeper-constraint.yaml with your own image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't think this step is needed if user is using a prebuilt image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @ritazh, I wasn't sure since I've only been doing the make deploy
process. I'll remove this then.
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Signed-off-by: Craig Tabita <ctab@google.com>
Getting close. The biggest use-case we haven't met is someone who downloads a blank repository. Currently if you were to delete We should test for non-existence of |
Signed-off-by: Craig Tabita <ctab@google.com>
@maxsmythe Good call. I added a touch line to the deploy rule to address that. |
LGTM |
Signed-off-by: GitHub <noreply@github.com> Co-authored-by: JaydipGabani <JaydipGabani@users.noreply.github.com>
Removing the image patch file from the repo and adding a template that can be used. Right now the repo's patch file has Max's image name and that gets overwritten with your own when you run
make deploy
.I couldn't find a way to make the patch file optional (kustomize throws an error if it's not there) so
make deploy
creates a dummy file with an empty comment for now. Down the line hopefully we can figure out a better way.