Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/install/installer/pkg/components/image-builder-mk3/configmap.go
2501 views
1
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.

2
// Licensed under the GNU Affero General Public License (AGPL).

3
// See License.AGPL.txt in the project root for license information.

4


5
package image_builder_mk3

6


7
import (

8
	"fmt"

9
	"strings"

10
	"time"

11


12
	"github.com/gitpod-io/gitpod/common-go/baseserver"

13


14
	"github.com/gitpod-io/gitpod/common-go/util"

15
	"github.com/gitpod-io/gitpod/image-builder/api/config"

16
	"github.com/gitpod-io/gitpod/installer/pkg/common"

17
	dockerregistry "github.com/gitpod-io/gitpod/installer/pkg/components/docker-registry"

18
	"github.com/gitpod-io/gitpod/installer/pkg/components/workspace"

19
	wsmanagermk2 "github.com/gitpod-io/gitpod/installer/pkg/components/ws-manager-mk2"

20
	configv1 "github.com/gitpod-io/gitpod/installer/pkg/config/v1"

21
	"github.com/gitpod-io/gitpod/installer/pkg/config/v1/experimental"

22


23
	corev1 "k8s.io/api/core/v1"

24
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

25
	"k8s.io/apimachinery/pkg/runtime"

26
	"k8s.io/utils/pointer"

27
)

28


29
func configmap(ctx *common.RenderContext) ([]runtime.Object, error) {

30
	var registryName string

31
	if pointer.BoolDeref(ctx.Config.ContainerRegistry.InCluster, false) {

32
		registryName = fmt.Sprintf("%s.%s", dockerregistry.RegistryName, ctx.Config.Domain)

33
	} else if ctx.Config.ContainerRegistry.External != nil {

34
		registryName = strings.TrimSuffix(ctx.Config.ContainerRegistry.External.URL, "/")

35
	} else {

36
		return nil, fmt.Errorf("%s: invalid container registry config", Component)

37
	}

38


39
	secretName, err := pullSecretName(ctx)

40
	if err != nil {

41
		return nil, err

42
	}

43


44
	baseImageRepoName := "base-images"

45
	workspaceImageRepoName := "workspace-images"

46


47
	_ = ctx.WithExperimental(func(cfg *experimental.Config) error {

48
		if cfg.Workspace != nil {

49
			if cfg.Workspace.ImageBuilderMk3.BaseImageRepositoryName != "" {

50
				baseImageRepoName = cfg.Workspace.ImageBuilderMk3.BaseImageRepositoryName

51
			}

52
			if cfg.Workspace.ImageBuilderMk3.WorkspaceImageRepositoryName != "" {

53
				workspaceImageRepoName = cfg.Workspace.ImageBuilderMk3.WorkspaceImageRepositoryName

54
			}

55
		}

56
		return nil

57
	})

58


59
	workspaceManagerAddress := fmt.Sprintf("%s:%d", common.WSManagerMk2Component, wsmanagermk2.RPCPort)

60
	orchestrator := config.Configuration{

61
		WorkspaceManager: config.WorkspaceManagerConfig{

62
			Address: workspaceManagerAddress,

63
			TLS: config.TLS{

64
				Authority:   "/wsman-certs/ca.crt",

65
				Certificate: "/wsman-certs/tls.crt",

66
				PrivateKey:  "/wsman-certs/tls.key",

67
			},

68
		},

69
		PullSecret:               secretName,

70
		PullSecretFile:           "/config/pull-secret/pull-secret.json",

71
		BaseImageRepository:      fmt.Sprintf("%s/%s", registryName, baseImageRepoName),

72
		WorkspaceImageRepository: fmt.Sprintf("%s/%s", registryName, workspaceImageRepoName),

73
		BuilderImage:             ctx.ImageName(ctx.Config.Repository, BuilderImage, ctx.VersionManifest.Components.ImageBuilderMk3.BuilderImage.Version),

74
		EnableAdditionalECRAuth:  ctx.Config.ContainerRegistry.EnableAdditionalECRAuth,

75
	}

76


77
	workspaceImage := ctx.Config.Workspace.WorkspaceImage

78
	if workspaceImage == "" {

79
		workspaceImage = ctx.ImageName(common.ThirdPartyContainerRepo(ctx.Config.Repository, ""), workspace.DefaultWorkspaceImage, workspace.DefaultWorkspaceImageVersion)

80
	}

81


82
	var tls *baseserver.TLSConfiguration

83
	if ctx.Config.Kind == configv1.InstallationWorkspace {

84
		// Only enable TLS in workspace clusters. This check can be removed

85
		// once image-builder-mk3 has been removed from application clusters

86
		// (https://github.com/gitpod-io/gitpod/issues/7845).

87
		tls = &baseserver.TLSConfiguration{

88
			CAPath:   "/certs/ca.crt",

89
			CertPath: "/certs/tls.crt",

90
			KeyPath:  "/certs/tls.key",

91
		}

92
	}

93


94
	imgcfg := config.ServiceConfig{

95
		Orchestrator: orchestrator,

96
		RefCache: config.RefCacheConfig{

97
			Interval: util.Duration(time.Hour * 6).String(),

98
			Refs: []string{

99
				workspaceImage,

100
			},

101
		},

102
		Server: &baseserver.Configuration{

103
			Services: baseserver.ServicesConfiguration{

104
				GRPC: &baseserver.ServerConfiguration{

105
					Address: fmt.Sprintf("0.0.0.0:%d", RPCPort),

106
					TLS:     tls,

107
				},

108
			},

109
		},

110
	}

111


112
	fc, err := common.ToJSONString(imgcfg)

113
	if err != nil {

114
		return nil, fmt.Errorf("failed to marshal image-builder-mk3 config: %w", err)

115
	}

116


117
	return []runtime.Object{

118
		&corev1.ConfigMap{

119
			TypeMeta: common.TypeMetaConfigmap,

120
			ObjectMeta: metav1.ObjectMeta{

121
				Name:        fmt.Sprintf("%s-config", Component),

122
				Namespace:   ctx.Namespace,

123
				Labels:      common.CustomizeLabel(ctx, Component, common.TypeMetaConfigmap),

124
				Annotations: common.CustomizeAnnotation(ctx, Component, common.TypeMetaConfigmap),

125
			},

126
			Data: map[string]string{

127
				"image-builder.json": string(fc),

128
			},

129
		},

130
	}, nil

131
}

132


133