1
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.
2
// Licensed under the GNU Affero General Public License (AGPL).
3
// See License.AGPL.txt in the project root for license information.
4

5
package registryfacade
6

7
import (
8
	"fmt"
9

10
	"github.com/gitpod-io/gitpod/common-go/baseserver"
11
	"github.com/gitpod-io/gitpod/installer/pkg/common"
12
	wsmanagermk2 "github.com/gitpod-io/gitpod/installer/pkg/components/ws-manager-mk2"
13
	"github.com/gitpod-io/gitpod/installer/pkg/config/v1/experimental"
14
	regfac "github.com/gitpod-io/gitpod/registry-facade/api/config"
15

16
	corev1 "k8s.io/api/core/v1"
17
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
18
	"k8s.io/apimachinery/pkg/runtime"
19
)
20

21
func configmap(ctx *common.RenderContext) ([]runtime.Object, error) {
22
	var (
23
		ipfsCache  *regfac.IPFSCacheConfig
24
		redisCache *regfac.RedisCacheConfig
25
	)
26
	remoteSpecProviders := []*regfac.RSProvider{
27
		{
28
			Addr: fmt.Sprintf("dns:///ws-manager-mk2:%d", wsmanagermk2.RPCPort),
29
			TLS: &regfac.TLS{
30
				Authority:   "/ws-manager-mk2-client-tls-certs/ca.crt",
31
				Certificate: "/ws-manager-mk2-client-tls-certs/tls.crt",
32
				PrivateKey:  "/ws-manager-mk2-client-tls-certs/tls.key",
33
			},
34
		},
35
	}
36
	_ = ctx.WithExperimental(func(ucfg *experimental.Config) error {
37
		if ucfg.Workspace == nil {
38
			return nil
39
		}
40

41
		if ucfg.Workspace.RegistryFacade.RedisCache.Enabled {
42
			cacheCfg := ucfg.Workspace.RegistryFacade.RedisCache
43
			redisCache = &regfac.RedisCacheConfig{
44
				Enabled:            true,
45
				SingleHostAddress:  cacheCfg.SingleHostAddress,
46
				Username:           cacheCfg.Username,
47
				UseTLS:             cacheCfg.UseTLS,
48
				InsecureSkipVerify: cacheCfg.InsecureSkipVerify,
49
			}
50
		}
51

52
		if ucfg.Workspace.RegistryFacade.IPFSCache.Enabled {
53
			cacheCfg := ucfg.Workspace.RegistryFacade.IPFSCache
54
			ipfsCache = &regfac.IPFSCacheConfig{
55
				Enabled:  true,
56
				IPFSAddr: cacheCfg.IPFSAddr,
57
			}
58
		}
59

60
		return nil
61
	})
62

63
	rfcfg := regfac.ServiceConfig{
64
		Registry: regfac.Config{
65
			Port:               ServicePort,
66
			RemoteSpecProvider: remoteSpecProviders,
67
			TLS: &regfac.TLS{
68
				Certificate: "/mnt/certificates/tls.crt",
69
				PrivateKey:  "/mnt/certificates/tls.key",
70
			},
71
			Store:       "/mnt/cache/registry",
72
			RequireAuth: false,
73
			StaticLayer: []regfac.StaticLayerCfg{
74
				{
75
					Ref:  ctx.ImageName(ctx.Config.Repository, SupervisorImage, ctx.VersionManifest.Components.Workspace.Supervisor.Version),
76
					Type: "image",
77
				},
78
				{
79
					Ref:  ctx.ImageName(ctx.Config.Repository, WorkspacekitImage, ctx.VersionManifest.Components.Workspace.Workspacekit.Version),
80
					Type: "image",
81
				},
82
				{
83
					Ref:  ctx.ImageName(ctx.Config.Repository, DockerUpImage, ctx.VersionManifest.Components.Workspace.DockerUp.Version),
84
					Type: "image",
85
				},
86
			},
87
			IPFSCache:  ipfsCache,
88
			RedisCache: redisCache,
89
		},
90
		AuthCfg:            "/mnt/pull-secret/pull-secret.json",
91
		PProfAddr:          common.LocalhostAddressFromPort(baseserver.BuiltinDebugPort),
92
		PrometheusAddr:     common.LocalhostPrometheusAddr(),
93
		ReadinessProbeAddr: fmt.Sprintf(":%v", ReadinessPort),
94
	}
95

96
	fc, err := common.ToJSONString(rfcfg)
97
	if err != nil {
98
		return nil, fmt.Errorf("failed to marshal registry-facade config: %w", err)
99
	}
100

101
	return []runtime.Object{
102
		&corev1.ConfigMap{
103
			TypeMeta: common.TypeMetaConfigmap,
104
			ObjectMeta: metav1.ObjectMeta{
105
				Name:        Component,
106
				Namespace:   ctx.Namespace,
107
				Labels:      common.CustomizeLabel(ctx, Component, common.TypeMetaConfigmap),
108
				Annotations: common.CustomizeAnnotation(ctx, Component, common.TypeMetaConfigmap),
109
			},
110
			Data: map[string]string{
111
				"config.json": string(fc),
112
			},
113
		},
114
	}, nil
115
}
116

117