mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 00:33:50 +00:00
Remove quay.io image promotion (#24777)
This commit is contained in:
parent
f3b59a3e32
commit
dfd12d34b0
2846
.drone.yml
2846
.drone.yml
File diff suppressed because it is too large
Load diff
|
@ -29,10 +29,6 @@ const (
|
|||
// ProductionRegistry is the production image registry that hosts are customer facing container images.
|
||||
ProductionRegistry = "public.ecr.aws"
|
||||
|
||||
// ProductionRegistryQuay is the production image registry that hosts images on quay.io. Will be deprecated in the future.
|
||||
// See RFD 73 - https://github.com/gravitational/teleport/blob/c18c09f5d562dd46a509154eab4295ad39decc3c/rfd/0073-public-image-registry.md
|
||||
ProductionRegistryQuay = "quay.io"
|
||||
|
||||
// Go version used by internal tools
|
||||
GoVersion = "1.18"
|
||||
|
||||
|
|
|
@ -103,32 +103,6 @@ func NewEcrContainerRepo(accessKeyIDSecret, secretAccessKeySecret, roleSecret, d
|
|||
}
|
||||
}
|
||||
|
||||
func NewQuayContainerRepo(dockerUsername, dockerPassword string) *ContainerRepo {
|
||||
registryOrg := ProductionRegistryOrg
|
||||
if configureForPRTestingOnly {
|
||||
dockerUsername = testingSecretPrefix + dockerUsername
|
||||
dockerPassword = testingSecretPrefix + dockerPassword
|
||||
registryOrg = testingQuayRegistryOrg
|
||||
}
|
||||
|
||||
return &ContainerRepo{
|
||||
Name: "Quay",
|
||||
IsImmutable: false,
|
||||
EnvironmentVars: map[string]value{
|
||||
"QUAY_USERNAME": {fromSecret: dockerUsername},
|
||||
"QUAY_PASSWORD": {fromSecret: dockerPassword},
|
||||
"DOCKERHUB_USERNAME": {fromSecret: "DOCKERHUB_USERNAME"},
|
||||
"DOCKERHUB_PASSWORD": {fromSecret: "DOCKERHUB_READONLY_TOKEN"},
|
||||
},
|
||||
RegistryDomain: ProductionRegistryQuay,
|
||||
RegistryOrg: registryOrg,
|
||||
LoginCommands: []string{
|
||||
fmt.Sprintf("docker login -u=\"$QUAY_USERNAME\" -p=\"$QUAY_PASSWORD\" %q", ProductionRegistryQuay),
|
||||
`printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin`,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func NewLocalContainerRepo() *ContainerRepo {
|
||||
return &ContainerRepo{
|
||||
Name: "Local Registry",
|
||||
|
@ -148,7 +122,6 @@ func GetStagingContainerRepo(uniqueStagingTag bool) *ContainerRepo {
|
|||
|
||||
func GetProductionContainerRepos() []*ContainerRepo {
|
||||
return []*ContainerRepo{
|
||||
NewQuayContainerRepo("PRODUCTION_QUAYIO_DOCKER_USERNAME", "PRODUCTION_QUAYIO_DOCKER_PASSWORD"),
|
||||
NewEcrContainerRepo("PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY", "PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET",
|
||||
"PRODUCTION_TELEPORT_DRONE_ECR_AWS_ROLE", ProductionRegistry, "production", true, false, false),
|
||||
}
|
||||
|
|
|
@ -39,12 +39,11 @@ package main
|
|||
// 1. Publish the branch you're working on
|
||||
// 2. Set `prBranch` to the name of the branch in (1)
|
||||
// 3. Set `configureForPRTestingOnly` to true
|
||||
// 4. Create a public and private ECR, Quay repos for "teleport", "teleport-ent", "teleport-operator", "teleport-lab"
|
||||
// 5. Set `testingQuayRegistryOrg` and `testingECRRegistryOrg` to the org name(s) used in (4)
|
||||
// 4. Create a public and private ECR repos for "teleport", "teleport-ent", "teleport-operator", "teleport-lab"
|
||||
// 5. Set `testingECRRegistryOrg` to the org name(s) used in (4)
|
||||
// 6. Set the `ECRTestingDomain` to the domain used for the private ECR repos
|
||||
// 7. Create two separate IAM users, each with full access to either the public ECR repo OR the private ECR repo
|
||||
// 8. Create a Quay "robot account" with write permissions for the created Quay repos
|
||||
// 9. Set the Drone secrets for the secret names listed in "GetContainerRepos" to the credentials in (7, 8), prefixed by the value of `testingSecretPrefix`
|
||||
// 8. Set the Drone secrets for the secret names listed in "GetContainerRepos" to the credentials in (7, 8), prefixed by the value of `testingSecretPrefix`
|
||||
//
|
||||
// On each commit, after running `make dronegen``, run the following commands and resign the file:
|
||||
// # Pull the current branch instead of v11 so the appropriate dockerfile gets loaded
|
||||
|
@ -57,7 +56,6 @@ package main
|
|||
const (
|
||||
configureForPRTestingOnly bool = false
|
||||
testingSecretPrefix string = "TEST_"
|
||||
testingQuayRegistryOrg string = "" // "fred_heinecke"
|
||||
testingECRRegistryOrg string = "u8j2q1d9"
|
||||
testingECRRegion string = "us-east-2"
|
||||
prBranch string = "" // "fred/multiarch-teleport-actual-container-images"
|
||||
|
|
Loading…
Reference in a new issue