Skip to content
This repository has been archived by the owner on Sep 30, 2024. It is now read-only.

executors: Add support for private docker registries #45488

Merged
merged 20 commits into from
Dec 15, 2022
Merged

executors: Add support for private docker registries #45488

merged 20 commits into from
Dec 15, 2022

Conversation

eseliger
Copy link
Member

@eseliger eseliger commented Dec 9, 2022
edited
Loading

This PR adds support for private registries to executors, so for code intel auto-indexing and server-side batch changes.
It does so by introducing a new environment variable and a magic secret DOCKER_AUTH_CONFIG that can be set to authenticate to a protected docker registry. See the inline docs change for how this works exactly. I've also added storybooks coverage for the new components, so make sure to check out the UI review check.

There are two pending TODOs left but they shouldn't affect the code much so opening up for review now to get eyes on this!

Pending TODOs:

  • I need to roll this out to a dogfood cluster and test in firecracker (not on Mac 🙃)

Sister PRs:

Closes https://github.com/sourcegraph/sourcegraph/issues/40479

Test plan

Verified all documented variants work locally and will test before merge on a dogfood instance to verify firecracker works as well.

@cla-bot cla-bot bot added the cla-signed label Dec 9, 2022
@eseliger eseliger force-pushed the es/private-registries branch 2 times, most recently from aea60c8 to 144f885 Compare December 12, 2022 22:49
@sg-e2e-regression-test-bob
Copy link

sg-e2e-regression-test-bob commented Dec 12, 2022
edited
Loading

Bundle size report 📦

Initial size Total size Async size Modules
0.07% (+1.96 kb) 0.02% (+3.02 kb) 0.01% (+1.06 kb) 0.00% (0)

Look at the Statoscope report for a full comparison between the commits 35e171e and 8c996a7 or learn more.

Open explanation
  • Initial size is the size of the initial bundle (the one that is loaded when you open the page)
  • Total size is the size of the initial bundle + all the async loaded chunks
  • Async size is the size of all the async loaded chunks
  • Modules is the number of modules in the initial bundle

@evict evict requested a review from a team December 13, 2022 08:21
@eseliger eseliger marked this pull request as ready for review December 14, 2022 00:53
@sourcegraph-bot
Copy link
Contributor

sourcegraph-bot commented Dec 14, 2022
edited
Loading

Codenotify: Notifying subscribers in CODENOTIFY files for diff 8c996a7...35e171e.

Notify File(s)
@courier-new client/web/src/enterprise/batches/list/BatchChangesChangelogAlert.tsx
@efritz client/web/src/enterprise/executors/secrets/AddSecretModal.story.tsx
client/web/src/enterprise/executors/secrets/AddSecretModal.tsx
client/web/src/enterprise/executors/secrets/ExecutorSecretNode.tsx
client/web/src/enterprise/executors/secrets/ExecutorSecretsListPage.story.tsx
client/web/src/enterprise/executors/secrets/UpdateSecretModal.story.tsx
client/web/src/enterprise/executors/secrets/UpdateSecretModal.tsx
enterprise/cmd/executor/internal/command/docker.go
enterprise/cmd/executor/internal/command/docker_test.go
enterprise/cmd/executor/internal/command/firecracker.go
enterprise/cmd/executor/internal/command/firecracker_test.go
enterprise/cmd/executor/internal/command/runner.go
enterprise/cmd/executor/internal/config/config.go
enterprise/cmd/executor/internal/run/testvm.go
enterprise/cmd/executor/internal/run/util.go
enterprise/cmd/executor/internal/worker/handler.go
enterprise/cmd/executor/internal/worker/worker.go
enterprise/cmd/frontend/internal/executorqueue/queues/batches/transform.go
enterprise/cmd/frontend/internal/executorqueue/queues/batches/transform_test.go
enterprise/cmd/frontend/internal/executorqueue/queues/codeintel/queue.go
enterprise/cmd/frontend/internal/executorqueue/queues/codeintel/transform.go
enterprise/cmd/frontend/internal/executorqueue/queues/codeintel/transform_test.go
enterprise/internal/executor/client_types.go
enterprise/internal/executor/client_types_test.go
@sourcegraph/delivery doc/admin/deploy_executors.md

@eseliger eseliger requested review from Strum355, Piszmog, efritz, evict and a team December 14, 2022 01:05
evict
evict approved these changes Dec 14, 2022
View reviewed changes
cmd/frontend/graphqlbackend/executor_secrets.go Outdated Show resolved Hide resolved
@eseliger
executors: Add support for private docker registries
f0b2526 
TODOs:

- Documentation
- Make env var take precedence, potentially could merge env and secret
- Code intel secrets
- Test firecracker
- Generalize appending the secret, not do it in the batches transformer
- Add support in src-cli exec mode for this env var (only native execution is working right now)
@eseliger
Fixups
563e710
@eseliger
Add to CHANGELOG
813282c
@eseliger
Add changelog entry
61a415b
@eseliger
Add docs links
13b853c
@eseliger
Storybook coverage
2275e0b
@eseliger
Add doc string
4544dc9
@eseliger
Add tests
7ac8504
@eseliger
Add tests
1c4ba8f
@eseliger
Fixup flake
c6a4777
@eseliger
Fixups
a29fc93
@eseliger
Fixup comment
76e74aa
@eseliger
Fixups
a91e32c
@eseliger
Fixup some tests
14203f0
@eseliger
Fixup
786a877
@eseliger eseliger enabled auto-merge (squash) December 15, 2022 23:52
@eseliger eseliger merged commit 99c92f8 into main Dec 15, 2022
@eseliger eseliger deleted the es/private-registries branch December 15, 2022 23:52
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@evict evict evict approved these changes

@BolajiOlajide BolajiOlajide BolajiOlajide approved these changes

@Piszmog Piszmog Piszmog approved these changes

@Strum355 Strum355 Awaiting requested review from Strum355

@efritz efritz Awaiting requested review from efritz

Assignees
No one assigned
Labels
cla-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Pull containers from private registry
6 participants
@eseliger @sg-e2e-regression-test-bob @sourcegraph-bot @evict @BolajiOlajide @Piszmog