From 2817575f82548f66f001e38f3a963f1254b3ca66 Mon Sep 17 00:00:00 2001 From: JuHyung-Son Date: Fri, 1 Dec 2023 23:53:40 +0900 Subject: [PATCH 1/5] Add ImagePullSecrets to K8sGPTSpec. Signed-off-by: JuHyung-Son --- api/v1alpha1/k8sgpt_types.go | 5 +++++ api/v1alpha1/zz_generated.deepcopy.go | 20 ++++++++++++++++++++ chart/operator/templates/k8sgpt-crd.yaml | 7 +++++++ config/crd/bases/core.k8sgpt.ai_k8sgpts.yaml | 7 +++++++ 4 files changed, 39 insertions(+) diff --git a/api/v1alpha1/k8sgpt_types.go b/api/v1alpha1/k8sgpt_types.go index a32e5d73..0ce67c21 100644 --- a/api/v1alpha1/k8sgpt_types.go +++ b/api/v1alpha1/k8sgpt_types.go @@ -94,11 +94,16 @@ type Integrations struct { Trivy *Trivy `json:"trivy,omitempty"` } +type ImagePullSecrets struct { + Name string `json:"name,omitempty"` +} + // K8sGPTSpec defines the desired state of K8sGPT type K8sGPTSpec struct { Version string `json:"version,omitempty"` // +kubebuilder:default:=ghcr.io/k8sgpt-ai/k8sgpt Repository string `json:"repository,omitempty"` + ImagePullSecrets []ImagePullSecrets `json:"imagePullSecrets,omitempty"` NoCache bool `json:"noCache,omitempty"` Filters []string `json:"filters,omitempty"` ExtraOptions *ExtraOptionsRef `json:"extraOptions,omitempty"` diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index a4da0fa4..cb332441 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -145,6 +145,21 @@ func (in *GCSBackend) DeepCopy() *GCSBackend { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImagePullSecrets) DeepCopyInto(out *ImagePullSecrets) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImagePullSecrets. +func (in *ImagePullSecrets) DeepCopy() *ImagePullSecrets { + if in == nil { + return nil + } + out := new(ImagePullSecrets) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Integrations) DeepCopyInto(out *Integrations) { *out = *in @@ -227,6 +242,11 @@ func (in *K8sGPTList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *K8sGPTSpec) DeepCopyInto(out *K8sGPTSpec) { *out = *in + if in.ImagePullSecrets != nil { + in, out := &in.ImagePullSecrets, &out.ImagePullSecrets + *out = make([]ImagePullSecrets, len(*in)) + copy(*out, *in) + } if in.Filters != nil { in, out := &in.Filters, &out.Filters *out = make([]string, len(*in)) diff --git a/chart/operator/templates/k8sgpt-crd.yaml b/chart/operator/templates/k8sgpt-crd.yaml index 5346832f..673f660b 100644 --- a/chart/operator/templates/k8sgpt-crd.yaml +++ b/chart/operator/templates/k8sgpt-crd.yaml @@ -84,6 +84,13 @@ spec: items: type: string type: array + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array integrations: properties: trivy: diff --git a/config/crd/bases/core.k8sgpt.ai_k8sgpts.yaml b/config/crd/bases/core.k8sgpt.ai_k8sgpts.yaml index d4ac6eaa..3af7f828 100644 --- a/config/crd/bases/core.k8sgpt.ai_k8sgpts.yaml +++ b/config/crd/bases/core.k8sgpt.ai_k8sgpts.yaml @@ -84,6 +84,13 @@ spec: items: type: string type: array + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array integrations: properties: trivy: From 0293a98842c75f034d14ed4517984bec34870169 Mon Sep 17 00:00:00 2001 From: JuHyung-Son Date: Fri, 1 Dec 2023 23:54:05 +0900 Subject: [PATCH 2/5] Add image pull secrets to service account Signed-off-by: JuHyung-Son --- pkg/resources/k8sgpt.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkg/resources/k8sgpt.go b/pkg/resources/k8sgpt.go index fb7bbe3e..f08c5124 100644 --- a/pkg/resources/k8sgpt.go +++ b/pkg/resources/k8sgpt.go @@ -93,6 +93,13 @@ func GetServiceAccount(config v1alpha1.K8sGPT) (*corev1.ServiceAccount, error) { }, }, }, + ImagePullSecrets: []corev1.LocalObjectReference{}, + } + //Add image pull secrets to service account + for _, secret := range config.Spec.ImagePullSecrets { + serviceAccount.ImagePullSecrets = append(serviceAccount.ImagePullSecrets, corev1.LocalObjectReference{ + Name: secret.Name, + }) } return &serviceAccount, nil From c085930a91b0d2538dd52039acc373185e16b7c8 Mon Sep 17 00:00:00 2001 From: JuHyung-Son Date: Sat, 2 Dec 2023 00:05:06 +0900 Subject: [PATCH 3/5] add spec to README Signed-off-by: JuHyung-Son --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index a8916240..1bc61eb1 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,8 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 + imagePullSecrets: + - name: aws-cred #integrations: # trivy: # enabled: true @@ -113,6 +115,8 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 + imagePullSecrets: + - name: aws-cred remoteCache: credentials: name: k8sgpt-sample-cache-secret @@ -157,6 +161,8 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8gpt version: v0.3.8 + imagePullSecrets: + - name: aws-cred remoteCache: credentials: name: k8sgpt-sample-cache-secret @@ -202,6 +208,8 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8gpt version: v0.3.8 + imagePullSecrets: + - name: aws-cred EOF ``` @@ -233,6 +241,8 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8gpt version: v0.3.8 + imagePullSecrets: + - name: aws-cred EOF ``` Note: ensure that the value of `baseUrl` is a properly constructed [DNS name](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#services) for the LocalAI Service. It should take the form: `http://local-ai..svc.cluster.local:8080/v1`. From e0dea9d5015d36a2a4feaa59392121e31cadb50c Mon Sep 17 00:00:00 2001 From: JuHyung-Son Date: Thu, 21 Dec 2023 22:55:42 +0900 Subject: [PATCH 4/5] lint Signed-off-by: JuHyung-Son --- api/v1alpha1/k8sgpt_types.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/api/v1alpha1/k8sgpt_types.go b/api/v1alpha1/k8sgpt_types.go index 0ce67c21..3c4a1ba0 100644 --- a/api/v1alpha1/k8sgpt_types.go +++ b/api/v1alpha1/k8sgpt_types.go @@ -102,16 +102,16 @@ type ImagePullSecrets struct { type K8sGPTSpec struct { Version string `json:"version,omitempty"` // +kubebuilder:default:=ghcr.io/k8sgpt-ai/k8sgpt - Repository string `json:"repository,omitempty"` + Repository string `json:"repository,omitempty"` ImagePullSecrets []ImagePullSecrets `json:"imagePullSecrets,omitempty"` - NoCache bool `json:"noCache,omitempty"` - Filters []string `json:"filters,omitempty"` - ExtraOptions *ExtraOptionsRef `json:"extraOptions,omitempty"` - Sink *WebhookRef `json:"sink,omitempty"` - AI *AISpec `json:"ai,omitempty"` - RemoteCache *RemoteCacheRef `json:"remoteCache,omitempty"` - Integrations *Integrations `json:"integrations,omitempty"` - NodeSelector map[string]string `json:"nodeSelector,omitempty"` + NoCache bool `json:"noCache,omitempty"` + Filters []string `json:"filters,omitempty"` + ExtraOptions *ExtraOptionsRef `json:"extraOptions,omitempty"` + Sink *WebhookRef `json:"sink,omitempty"` + AI *AISpec `json:"ai,omitempty"` + RemoteCache *RemoteCacheRef `json:"remoteCache,omitempty"` + Integrations *Integrations `json:"integrations,omitempty"` + NodeSelector map[string]string `json:"nodeSelector,omitempty"` } const ( From 595d9729483080337263b2bdd7ff657ab3e274ad Mon Sep 17 00:00:00 2001 From: JuHyung-Son Date: Thu, 21 Dec 2023 22:55:51 +0900 Subject: [PATCH 5/5] fix readme Signed-off-by: JuHyung-Son --- README.md | 51 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 1bc61eb1..be8e15dd 100644 --- a/README.md +++ b/README.md @@ -50,8 +50,6 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 - imagePullSecrets: - - name: aws-cred #integrations: # trivy: # enabled: true @@ -115,8 +113,6 @@ spec: noCache: false repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 - imagePullSecrets: - - name: aws-cred remoteCache: credentials: name: k8sgpt-sample-cache-secret @@ -159,10 +155,8 @@ spec: name: k8sgpt-sample-secret key: openai-api-key noCache: false - repository: ghcr.io/k8sgpt-ai/k8gpt + repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 - imagePullSecrets: - - name: aws-cred remoteCache: credentials: name: k8sgpt-sample-cache-secret @@ -206,10 +200,8 @@ spec: baseUrl: https://k8sgpt.openai.azure.com/ engine: llm noCache: false - repository: ghcr.io/k8sgpt-ai/k8gpt + repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 - imagePullSecrets: - - name: aws-cred EOF ``` @@ -239,10 +231,8 @@ spec: backend: localai baseUrl: http://local-ai.local-ai.svc.cluster.local:8080/v1 noCache: false - repository: ghcr.io/k8sgpt-ai/k8gpt + repository: ghcr.io/k8sgpt-ai/k8sgpt version: v0.3.8 - imagePullSecrets: - - name: aws-cred EOF ``` Note: ensure that the value of `baseUrl` is a properly constructed [DNS name](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#services) for the LocalAI Service. It should take the form: `http://local-ai..svc.cluster.local:8080/v1`. @@ -251,10 +241,43 @@ EOF +## K8sGPT Configuration Options + +
+ +ImagePullSecrets +You can use custom k8sgpt image by modifying `repository`, `version`, `imagePullSecrets`. +`version` actually works as image tag. + +```sh +kubectl apply -f - << EOF +apiVersion: core.k8sgpt.ai/v1alpha1 +kind: K8sGPT +metadata: + name: k8sgpt-sample + namespace: k8sgpt-operator-system +spec: + ai: + enabled: true + model: gpt-3.5-turbo + backend: openai + secret: + name: k8sgpt-sample-secret + key: openai-api-key + noCache: false + repository: sample.repository/k8sgpt + version: sample-tag + imagePullSecrets: + - name: sample-secret +EOF +``` + +
+ ## Helm values For details please see [here](chart/operator/values.yaml) ## License -[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fk8sgpt-ai%2Fk8sgpt-operator.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fk8sgpt-ai%2Fk8sgpt-operator?ref=badge_large) \ No newline at end of file +[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fk8sgpt-ai%2Fk8sgpt-operator.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fk8sgpt-ai%2Fk8sgpt-operator?ref=badge_large)