diff --git a/image-sync/deployment/Makefile b/image-sync/deployment/Makefile index 169185e91..e49d7b911 100644 --- a/image-sync/deployment/Makefile +++ b/image-sync/deployment/Makefile @@ -14,25 +14,6 @@ deploy-shared: --set serviceAccountName=image-sync \ --set azureClientId=$${AZURE_SYNC_MI_CLIENT_ID} -# deploy-component-sync: -# AZURE_SYNC_MI_CLIENT_ID=$(shell az identity show \ -# -g ${RESOURCEGROUP} \ -# -n image-sync \ -# --query clientId) && \ -# TENANT_ID=$(shell az account show --query tenantId --output tsv) && \ -# helm upgrade --force --install component-sync-cronjob ./componentSyncCronjob \ -# --namespace ${NAMESPACE} --create-namespace \ -# --set serviceAccountName=image-sync \ -# --set azureClientId=$${AZURE_SYNC_MI_CLIENT_ID} \ -# --set acrRegistryName=${ARO_HCP_IMAGE_ACR} \ -# --set azureTenantId=$${TENANT_ID} \ -# --set componentSyncImage="arohcpdev.azurecr.io/image-sync/component-sync" \ -# --set componentSyncTag=latest \ -# --set credsBearerSecret=bearer-secret \ -# --set credsPullSecret=component-pull-secret \ -# --set credsKeyVaultName=service-kv-aro-hcp-dev \ -# --set repositories=${REPOSITORIES_TO_SYNC} - deploy-oc-mirror: AZURE_SYNC_MI_CLIENT_ID=$(shell az identity show \ -g ${RESOURCEGROUP} \ @@ -55,13 +36,10 @@ deploy: deploy-shared deploy-component-sync deploy-oc-mirror undeploy-shared: helm uninstall shared-resources --namespace ${NAMESPACE} -undeploy-component-sync: - helm uninstall component-sync-cronjob --namespace ${NAMESPACE} - undeploy-oc-mirror: helm uninstall oc-mirror-cronjob --namespace ${NAMESPACE} -undeploy: undeploy-shared undeploy-component-sync undeploy-oc-mirror +undeploy: undeploy-shared undeploy-oc-mirror deploy-component-sync: az deployment group create --name comp-sync \ @@ -70,4 +48,4 @@ deploy-component-sync: --parameters componentSync/mvp-component-sync.bicepparam \ --parameters containerImage="arohcpdev.azurecr.io/image-sync/component-sync:latest" -.PHONY: deploy-component-sync deploy-shared deploy-oc-mirror undeploy-shared undeploy-component-sync undeploy-oc-mirror +.PHONY: deploy-component-sync deploy-shared deploy-oc-mirror undeploy-shared undeploy-oc-mirror diff --git a/image-sync/deployment/componentSync/component-sync.bicep b/image-sync/deployment/componentSync/component-sync.bicep index b51a3f026..5a2fd15b5 100644 --- a/image-sync/deployment/componentSync/component-sync.bicep +++ b/image-sync/deployment/componentSync/component-sync.bicep @@ -45,7 +45,11 @@ resource symbolicname 'Microsoft.App/jobs@2024-03-01' = { environmentId: containerAppEnvironment.id configuration: { eventTriggerConfig: {} - triggerType: 'Manual' + triggerType: 'Schedule' + scheduleTriggerConfig: { + cronExpression: '*/5 * * * *' + parallelism: 1 + } replicaTimeout: 60 * 60 registries: [ { diff --git a/image-sync/deployment/componentSyncCronjob/Chart.yaml b/image-sync/deployment/componentSyncCronjob/Chart.yaml deleted file mode 100644 index c3139197b..000000000 --- a/image-sync/deployment/componentSyncCronjob/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: component-sync-cronjob -description: A Helm chart to deploy the component sync cronjob -type: application - -version: 0.1.0 -# appVersion: "" diff --git a/image-sync/deployment/componentSyncCronjob/templates/configmap.yaml b/image-sync/deployment/componentSyncCronjob/templates/configmap.yaml deleted file mode 100644 index 468402ecb..000000000 --- a/image-sync/deployment/componentSyncCronjob/templates/configmap.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: component-sync-config - namespace: {{.Release.Namespace}} -data: - sync.yml: | - repositories: - {{- range .Values.repositories }} - - {{ . }} - {{- end }} - numberOfTags: 10 - quaySecretfile: /etc/containers/quayio-auth.json - acrRegistry: {{ .Values.acrRegistryName }}.azurecr.io - tenantId: {{ .Values.azureTenantId }} diff --git a/image-sync/deployment/componentSyncCronjob/templates/cronjobs.yaml b/image-sync/deployment/componentSyncCronjob/templates/cronjobs.yaml deleted file mode 100644 index fb6ac922d..000000000 --- a/image-sync/deployment/componentSyncCronjob/templates/cronjobs.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - labels: - run: component-sync - name: component-sync - namespace: {{.Release.Namespace}} -spec: - schedule: "*/5 * * * *" - jobTemplate: - spec: - template: - metadata: - labels: - run: component-sync - azure.workload.identity/use: "true" - spec: - initContainers: - - name: login - image: mcr.microsoft.com/azure-cli:cbl-mariner2.0 - command: ['sh', '-c', - "az login --federated-token $(cat $AZURE_FEDERATED_TOKEN_FILE) --service-principal -u $AZURE_CLIENT_ID -t $AZURE_TENANT_ID; accessToken=$(az acr login --name {{ .Values.acrRegistryName }} --expose-token | grep accessToken |cut -d ':' -f2| tr -d ' \",') ; cat /tmp/secret-orig/pull-secret | base64 -d |sed \"s/TOKENTOBEREPLACED/$accessToken/\" > /etc/containers/auth.json; cat /tmp/secret-orig/bearer-secret | base64 -d > /etc/containers/quayio-auth.json", - ] - volumeMounts: - - name: pull-secrets-updated - mountPath: "/etc/containers" - - name: pull-secret - mountPath: "/tmp/secret-orig" - containers: - - image: "{{ .Values.componentSyncImage }}:{{ .Values.componentSyncTag }}" - name: component-sync - args: ["-c", "/etc/component-sync/sync.yml"] - env: - - name: XDG_RUNTIME_DIR - value: /etc/ - volumeMounts: - - name: component-sync-config - mountPath: "/etc/component-sync" - readOnly: true - - name: pull-secrets-updated - mountPath: "/etc/containers" - readOnly: true - - name: workspace - mountPath: "/workspace" - volumes: - - name: component-sync-config - configMap: - name: component-sync-config - - name: workspace - emptyDir: {} - - name: pull-secrets-updated - emptyDir: {} - - name: pull-secret - csi: - driver: secrets-store.csi.k8s.io - readOnly: true - volumeAttributes: - secretProviderClass: "component-sync-pullsecret" - restartPolicy: Never - serviceAccountName: {{.Values.serviceAccountName}} diff --git a/image-sync/deployment/componentSyncCronjob/templates/secretproviderclass.yaml b/image-sync/deployment/componentSyncCronjob/templates/secretproviderclass.yaml deleted file mode 100755 index 9b0ba940b..000000000 --- a/image-sync/deployment/componentSyncCronjob/templates/secretproviderclass.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: secrets-store.csi.x-k8s.io/v1 -kind: SecretProviderClass -metadata: - name: component-sync-pullsecret - namespace: {{.Release.Namespace}} -spec: - parameters: - clientID: {{.Values.azureClientId}} - cloudName: AzurePublicCloud - keyvaultName: {{.Values.credsKeyVaultName}} - objects: |- - array: - - | - objectName: {{ .Values.credsPullSecret }} - objectAlias: pull-secret - objectType: secret - - | - objectName: {{ .Values.credsBearerSecret }} - objectAlias: bearer-secret - objectType: secret - tenantId: {{.Values.azureTenantId}} - usePodIdentity: "false" - provider: azure diff --git a/image-sync/deployment/componentSyncCronjob/values.yaml b/image-sync/deployment/componentSyncCronjob/values.yaml deleted file mode 100644 index b161e85f5..000000000 --- a/image-sync/deployment/componentSyncCronjob/values.yaml +++ /dev/null @@ -1,15 +0,0 @@ -acrRegistryName: "" - -azureClientId: "" -azureTenantId: "" - -componentSyncImage: "" -componentSyncTag: "" - -credsBearerSecret: "" -credsKeyVaultName: "" -credsPullSecret: "" - -serviceAccountName: "" - -repositories: []