Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use embedded Flux manifests for air-gapped bootstrap #664

Merged
merged 3 commits into from
Apr 16, 2024
Merged

Use embedded Flux manifests for air-gapped bootstrap #664

merged 3 commits into from
Apr 16, 2024

Conversation

stefanprodan
Copy link
Member

@stefanprodan stefanprodan commented Apr 16, 2024
edited
Loading

This PR allows running bootstrap in air-gapped environments by embedding the Flux manifests in the provider binary.

Description

With embedded_manifests enabled and registry set to an private container registry where the Flux images are copied, users can run bootstrap on air-gapped environments where access to GitHub is denied.

Tip

All users should enable embedded_manifests instead of setting version, this not only reduces the network traffic but also ensures that the Flux deployment matches the provider version.

Motivation and Context

The implementation in #503 has many flaws, the major problem is that customisations no longer work and users have to download the manifest files by hand before running bootstrap.

Fix: #590
Fix: #634

How has this been tested?

  • Have you added an acceptance test for the functionality being added?
  • Have you run the acceptance tests on this branch?

Manually tested with github.com dropped in firewall.

resource "flux_bootstrap_git" "this" {
  path = "clusters/air-gapped"
  embedded_manifests = true
  registry = "docker.io/fluxcd"
}

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Documentation

  • I have updated the documentation (if required) with make docs

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I've read the CONTRIBUTION guide
  • I have signed-off my commits with git commit -s

@stefanprodan stefanprodan added the enhancement New feature or request label Apr 16, 2024
@stefanprodan
Embed Flux manifests in the provider binary
b062479 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
@stefanprodan
Add embedded_manifests attribute
d486be6 
Deprecate `manifests_path` for air-gapped clusters in favour of `embedded_manifests`

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
@stefanprodan
Add test for embedded_manifests
7d9f8f0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
@stefanprodan stefanprodan added this to the Release v1.3.0 milestone Apr 16, 2024
@stefanprodan stefanprodan marked this pull request as ready for review April 16, 2024 11:18
@stefanprodan stefanprodan mentioned this pull request Apr 16, 2024
Closed
59 tasks
@swade1987
Copy link
Member

This whole section should be in the documentation that gets rendered on the Terraform registry.

With embedded_manifests enabled and registry set to an private container registry where the Flux images are copied, users can run bootstrap on air-gapped environments where access to GitHub is denied.

Tip
All users should enable embedded_manifests instead of setting version, this not only reduces the network traffic but also ensures that the Flux deployment matches the provider version.

@stefanprodan
Copy link
Member Author

This whole section should be in the documentation that gets rendered on the Terraform registry.

Which one is that, haven't you deleted all guides? Better to have this here https://fluxcd.io/flux/installation/configuration/air-gapped/

This was referenced Apr 16, 2024
Closed
Merged
@stefanprodan stefanprodan merged commit 990e3dd into main Apr 16, 2024
11 checks passed
@stefanprodan stefanprodan deleted the embed-manifests branch April 16, 2024 13:01
@sonalita sonalita mentioned this pull request Aug 11, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@swade1987 swade1987 swade1987 left review comments

@souleb souleb souleb approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
Release v1.3.0
3 participants
@stefanprodan @swade1987 @souleb