Refactor copy packages command to support regional ECR

aws · Sep 29, 2023 · 9c00867 · 9c00867
1 parent c6ff83b
commit 9c00867
Show file tree

Hide file tree

Showing 9 changed files with 332 additions and 169 deletions.
diff --git a/cmd/eksctl-anywhere/cmd/copypackages.go b/cmd/eksctl-anywhere/cmd/copypackages.go
diff --git a/cmd/eksctl-anywhere/cmd/copypackages_test.go b/cmd/eksctl-anywhere/cmd/copypackages_test.go
@@ -0,0 +1,63 @@
+package cmd
+
+import (
+	"net/http"
+	"testing"
+
+	"oras.land/oras-go/v2/registry/remote"
+	"oras.land/oras-go/v2/registry/remote/auth"
+)
+
+func TestGetTagsFromChartValues(t *testing.T) {
+	res := make(map[string]string)
+	chartValues := map[string]any{
+		"controller1": map[string]any{
+			"tag":    "testtag1",
+			"digest": "testdiget1",
+		},
+		"controller2": map[string]any{
+			"tag":    "testtag2",
+			"digest": "testdiget2",
+			"controller3": map[string]any{
+				"tag":    "testtag3",
+				"digest": "testdiget3",
+			},
+		},
+	}
+	err := getTagsFromChartValues(chartValues, res)
+	if err != nil {
+		t.Error(err)
+	}
+	if res["testdiget1"] != "testtag1" {
+		t.Errorf("Expected tag has not be found")
+	}
+	if res["testdiget2"] != "testtag2" {
+		t.Errorf("Expected tag has not be found")
+	}
+	if res["testdiget3"] != "testtag3" {
+		t.Errorf("Expected tag has not be found")
+	}
+}
+
+func TestGetPackageBundleTag(t *testing.T) {
+	tag := getPackageBundleTag("1.27")
+	if tag != "v1-27-latest" {
+		t.Errorf("Expected tag v1-27-latest, got %s", tag)
+	}
+}
+
+func TestSetupDstRepo(t *testing.T) {
+	dst, err := remote.NewRepository("localhost:5000/hello-world")
+	if err != nil {
+		t.Error(err)
+	}
+	cpc := &copyPackagesConfig{dstPlainHTTP: true, dstInsecure: true}
+	setUpDstRepo(dst, cpc)
+	if dst.PlainHTTP != true {
+		t.Errorf("Expect PlainHTTP to be true")
+	}
+
+	if dst.Client.(*auth.Client).Client.Transport.(*http.Transport).TLSClientConfig.InsecureSkipVerify != true {
+		t.Errorf("Expect InsecureSkipVerify to be true")
+	}
+}
diff --git a/docs/content/en/docs/getting-started/airgapped/airgap-packages.md b/docs/content/en/docs/getting-started/airgapped/airgap-packages.md
@@ -0,0 +1,17 @@
+---
+toc_hide: true
+---
+
+If your EKSA cluster is running in an airgapped environment and you set up a local registry mirror, you can copy curated packages from Amazon ECR to your local registry mirror with the following command. 
+
+The `$REGISTRY_MIRROR_URL` value must have the same endpoint and port as of the values defined in `registryMirrorConfiguration` of your EKS Anywhere cluster specification. And `$KUBEVERSION` must equals to the `spec.kubernetesVersion` of your EKS Anywhere cluster specification.
+
+The `copy packages` command uses the credentials in your docker config file. So you must `docker login` the source registries and the destination registry before running the command.
+
+```bash
+eksctl anywhere copy packages \
+  ${REGISTRY_MIRROR_URL}
+  --kube-version $KUBEVERSION \
+  --src-chart-registry public.ecr.aws/eks-anywhere \
+  --src-image-registry 783794618700.dkr.ecr.us-west-2.amazonaws.com
+```
diff --git a/docs/content/en/docs/getting-started/airgapped/airgap-steps.md b/docs/content/en/docs/getting-started/airgapped/airgap-steps.md
@@ -31,14 +31,18 @@ toc_hide: true
 
    <details>
       <summary>Expand for curated packages instructions</summary>
-   If you are running in an airgapped environment and you set up a local registry mirror, you can copy curated packages from Amazon ECR to your local registry mirror with the following command. 
 
-   The `$BUNDLE_RELEASE_YAML_PATH` should be set to the `eks-anywhere-downloads/bundle-release.yaml` location where you unpacked the tarball from the`eksctl anywhere download artifacts` command. The `$REGISTRY_MIRROR_CERT_PATH` and `$REGISTRY_MIRROR_URL` values must be the same as the `registryMirrorConfiguration` in your EKS Anywhere cluster specification.
-
-   ```bash
-   eksctl anywhere copy packages \
-     --bundle ${BUNDLE_RELEASE_YAML_PATH} \
-     --dst-cert ${REGISTRY_MIRROR_CERT_PATH} \
-     ${REGISTRY_MIRROR_URL}
-   ```
+      If your EKSA cluster is running in an airgapped environment and you set up a local registry mirror, you can copy curated packages from Amazon ECR to your local registry mirror with the following command. 
+
+      `$KUBEVERSION` must equals to the `spec.kubernetesVersion` of your EKS Anywhere cluster specification.
+
+      `copy packages` command uses the credentials in your docker config file. So you must `docker login` the source registries and the destination registry before running the command.
+
+      ```bash
+      eksctl anywhere copy packages \
+        ${REGISTRY_MIRROR_URL}/curated-packages \
+        --kube-version $KUBEVERSION \
+        --src-chart-registry public.ecr.aws/eks-anywhere \
+        --src-image-registry 783794618700.dkr.ecr.us-west-2.amazonaws.com
+      ```
    </details>
diff --git a/docs/content/en/docs/reference/eksctl/anywhere_copy.md b/docs/content/en/docs/reference/eksctl/anywhere_copy.md
@@ -26,5 +26,5 @@ Copy EKS Anywhere resources and artifacts
 ### SEE ALSO
 
 * [anywhere](../anywhere/)	 - Amazon EKS Anywhere
-* [anywhere copy packages](../anywhere_copy_packages/)	 - Copy curated package images and charts from a source to a destination
+* [anywhere copy packages](../anywhere_copy_packages/)	 - Copy curated package images and charts from source regisries to a destination registry
 
diff --git a/docs/content/en/docs/reference/eksctl/anywhere_copy_packages.md b/docs/content/en/docs/reference/eksctl/anywhere_copy_packages.md
@@ -5,11 +5,11 @@ linkTitle: "anywhere copy packages"
 
 ## anywhere copy packages
 
-Copy curated package images and charts from a source to a destination
+Copy curated package images and charts from source regisries to a destination registry
 
 ### Synopsis
 
-Copy all the EKS Anywhere curated package images and helm charts from a source to a destination.
+Copy all the EKS Anywhere curated package images and helm charts from source registries to a destination registry. Registry credentials are fetched from docker config.
 
 ```
 anywhere copy packages <destination-registry> [flags]
@@ -18,13 +18,13 @@ anywhere copy packages <destination-registry> [flags]
 ### Options
 
 ```
-      --aws-region string   Region to copy images from
-  -b, --bundle string       EKS-A bundle file to read artifact dependencies from
-      --dry-run             Dry run copy to print images that would be copied
-      --dst-cert string     TLS certificate for destination registry
-  -h, --help                help for packages
-      --insecure            Skip TLS verification while copying images and charts
-      --src-cert string     TLS certificate for source registry
+      --dry-run                     Dry run will not really copy the artifacts, but shows what artifacts would be copied
+      --dst-insecure                Skip TLS verification against the destination registry
+      --dst-plain-http              Whether to use plain http for destination registry
+  -h, --help                        help for packages
+      --kube-version string         The kube version of the package bundle to copy
+      --src-chart-registry string   The source registry that stores helm charts
+      --src-image-registry string   The source registry that stores container images
 ```
 
 ### Options inherited from parent commands

diff --git a/docs/themes/docsy b/docs/themes/docsy
diff --git a/go.mod b/go.mod
@@ -50,6 +50,7 @@ require (
 	gopkg.in/square/go-jose.v2 v2.6.0
 	gopkg.in/yaml.v2 v2.4.0
 	gopkg.in/yaml.v3 v3.0.1
+	helm.sh/helm/v3 v3.11.3
 	k8s.io/api v0.26.2
 	k8s.io/apimachinery v0.26.2
 	k8s.io/apiserver v0.26.2
@@ -67,6 +68,8 @@ require (
 	sigs.k8s.io/yaml v1.3.0
 )
 
+require github.com/Masterminds/semver/v3 v3.2.0 // indirect
+
 require (
 	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect