Adding images for operator reg

Signed-off-by: oumkale <[email protected]>

Makefile

@@ -31,7 +31,7 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL)
 #
 # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both
 # jfrog.com/operator-bundle:$VERSION and jfrog.com/operator-catalog:$VERSION.
-IMAGE_TAG_BASE ?= docker.jfrog.io/jfrog/jfrog-registry-operator:test
+IMAGE_TAG_BASE ?= docker.jfrog.io/jfrog/jfrog-registry-operator:latest
 
 # BUNDLE_IMG defines the image:tag used for the bundle.
 # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=<some-registry>/<project-name-bundle>:<tag>)

README.md

@@ -23,7 +23,7 @@ helm repo add jfrog https://charts.jfrog.io
 helm repo update
 
 # decide on the namespace and kubernetes service account name you will want to create
-export SERVICE_ACCOUNT_NAME="<service account name>"
+export SERVICE_ACCOUNT_NAME="<service account name>" # Default name is jfrog-operator-sa"
 export ANNOTATIONS="<Role annotation for service account>" # Example: eks.amazonaws.com/role-arn: arn:aws:iam::000000000000:role/jfrog-operator-role
 export NAMESPACE="jfrog-operator"
 

build/ci/pipelines_step_setup.sh

@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+
+set -e
+
+PROJECT_ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && cd ../.. && pwd)"
+pushd "${PROJECT_ROOT_DIR}"
+
+# Use the jfdev-ci-commons as a library in the services.
+# This script downloads the jfdev-ci-commons npm package and extract the files inside it to the destination folder: build/ci/scripts/
+# The service will use the ci code locally.
+# In the service add in every step:
+# onStart:
+# - source "${res_<service>_bitbucket_resourcePath}/build/ci/pipelines_step_setup.sh"
+#
+
+
+JFDEV_CI_COMMONS_DEFAULT_VERSION="1.*"
+
+if [[ -z "${JFDEV_CI_COMMONS_VERSION}" ]]; then
+    # Download latest release version (without  milestone + dev versions) based on regex in 'JFDEV_CI_COMMONS_DEFAULT_VERSION'
+     # Command breakdown:
+     # jq -c '.[].props["npm.version"]' -> Return the value under [props][npm.version]
+     # egrep -v -e "-m" -e "-dev" -> Remove the result with -m and -dev so in this case "1.2.0-dev" and "1.8.0-m016" will be removed
+     # sort --version-sort -> Return asc sorted data for all version numeric-wise
+     # tail -1 -> Return the last output print line since its already sorted
+
+    JFDEV_CI_COMMONS_VERSION=$(jfrog rt search "npm-releases-local/jfdev-ci-commons/-/jfdev-ci-commons-${JFDEV_CI_COMMONS_DEFAULT_VERSION}.tgz" |  jq -cr '.[].props["npm.version"][]' | egrep -v -e "-m" -e "-dev"  | sort --version-sort | tail -1)
+    echo "Found JFdev ci commons latest: ${JFDEV_CI_COMMONS_VERSION} "
+    jfrog rt dl --explode  "npm-releases-local/jfdev-ci-commons/-/jfdev-ci-commons-${JFDEV_CI_COMMONS_VERSION}.tgz"
+else
+    # Download specific version user asked for in env var 'JFDEV_CI_COMMONS_VERSION' - could be release/milestone/dev
+    jfrog rt dl --explode "*/jfdev-ci-commons/-/jfdev-ci-commons-${JFDEV_CI_COMMONS_VERSION}.tgz"
+fi
+
+CI_SCRIPTS_FOLDER="${PROJECT_ROOT_DIR}/.jfrog-pipelines/build/ci/scripts"
+echo "${CI_SCRIPTS_FOLDER}"
+if [ -d "${CI_SCRIPTS_FOLDER}" ]; then
+    echo "${CI_SCRIPTS_FOLDER} exists"
+    # Directory ${CI_SCRIPTS_FOLDER} exists
+    if [ "$(ls -A ${CI_SCRIPTS_FOLDER})" ]; then
+        # Soon this folder will be removed from artifactory to jfdev-ci-commons repository.
+        # After the remove this warning will become an error
+        echo "[WARN] ${CI_SCRIPTS_FOLDER} is not empty"
+        rm -rf "${CI_SCRIPTS_FOLDER}/*"
+    fi
+fi
+
+mkdir -p "${CI_SCRIPTS_FOLDER}"; cp -Rf jfdev-ci-commons/-/package/* "${CI_SCRIPTS_FOLDER}/"
+
+source "${CI_SCRIPTS_FOLDER}/lib/pipelineStepCommons.sh"

build/ci/services.yaml

@@ -0,0 +1,34 @@
+---
+services:
+  artifactory_secrets_rotator_operator:
+    serviceShortName: jfop
+    property: jfrog.operator.version
+    group: com.jfrog.operator
+    artifact: jfrog-registry-operator
+    helmChartsNames:
+      - jfrog-registry-operator
+    goModulesNames:
+      - artifactory-secrets-rotator
+    releaseRepository:
+      helm: helm-releases-local
+      go: go-releases-local
+    orderedPaths:
+      - charts/jfrog-registry-operator
+    exclude_monorepo: true
+    jiraProjectKeys:
+      - INST
+    bitBucket:
+      projectKey: JFROG
+      repoSlug: artifactory
+    distributeArtifacts:
+      - type: helm
+        flavors:
+          - jfrog-registry-operator
+        source:
+          path: ""
+          name: <FLAVOR>-<VERSION>.tgz
+          repository: helm-releases-local
+        target:
+          path: ""
+          name: <FLAVOR>-<VERSION>.tgz
+          repository: jfrog-charts-local

build/ci/sonnarScan.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+set -e
+
+export PROJECT_ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && cd ../../.. && pwd)"
+source "${PROJECT_ROOT_DIR}/.jfrog-pipelines/build/ci/scripts/runSonarScannerGeneric.sh"
+
+SONAR_PROJECT_BASE_DIR="${SONAR_PROJECT_BASE_DIR:-}"
+
+SONAR_INCLUSIONS="${SONAR_INCLUSIONS-**/*.go}"
+SONAR_EXCLUSIONS="${SONAR_EXCLUSIONS-**/*_test.go}"
+
+function on_start() {
+    return 0
+}
+
+function on_execute() {
+    pushd "${PROJECT_ROOT_DIR}/${SONAR_PROJECT_BASE_DIR}" && ls -lsa
+    sonar_runScan
+    popd > /dev/null
+}
+
+function on_success() {
+    return 0
+}
+
+function on_complete() {
+    return 0
+}

charts/jfrog-registry-operator/CHANGELOG.md

@@ -1,8 +1,5 @@
 # JFrog Secret Rotator Operator Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [0.1.0] - Oct 25, 2023
-* First release of jfrog-registry-operator
-
-## [0.0.3] - Nov 17, 2023
-* First release of jfrog-registry-operator `0.0.3`
+## [1.0.0] - Dec 12, 2023
+* First release of jfrog-registry-operator `1.0.0`

charts/jfrog-registry-operator/Chart.yaml

@@ -3,8 +3,8 @@ kubeVersion: ">= 1.19.0-0"
 type: application
 name: jfrog-registry-operator
 home: https://jfrog.com/platform/
-version: 0.0.3
-appVersion: 0.x-SNAPSHOT
+version: 1.0.0
+appVersion: 1.x-SNAPSHOT
 dependencies:
   - name: jfrog-common
     version: 0.0.7

charts/jfrog-registry-operator/full-values.yaml

@@ -8,7 +8,7 @@ global:
 image:
   registry: releases-docker.jfrog.io
   repository: jfrog/jfrog-registry-operator
-  tag: 0.0.3
+  tag: 1.0.0
 
   pullPolicy: IfNotPresent
   # pullSecrets:

config/deploy/operator.yaml

@@ -67,7 +67,7 @@ spec:
           - ./operator
         args:
         - --leader-elect
-        image: releases-docker.jfrog.io/jfrog/jfrog-registry-operator:0.0.3
+        image: releases-docker.jfrog.io/jfrog/jfrog-registry-operator:1.0.0
         name: manager
         ports:
         - containerPort: 8080

controllers/secretrotator_controller.go

@@ -19,6 +19,7 @@ package controllers
 import (
 	jfrogv1alpha1 "artifactory-secrets-rotator/api/v1alpha1"
 	"artifactory-secrets-rotator/internal/operations"
+	"math"
 	"reflect"
 
 	corev1 "k8s.io/api/core/v1"
@@ -130,8 +131,9 @@ func WatchNsChanges(r *SecretRotatorReconciler) predicate.Predicate {
 		CreateFunc: func(e event.CreateEvent) bool {
 			if _, ok := e.Object.(*corev1.Namespace); ok {
 				secretRotators := operations.ListSecretRotatorObjects(r.Client)
+				difference := e.Object.GetCreationTimestamp().Time.Sub(time.Now())
 				for i := range secretRotators.Items {
-					if operations.IsExist(e.Object.GetLabels(), secretRotators.Items[i].Spec.NamespaceSelector.MatchLabels) {
+					if operations.IsExist(e.Object.GetLabels(), secretRotators.Items[i].Spec.NamespaceSelector.MatchLabels) && int(math.Abs(difference.Seconds())) < 20 {
 						r.Log.Info("Created new namespace with matching labels to secret rotator object, ", "Namespace name :", e.Object.GetName(), "Secret rotator name :", secretRotators.Items[i].Name)
 						if flag := operations.HandlingNamespaceEvents(r.Client, r.Log, &secretRotators.Items[i]); !flag {
 							return false

internal/resource/secret.go

@@ -123,6 +123,7 @@ func CreateOrUpdateSecret(req ctrl.Request, ctx context.Context, tokenDetails *t
 			}
 		}`, tokenDetails.ArtifactoryUrl, tokenb64)),
 	}
+	secretObj.Type = v1.SecretTypeDockerConfigJson
 
 	err = k8sClient.Update(ctx, secretObj)
 	if err != nil {