From 489f256b7a894ce691cd0ab808e02598130f0f2f Mon Sep 17 00:00:00 2001 From: Srini Nangunuri Date: Wed, 9 Apr 2025 18:08:06 -0400 Subject: [PATCH 1/2] Pointing ecr images to eecr --- copy_images.tf | 15 +++++++++++---- variables.tf | 14 ++++++++++++++ 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/copy_images.tf b/copy_images.tf index b26ad1f..4e988e5 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -8,8 +8,8 @@ locals { enabled = true dest_path = null name = "istio-tools/kiali-operator" - source_image = "kiali/kiali-operator" - source_registry = "quay.io" + source_image = "ironbank/opensource/kiali/kiali-operator" + source_registry = var.source_registry source_tag = var.kiali_application_version tag = var.kiali_application_version }, @@ -17,8 +17,8 @@ locals { enabled = true dest_path = null name = "istio-tools/kiali" - source_image = "kiali/kiali" - source_registry = "quay.io" + source_image = "ironbank/opensource/kiali/kiali" + source_registry = var.source_registry source_tag = var.kiali_application_version tag = var.kiali_application_version }, @@ -33,7 +33,14 @@ module "images" { image_config = local.image_config tags = {} + source_username = data.aws_ecr_authorization_token.token.user_name + source_password = data.aws_ecr_authorization_token.token.password + enable_lifecycle_policy = true lifecycle_policy_all = true force_delete = true } + +data "aws_ecr_authorization_token" "token" { + registry_id = var.registry_id +} diff --git a/variables.tf b/variables.tf index 2af2040..96032f8 100644 --- a/variables.tf +++ b/variables.tf @@ -65,6 +65,20 @@ variable "kiali_operator_version" { default = "1.73.0" } +#source registry (enterpriser ecr account) where source image is being copied into target account +variable "source_registry" { + description = "source of the image or enterprise ECR account" + type = string + default = "269222635945.dkr.ecr.us-gov-east-1.amazonaws.com/ent-images" +} + +#source registry (enterpriser ecr account) +variable "registry_id" { + description = "source of the image or enterprise ECR account" + type = string + default = "269222635945" +} + # See the [APP VERSION] found while determining kiali_operator_version # helm show values kiali/kiali-operator | grep tag: variable "kiali_application_version" { From 287f1243f30c90e3f141764fc1d37d6dd994564f Mon Sep 17 00:00:00 2001 From: Srini Nangunuri Date: Mon, 14 Apr 2025 17:59:41 -0400 Subject: [PATCH 2/2] fixed ecr images issues --- copy_images.tf | 29 +++++++++++++++++++---------- variables.tf | 26 ++++++++++++-------------- 2 files changed, 31 insertions(+), 24 deletions(-) diff --git a/copy_images.tf b/copy_images.tf index 4e988e5..d6e0405 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -1,6 +1,7 @@ locals { kiali_operator_key = format("%v#%v", "istio-tools/kiali-operator", var.kiali_application_version) kiali_server_key = format("%v#%v", "istio-tools/kiali", var.kiali_application_version) + ent_ecr_source = format("%v.%v.%v.%v", var.account_id, "dkr.ecr", var.region, "amazonaws.com/ent-images") image_config = [ ## Images for Kiali @@ -8,8 +9,8 @@ locals { enabled = true dest_path = null name = "istio-tools/kiali-operator" - source_image = "ironbank/opensource/kiali/kiali-operator" - source_registry = var.source_registry + source_image = "opensource/kiali/kiali-operator" + source_registry = format("%v/%v", local.ent_ecr_source, "ironbank") source_tag = var.kiali_application_version tag = var.kiali_application_version }, @@ -17,8 +18,8 @@ locals { enabled = true dest_path = null name = "istio-tools/kiali" - source_image = "ironbank/opensource/kiali/kiali" - source_registry = var.source_registry + source_image = "opensource/kiali/kiali" + source_registry = format("%v/%v", local.ent_ecr_source, "ironbank") source_tag = var.kiali_application_version tag = var.kiali_application_version }, @@ -33,14 +34,22 @@ module "images" { image_config = local.image_config tags = {} - source_username = data.aws_ecr_authorization_token.token.user_name - source_password = data.aws_ecr_authorization_token.token.password + enable_lifecycle_policy = true + lifecycle_policy_all = true + force_delete = true + lifecycle_policy_keep_count = 5 - enable_lifecycle_policy = true - lifecycle_policy_all = true - force_delete = true + source_username = data.aws_ecr_authorization_token.ecr_token.user_name + source_password = data.aws_ecr_authorization_token.ecr_token.password + + destination_username = data.aws_ecr_authorization_token.token.user_name + destination_password = data.aws_ecr_authorization_token.token.password +} + +data "aws_ecr_authorization_token" "ecr_token" { + registry_id = var.account_id } data "aws_ecr_authorization_token" "token" { - registry_id = var.registry_id + registry_id = var.account_id } diff --git a/variables.tf b/variables.tf index 96032f8..56ace1e 100644 --- a/variables.tf +++ b/variables.tf @@ -65,20 +65,6 @@ variable "kiali_operator_version" { default = "1.73.0" } -#source registry (enterpriser ecr account) where source image is being copied into target account -variable "source_registry" { - description = "source of the image or enterprise ECR account" - type = string - default = "269222635945.dkr.ecr.us-gov-east-1.amazonaws.com/ent-images" -} - -#source registry (enterpriser ecr account) -variable "registry_id" { - description = "source of the image or enterprise ECR account" - type = string - default = "269222635945" -} - # See the [APP VERSION] found while determining kiali_operator_version # helm show values kiali/kiali-operator | grep tag: variable "kiali_application_version" { @@ -92,3 +78,15 @@ variable "service_name" { type = string default = "kiali" } + +variable "account_id" { + description = "aws account number" + type = string + default = "" +} + +variable "region" { + description = "region name" + type = string + default = "us-gov-east-1" +}