[Fix] Assign imagePullSecrets to LocalStorage (#921)

Co-authored-by: Adam Janikowski <12255597+ajanikow@users.noreply.github.com>

CHANGELOG.md

@@ -4,6 +4,7 @@
 - (Feature) Improve Kubernetes clientsets management
 - Migrate storage-operator CustomResourceDefinition apiVersion to apiextensions.k8s.io/v1
 - (Feature) Add CRD Installer
+- (Bugfix) Assign imagePullSecrets to LocalStorage
 
 ## [1.2.8](https://github.com/arangodb/kube-arangodb/tree/1.2.8) (2022-02-24)
 - Do not check License V2 on Community images

pkg/storage/daemon_set.go

@@ -93,7 +93,8 @@ func (ls *LocalStorage) ensureDaemonSet(apiObject *api.ArangoLocalStorage) error
 				Containers: []core.Container{
 					c,
 				},
-				NodeSelector: apiObject.Spec.NodeSelector,
+				NodeSelector:     apiObject.Spec.NodeSelector,
+				ImagePullSecrets: ls.imagePullSecrets,
 			},
 		},
 	}

pkg/storage/daemon_set_test.go

@@ -0,0 +1,85 @@
+//
+// DISCLAIMER
+//
+// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Copyright holder is ArangoDB GmbH, Cologne, Germany
+//
+
+package storage
+
+import (
+	"context"
+	"testing"
+
+	api "github.com/arangodb/kube-arangodb/pkg/apis/storage/v1alpha"
+	"github.com/arangodb/kube-arangodb/pkg/util/kclient"
+
+	"github.com/stretchr/testify/require"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// TestEnsureDaemonSet tests ensureDaemonSet() method
+func TestEnsureDaemonSet(t *testing.T) {
+	testNamespace := "testNs"
+	testLsName := "testDsName"
+
+	testPodName := "testPodName"
+	testImage := "test-image"
+
+	testPullSecrets := []v1.LocalObjectReference{
+		{
+			Name: "custom-docker",
+		},
+	}
+
+	ls := &LocalStorage{
+		apiObject: &api.ArangoLocalStorage{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      testLsName,
+				Namespace: testNamespace,
+			},
+			Spec: api.LocalStorageSpec{},
+		},
+		deps: Dependencies{
+			Client: kclient.NewFakeClient(),
+		},
+		config: Config{
+			Namespace: testNamespace,
+			PodName:   testPodName,
+		},
+		image:            testImage,
+		imagePullSecrets: testPullSecrets,
+		imagePullPolicy:  v1.PullAlways,
+	}
+
+	err := ls.ensureDaemonSet(ls.apiObject)
+	require.NoError(t, err)
+
+	// verify if DaemonSet has been created with correct values
+	ds, err := ls.deps.Client.Kubernetes().AppsV1().DaemonSets(testNamespace).Get(context.Background(), testLsName, metav1.GetOptions{})
+	require.NoError(t, err)
+
+	pod := ds.Spec.Template.Spec
+
+	require.Equal(t, ds.GetName(), testLsName)
+	require.Equal(t, pod.ImagePullSecrets, testPullSecrets)
+	require.Equal(t, len(pod.Containers), 1)
+
+	c := pod.Containers[0]
+	require.Equal(t, c.Image, testImage)
+	require.Equal(t, c.ImagePullPolicy, v1.PullAlways)
+}

pkg/storage/image.go

@@ -29,16 +29,17 @@ import (
 )
 
 // getMyImage fetched the docker image from my own pod
-func (l *LocalStorage) getMyImage() (string, v1.PullPolicy, error) {
+func (l *LocalStorage) getMyImage() (string, v1.PullPolicy, []v1.LocalObjectReference, error) {
 	log := l.deps.Log
 	ns := l.config.Namespace
 
 	p, err := l.deps.Client.Kubernetes().CoreV1().Pods(ns).Get(context.Background(), l.config.PodName, metav1.GetOptions{})
 	if err != nil {
 		log.Debug().Err(err).Str("pod-name", l.config.PodName).Msg("Failed to get my own pod")
-		return "", "", errors.WithStack(err)
+		return "", "", nil, errors.WithStack(err)
 	}
 
 	c := p.Spec.Containers[0]
-	return c.Image, c.ImagePullPolicy, nil
+
+	return c.Image, c.ImagePullPolicy, p.Spec.ImagePullSecrets, nil
 }

pkg/storage/image_test.go

@@ -0,0 +1,82 @@
+//
+// DISCLAIMER
+//
+// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Copyright holder is ArangoDB GmbH, Cologne, Germany
+//
+
+package storage
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"github.com/arangodb/kube-arangodb/pkg/util/kclient"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// TestGetMyImage tests getMyImage() method
+func TestGetMyImage(t *testing.T) {
+	testNamespace := "testNs"
+	testPodName := "testPodname"
+	testImage := "test-image"
+	testPullSecrets := []v1.LocalObjectReference{
+		{
+			Name: "custom-docker",
+		},
+	}
+
+	pod := v1.Pod{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      testPodName,
+			Namespace: testNamespace,
+		},
+		Spec: v1.PodSpec{
+			Containers: []v1.Container{
+				{
+					Name:            "test",
+					Image:           testImage,
+					ImagePullPolicy: v1.PullAlways,
+				},
+			},
+			ImagePullSecrets: testPullSecrets,
+		},
+	}
+
+	ls := &LocalStorage{
+		deps: Dependencies{
+			Client: kclient.NewFakeClient(),
+		},
+		config: Config{
+			Namespace: testNamespace,
+			PodName:   testPodName,
+		},
+	}
+
+	// prepare mock
+	if _, err := ls.deps.Client.Kubernetes().CoreV1().Pods(testNamespace).Create(context.Background(), &pod, metav1.CreateOptions{}); err != nil {
+		require.NoError(t, err)
+	}
+
+	image, pullPolicy, pullSecrets, err := ls.getMyImage()
+	require.NoError(t, err)
+	require.Equal(t, image, testImage)
+	require.Equal(t, pullPolicy, v1.PullAlways)
+	require.Equal(t, pullSecrets, testPullSecrets)
+}

pkg/storage/local_storage.go

@@ -90,10 +90,12 @@ type LocalStorage struct {
 	stopCh  chan struct{}
 	stopped int32
 
-	image           string
+	image            string
-	imagePullPolicy v1.PullPolicy
+	imagePullPolicy  v1.PullPolicy
-	inspectTrigger  trigger.Trigger
+	imagePullSecrets []v1.LocalObjectReference
-	pvCleaner       *pvCleaner
+
+	inspectTrigger trigger.Trigger
+	pvCleaner      *pvCleaner
 }
 
 // New creates a new LocalStorage from the given API object.
@@ -160,13 +162,14 @@ func (ls *LocalStorage) run() {
 	//log := ls.deps.Log
 
 	// Find out my image
-	image, pullPolicy, err := ls.getMyImage()
+	image, pullPolicy, pullSecrets, err := ls.getMyImage()
 	if err != nil {
 		ls.failOnError(err, "Failed to get my own image")
 		return
 	}
 	ls.image = image
 	ls.imagePullPolicy = pullPolicy
+	ls.imagePullSecrets = pullSecrets
 
 	// Set state
 	if ls.status.State == api.LocalStorageStateNone {