Containerized portal as it runs in prod, locally #3745
Conversation
SudoBrendan
requested review from
jewzaam,
bennerv,
hawkowl,
rogbas,
petrkotas,
jharrington22,
cblecker,
cadenmarchese,
UlrichSchlueter,
yjst2012,
jaitaiwan,
anshulvermapatel,
hlipsig,
tiguelu,
SrinivasAtmakuri,
mociarain,
AldoFusterTurpin,
kimorris27 and
tsatam
as code owners
SudoBrendan
force-pushed
the
sudobrendan/ARO-9500-runlocal-portal
branch
from
900ecfc
to
01f167f
Compare
|
/azp run ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Makefile
Outdated
| .PHONY: docker-secrets | ||
| docker-secrets: aks.kubeconfig | ||
| docker secret rm --ignore aks.kubeconfig | ||
| docker secret create aks.kubeconfig ./aks.kubeconfig | ||
|
|
||
| docker secret rm --ignore proxy-client.key | ||
| docker secret create proxy-client.key ./secrets/proxy-client.key | ||
|
|
||
| docker secret rm --ignore proxy-client.crt | ||
| docker secret create proxy-client.crt ./secrets/proxy-client.crt | ||
|
|
||
| docker secret rm --ignore proxy.crt | ||
| docker secret create proxy.crt ./secrets/proxy.crt |
There was a problem hiding this comment.
IIRC we aren't supposed to use docker command any more.
https://www.redhat.com/sysadmin/podman-kubernetes-secrets
podman also has secret command. Doesn't it work?
There was a problem hiding this comment.
We could move this to strictly say podman - it's been assumed for a while that all ARO devs are using podman-docker library to effectively alias docker=podman and not use the docker binary - podman is what I was testing with locally under the hood here.
I can update if we've decided to move away from the docker alias - but docker is ubiquitous throughout the Makefile today. If we want to do that, I think it should be done all at once and in a different PR maybe? I'd be +1 to do that because it's more clear that we're actually using podman locally - but it may have downstream impacts on pipelines.
There was a problem hiding this comment.
FWIW +1 for being explicit with podman and +1 for a separate PR to convert the lot
There was a problem hiding this comment.
If we concern downstream impacts, we can do one by one starting with this PR.
IMHO I don't like the way to do all at once because we can't identify what breaks what.
And also runlocal-portal uses podman, so we're good to use podman here as well, I guess.
There was a problem hiding this comment.
I created a follow-up PR for this (and some other things I've noticed we need) #3775
SudoBrendan
force-pushed
the
sudobrendan/ARO-9500-runlocal-portal
branch
from
01f167f
to
a26453e
Compare
|
Adding |
SudoBrendan
force-pushed
the
sudobrendan/ARO-9500-runlocal-portal
branch
from
5c47b9a
to
789f41c
Compare
SudoBrendan
requested review from
kevinobriendotca,
tsatam and
shubhadapaithankar
|
/azp run ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
Please rebase pull request. |
- creates a new make target to run the Portal app containerized - updates portal addresses to work with podman machine - adds docs
SudoBrendan
dismissed stale reviews from kevinobriendotca and shubhadapaithankar
via
2640d2a
SudoBrendan
force-pushed
the
sudobrendan/ARO-9500-runlocal-portal
branch
from
789f41c
to
2640d2a
Compare
SudoBrendan
requested review from
bitoku,
kevinobriendotca and
shubhadapaithankar
|
/azp run ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
- creates a new make target to run the Portal app containerized - updates portal addresses to work with podman machine - adds docs
- creates a new make target to run the Portal app containerized - updates portal addresses to work with podman machine - adds docs
Which issue this PR addresses:
Fixes ARO-9500
What this PR does / why we need it:
You can now test portal changes locally the same way it's run in prod - via a container run process on
localhost:8444Test plan for issue:
I need confirmation from MacOS users that this works for them - I updated some Portal server configs like we did for Shubhada's PR for RP (e.g. directly use
:8444instead oflocalhost:8444so it works with podman machine setups).I have validated on Linux that I can run:
make runlocal-portalhttps://localhost:8444to see the portal in action.Is there any documentation that needs to be updated for this PR?
Yes, it's in the PR.
How do you know this will function as expected in production?
This is still an unused container image - it is useful now in local development only and is only bringing conformity between prod and local dev.