Switch stargz over to cri registry config_path

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
brandond · May 23, 2024 · 30999f9 · 30999f9
1 parent 7374010
commit 30999f9
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 25 deletions.
diff --git a/pkg/agent/containerd/config_test.go b/pkg/agent/containerd/config_test.go
@@ -1471,14 +1471,25 @@ func Test_UnitGetHostConfigs(t *testing.T) {
  t.Fatalf("failed to parse %s: %v\n", registriesFile, err)
  }
 
+ nodeConfig := &config.Node{
+ Containerd: config.Containerd{
+ Registry: tempDir + "/hosts.d",
+ },
+ AgentConfig: config.Agent{
+ ImageServiceSocket: "containerd-stargz-grpc.sock",
+ Registry: registry.Registry,
+ Snapshotter: "stargz",
+ },
+ }
+
  // set up embedded registry, if enabled for the test
  if tt.args.mirrorAddr != "" {
  conf := spegel.DefaultRegistry
  conf.ServerCAFile = "server-ca"
  conf.ClientKeyFile = "client-key"
  conf.ClientCertFile = "client-cert"
  conf.InternalAddress, conf.RegistryPort, _ = net.SplitHostPort(tt.args.mirrorAddr)
- conf.InjectMirror(&config.Node{AgentConfig: config.Agent{Registry: registry.Registry}})
+ conf.InjectMirror(nodeConfig)
  }
 
  // Generate config template struct for all hosts
@@ -1494,11 +1505,7 @@ func Test_UnitGetHostConfigs(t *testing.T) {
 
  // Confirm that the main containerd config.toml renders properly
  containerdConfig := templates.ContainerdConfig{
- NodeConfig: &config.Node{
- Containerd: config.Containerd{
- Registry: tempDir + "/hosts.d",
- },
- },
+ NodeConfig: nodeConfig,
  PrivateRegistryConfig: registry.Registry,
  Program: "k3s",
  }

diff --git a/pkg/agent/templates/templates_linux.go b/pkg/agent/templates/templates_linux.go
@@ -44,19 +44,11 @@ cri_keychain_image_service_path = "{{ .NodeConfig.AgentConfig.ImageServiceSocket
 [plugins."io.containerd.snapshotter.v1.stargz".cri_keychain]
 enable_keychain = true
 {{end}}
+
+[plugins."io.containerd.snapshotter.v1.stargz".registry]
+ config_path = "{{ .NodeConfig.Containerd.Registry }}"
+
 {{ if .PrivateRegistryConfig }}
-{{ if .PrivateRegistryConfig.Mirrors }}
-[plugins."io.containerd.snapshotter.v1.stargz".registry.mirrors]{{end}}
-{{range $k, $v := .PrivateRegistryConfig.Mirrors }}
-[plugins."io.containerd.snapshotter.v1.stargz".registry.mirrors."{{$k}}"]
- endpoint = [{{range $i, $j := $v.Endpoints}}{{if $i}}, {{end}}{{printf "%q" .}}{{end}}]
-{{if $v.Rewrites}}
- [plugins."io.containerd.snapshotter.v1.stargz".registry.mirrors."{{$k}}".rewrite]
-{{range $pattern, $replace := $v.Rewrites}}
- "{{$pattern}}" = "{{$replace}}"
-{{end}}
-{{end}}
-{{end}}
 {{range $k, $v := .PrivateRegistryConfig.Configs }}
 {{ if $v.Auth }}
 [plugins."io.containerd.snapshotter.v1.stargz".registry.configs."{{$k}}".auth]
@@ -65,13 +57,6 @@ enable_keychain = true
  {{ if $v.Auth.Auth }}auth = {{ printf "%q" $v.Auth.Auth }}{{end}}
  {{ if $v.Auth.IdentityToken }}identitytoken = {{ printf "%q" $v.Auth.IdentityToken }}{{end}}
 {{end}}
-{{ if $v.TLS }}
-[plugins."io.containerd.snapshotter.v1.stargz".registry.configs."{{$k}}".tls]
- {{ if $v.TLS.CAFile }}ca_file = "{{ $v.TLS.CAFile }}"{{end}}
- {{ if $v.TLS.CertFile }}cert_file = "{{ $v.TLS.CertFile }}"{{end}}
- {{ if $v.TLS.KeyFile }}key_file = "{{ $v.TLS.KeyFile }}"{{end}}
- {{ if $v.TLS.InsecureSkipVerify }}insecure_skip_verify = true{{end}}
-{{end}}
 {{end}}
 {{end}}
 {{end}}