Custom MONGODB_REPO_URL doesn't take MDB_IMAGE_TYPE into account #1638
Description
What did you do to encounter the bug?
Steps to reproduce the behavior:
- Configure the mongodb community operator with helm and the values.yaml (provided at https://raw.githubusercontent.com/mongodb/helm-charts/refs/heads/main/charts/community-operator/values.yaml). Notice that this is pretty much unaltered except that
mongodb.repois a custom repo:
(I did not test this exact file, but the error should still occur as I explained further down; if not, i can provide more information)
## Reference to one or more secrets to be used when pulling images
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets:
- name: "image-pull-secret-for-my-custom-repo"
## Operator
operator:
# Name that will be assigned to most of internal Kubernetes objects like
# Deployment, ServiceAccount, Role etc.
name: mongodb-kubernetes-operator
# Name of the operator image
operatorImageName: mongodb-kubernetes-operator
# Name of the deployment of the operator pod
deploymentName: mongodb-kubernetes-operator
# Version of mongodb-kubernetes-operator
version: 0.11.0
# Uncomment this line to watch all namespaces
watchNamespace: "*"
# Resources allocated to Operator Pod
resources:
limits:
cpu: 1100m
memory: 1Gi
requests:
cpu: 500m
memory: 200Mi
# PriorityClass configuration for operator
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
priorityClassName: ''
# replicas deployed for the operator pod. Running 1 is optimal and suggested.
replicas: 1
# Additional environment variables
extraEnvs: []
# environment:
# - name: CLUSTER_DOMAIN
# value: my-cluster.domain
podSecurityContext:
runAsNonRoot: true
runAsUser: 2000
securityContext: {}
## Operator's database
database:
name: mongodb-database
# set this to the namespace where you would like
# to deploy the MongoDB database,
# Note if the database namespace is not same
# as the operator namespace,
# make sure to set "watchNamespace" to "*"
# to ensure that the operator has the
# permission to reconcile resources in other namespaces
# namespace: mongodb-database
agent:
name: mongodb-agent-ubi
version: 107.0.7.8596-1
versionUpgradeHook:
name: mongodb-kubernetes-operator-version-upgrade-post-start-hook
version: 1.0.9
readinessProbe:
name: mongodb-kubernetes-readinessprobe
version: 1.0.20
mongodb:
name: mongodb-community-server
repo: my.custom.repo/folder/docker.io/mongodb # <-- custom repo
imageType: ubi8
registry:
agent: quay.io/mongodb
versionUpgradeHook: quay.io/mongodb
readinessProbe: quay.io/mongodb
operator: quay.io/mongodb
pullPolicy: Always
# Set to false if CRDs have been installed already. The CRDs can be installed
# manually from the code repo: github.com/mongodb/mongodb-kubernetes-operator or
# using the `community-operator-crds` Helm chart.
community-operator-crds:
enabled: true- apply the configuration
What did you expect?
When not using a custom repo for the mongodb-community-server image, the image in the StatefulSet will be docker.io/mongodb/mongodb-community-server:4.4.29-ubi8. So I expect the StatefulSet to be configured to pull my.custom.repo/folder/docker.io/mongodb/mongodb-community-server:4.4.29-ubi8 when using a custom repo.
What happened instead?
The StatefulSet will be configured to pull my.custom.repo/folder/docker.io/mongodb/mongodb-community-server:4.4.29 instead of my.custom.repo/folder/docker.io/mongodb/mongodb-community-server:4.4.29-ubi8, missing the -ubi8 suffix and therefore making the container unable to start. That is because I pull the ubi8-image from the official repo and upload it, as it is, into my own repo with the same name. That way the image doesn't exist without the -ubi8 suffix.
Operator Information
- Operator Version: 0.11.0
- MongoDB Image used: docker.io/mongodb/mongodb-community-server:4.4.29-ubi8
Kubernetes Cluster Information
- Distribution: k3d?
- Version: v1.29.9+k3s1
- Image Registry location (quay, or an internal registry): internal
Additional context
I think the issue lies in mongodb-kubernetes-operator/controllers/construct/mongodbstatefulset.go in the function at line 367:
...
func getMongoDBImage(version string) string {
repoUrl := os.Getenv(MongodbRepoUrl)
imageType := envvar.GetEnvOrDefault(MongoDBImageType, DefaultImageType)
if strings.HasSuffix(repoUrl, "/") {
repoUrl = strings.TrimRight(repoUrl, "/")
}
mongoImageName := os.Getenv(MongodbImageEnv)
for _, officialUrl := range OfficialMongodbRepoUrls {
if repoUrl == officialUrl {
return fmt.Sprintf("%s/%s:%s-%s", repoUrl, mongoImageName, version, imageType)
}
}
// This is the old images backwards compatibility code path.
return fmt.Sprintf("%s/%s:%s", repoUrl, mongoImageName, version)
}
...The mongodb image gets constructed without the imageType suffix when not using one the of the official repos. I don't really understand the comment at the bottom of the function, so I can't tell if this is intentional or not.
(I removed all yaml definition stuff from the issue template here, because I don't think it is necessary in this case; If they are needed anyway, I can provide them)