Skip to content

Comments

feat: support private registries for e2e#112

Open
GabriFedi97 wants to merge 11 commits intocloudnative-pg:mainfrom
GabriFedi97:dev/105
Open

feat: support private registries for e2e#112
GabriFedi97 wants to merge 11 commits intocloudnative-pg:mainfrom
GabriFedi97:dev/105

Conversation

@GabriFedi97
Copy link
Contributor

@GabriFedi97 GabriFedi97 commented Feb 16, 2026
edited
Loading

Add support for passing extra arguments to the Chainsaw test command exposed by the dagger module. This way, a docker-credentials secret can be created beforehand in a dedicated namespace and the same namespace can be used by Chainsaw by passing the extra args "--namespace,<namespace>".

Add also the options to pass credentials for generating Chainsaw testing values for container images hosted in private registries.

closes: #105

@GabriFedi97 GabriFedi97 force-pushed the dev/105 branch 2 times, most recently from f08538e to 2e3a98b Compare February 16, 2026 14:00
@GabriFedi97 GabriFedi97 changed the title Support private registries for e2e feat: support private registries for e2e Feb 17, 2026
@GabriFedi97 GabriFedi97 marked this pull request as ready for review February 17, 2026 09:14
@GabriFedi97 GabriFedi97 requested review from a team and NiccoloFei as code owners February 17, 2026 09:14
gbartolini
gbartolini reviewed Feb 17, 2026
View reviewed changes
@GabriFedi97
Copy link
Contributor Author

GabriFedi97 commented Feb 18, 2026

I realized there might be more convenient way to set up private credentials for e2e, which is configuring them directly in the kind nodes as docker config at path /var/lib/kubelet/config.json. This way no extra steps and no pull-secrets handling would be required.
Putting the PR back to draft to test this approach.

@GabriFedi97 GabriFedi97 marked this pull request as draft February 18, 2026 10:01
@GabriFedi97 GabriFedi97 force-pushed the dev/105 branch 2 times, most recently from 6505091 to f2b151a Compare February 18, 2026 12:33
@GabriFedi97 GabriFedi97 marked this pull request as ready for review February 18, 2026 12:34
@GabriFedi97
Copy link
Contributor Author

GabriFedi97 commented Feb 18, 2026

I confirm the new approach works fine and looks cleaner.

Although the extraArgs parameter for the Dagger test function is not theoretically required anymore for enabling e2e for private registries, I think it's worth keeping it for more complex use-cases. Same thing for the option of configuring an imagePullSecret for Clusters through Chainsaw values.

mbiagetti
mbiagetti approved these changes Feb 23, 2026
View reviewed changes
Copy link
Contributor

@mbiagetti mbiagetti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

proposed also an improvement on the docs, see GabriFedi97#3

GabriFedi97 and others added 8 commits February 24, 2026 15:49
@GabriFedi97 @NiccoloFei
feat: private registries for testing values generation
ebedebb 
Support passing credentials for testing values generation
in the dagger module.

Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
feat: chainsaw extra arguments for dagger test cmd
3c3ca58 
Support passing extra arguments to Chainsaw test
execution. This way the test cmd can be customised
by external callers and it can support more complex use-cases

Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
feat: reference a pull secret in Cluster
e351ede 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
feat: add taskfile changes
8f41013 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
docs: e2e for private registries
79d8cea 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
feat: configure registry credential for kubelet
e99fcda 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 @NiccoloFei
docs: updated docs
5642df1 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@mbiagetti @NiccoloFei
docs: Add documentation for EXTRA_ARGS field in E2E task command
496c52f 
Signed-off-by: Matteo <matteo.biagetti@enterprisedb.com>
mnencia and others added 3 commits February 24, 2026 17:20
@mnencia
fix(e2e): remove unused imagePullSecrets from cluster templates
fae2267 
The cluster.yaml templates referenced a pull_secret value that was
never generated, breaking all test runs. Kubelet-level credentials
configured during e2e:setup-env are sufficient for private registry
access. Also remove misleading --values example from EXTRA_ARGS docs.

Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
@mnencia
fix(e2e): guard registry auth against empty credentials
4e2d952 
Only apply registry authentication when both username and password
are non-empty. Prevents sending empty-credentials auth headers to
public registries when no credentials are configured.

Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
@GabriFedi97
docs: use one example for extra-args
7cb1b6a 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gbartolini gbartolini gbartolini left review comments

@NiccoloFei NiccoloFei NiccoloFei approved these changes

+1 more reviewer

@mbiagetti mbiagetti mbiagetti approved these changes

Reviewers whose approvals may not affect merge requirements

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support running e2e with private registries

5 participants

@GabriFedi97 @gbartolini @mbiagetti @NiccoloFei @mnencia