The functionality of local docker registry authentication will be
enabled in commit https://review.openstack.org/#/c/626355/.
However, local docker registry is currently used to pull/push images
during application apply without authentication and no credentials
passed to the kubernetes when pulling images on other nodes except
for active controller.
In order to install stx-openstack app with local docker registry that
has authentication turned on, this commit updates the following:
1. Pass the user credentials when pulling/pushing images from local
registry during application apply.
2. Create a well-known registry secret "default-registry-key" which
holds the authorization token during stx-openstack app apply and
delete the secret during removal. The helm-toolkit is updated to
refer to this secret in k8s openstack service account template for
pulling images from local by kubelet. This secret is also added to
rbd-provisioner service account as well since it is not using
helm-toolkit to create service account.
Note: #2 is short-term solution. The long-term solution is to implement
the BP https://blueprints.launchpad.net/openstack-helm/+spec/support
-docker-registry-with-authentication-turned-on.
Story: 2002840
Task: 28945
Depends-On: https://review.openstack.org/636181
Change-Id: I015dccd12c5c7fa7a4bea74eef8d172f03b5d60e
Signed-off-by: Angie Wang <angie.wang@windriver.com>
5b94294002