Implement allowed projects for MacOS Beta
What does this MR do?
Allows loading of a list of project URL prefixes that are allowed to participate in a beta program.
If a project prefix is not found within the list, a message similar to below is printed to the trace log and the job fails:
Why was this MR needed?
- Our current way of using registering tokens is tedious.
- The concurrency settings for the runner configuration are confusing when multiple Runners are configured. This will allow us to register just once as a instance Runner.
What's the best way to test this MR?
Create an allow list of projects:
# Create an allow list of projects
echo "/my-project/path" >> canary.project-allowlist
# Create a kubernetes secret with it
kubectl create secret generic orka-canary-project-allowlist --from-file=project-allowlist=canary.project-allowlist
Then modify the Helm values to make use of the allow list:
diff --git a/values-orka-canary.yaml b/values-orka-canary.yaml
index 0046bb9..9393c83 100644
--- a/values-orka-canary.yaml
+++ b/values-orka-canary.yaml
@@ -550,6 +551,7 @@ podLabels: {}
## mounted at /secrets.
secrets:
- name: orka-canary
+ - name: orka-canary-project-allowlist
## Additional config files to mount in the containers in `/configmaps`.
##
@@ -570,6 +572,8 @@ configMaps:
Cores = 4
Endpoint = "ORKA_API_ENDPOINT"
Token = "ORKA_API_TOKEN"
+ BetaAllowedProjectsPath = "/secrets/project-allowlist"
[Orka.ImageAliases]
"macos-10.13-xcode-7" = "ork-10.13-7-202109061639"
What are the relevant issue numbers?
Edited by Arran Walker