From 3f5d2d4452047a488e93ce32c57a0a9eedf376df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorsten=20Ro=C3=9Fner?= Date: Tue, 7 May 2024 16:46:50 +0200 Subject: [PATCH] fix(helmfile): Use Open CoDE as default registry for Univention helm chart (#71) --- .gitlab-ci.yml | 2 +- .kyverno/policies/template-image-registries.yaml | 6 +++--- docs/getting-started.md | 4 ++-- helmfile/environments/default/charts.yaml | 6 ++---- helmfile/environments/test/values.yaml.gotmpl | 2 +- 5 files changed, 9 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6dc2e046..7a238aa3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -539,7 +539,7 @@ avscan-start: # Overwrite shared settings .common-semantic-release: - image: "registry.souvap-univention.de/souvap/tooling/images/semantic-release-patched:latest" + image: "registry.opencode.de/bmi/opendesk/components/platform-development/images/semantic-release-patched:1.0.0" tags: [] conventional-commits-linter: diff --git a/.kyverno/policies/template-image-registries.yaml b/.kyverno/policies/template-image-registries.yaml index 264e9a36..3ba0a4e7 100644 --- a/.kyverno/policies/template-image-registries.yaml +++ b/.kyverno/policies/template-image-registries.yaml @@ -24,10 +24,10 @@ spec: pattern: spec: =(ephemeralContainers): - - image: "external-registry.souvap-univention.de/*" + - image: "my_private_registry.domain.tld/*" =(initContainers): - - image: "external-registry.souvap-univention.de/*" + - image: "my_private_registry.domain.tld/*" containers: - - image: "external-registry.souvap-univention.de/*" + - image: "my_private_registry.domain.tld/*" validationFailureAction: "audit" ... diff --git a/docs/getting-started.md b/docs/getting-started.md index be70789e..9f56ac1f 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -178,13 +178,13 @@ prefer the use of a private image registry anyway you can configure such for ```yaml global: - imageRegistry: "external-registry.souvap-univention.de/sovereign-workplace" + imageRegistry: "my_private_registry.domain.tld" ``` alternatively you can use an environment variable: ```shell -export PRIVATE_IMAGE_REGISTRY_URL=external-registry.souvap-univention.de/sovereign-workplace +export PRIVATE_IMAGE_REGISTRY_URL=my_private_registry.domain.tld ``` If authentication is required, you can reference imagePullSecrets as following: diff --git a/helmfile/environments/default/charts.yaml b/helmfile/environments/default/charts.yaml index c6bacf25..35b1b0f9 100644 --- a/helmfile/environments/default/charts.yaml +++ b/helmfile/environments/default/charts.yaml @@ -375,10 +375,8 @@ charts: # upstreamRepository: 'souvap/tooling/charts/univention/ums' # upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$' # upstreamMirrorStartFrom: ['0', '0', '1'] - # registry: "registry.opencode.de" - # repository: "bmi/opendesk/components/supplier/univention/charts-mirror" - registry: "registry.souvap-univention.de" - repository: "souvap/tooling/charts/univention" + registry: "registry.opencode.de" + repository: "bmi/opendesk/components/supplier/univention/charts-mirror" name: "ums" version: "0.13.0" verify: true diff --git a/helmfile/environments/test/values.yaml.gotmpl b/helmfile/environments/test/values.yaml.gotmpl index e7043098..bd1f8c97 100644 --- a/helmfile/environments/test/values.yaml.gotmpl +++ b/helmfile/environments/test/values.yaml.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "external-registry.souvap-univention.de/sovereign-workplace" + imageRegistry: "my_private_registry.domain.tld" imagePullSecrets: - "kyverno-test" imagePullPolicy: "kyverno"