diff --git a/docs/getting-started.md b/docs/getting-started.md index a29c8396..6bfc18e9 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -12,7 +12,7 @@ This documentation should enable you to create your own evaluation instance of o * [Customize environment](#customize-environment) * [Domain](#domain) * [Apps](#apps) - * [Private Helm chart and container image registry](#private-helm-chart-and-container-image-registry) + * [Private registries](#private-registries) * [Cluster capabilities](#cluster-capabilities) * [Service](#service) * [Networking](#networking) @@ -126,7 +126,7 @@ jitsi: enabled: false ``` -## Private Helm chart and container image registry +## Private registries By default Helm charts and container images are fetched from OCI registries. These registries can be found for most cases in the [openDesk/component section on Open CoDE](https://gitlab.opencode.de/bmi/opendesk/components). @@ -137,8 +137,9 @@ like Docker Hub. Doing a test deployment will most likely be fine with this setup. In case you want to deploy multiple times a day and fetch from the same IP address you might run into rate limits at Docker Hub. In that case and in cases you prefer the use of a private image registry anyway you can configure such for -[your target environment](./../helmfile/environments/dev/values.yaml.gotmpl.sample) by setting `global.imageRegistry` -like this: +[your target environment](./../helmfile/environments/dev/values.yaml.gotmpl.sample) by setting +- `global.imageRegistry` for a private image registry and +- `global.helmRegistry` for a private Helm chart registry. ```yaml global: diff --git a/helmfile/apps/collabora/helmfile.yaml b/helmfile/apps/collabora/helmfile.yaml index 910fd7bf..4f299eab 100644 --- a/helmfile/apps/collabora/helmfile.yaml +++ b/helmfile/apps/collabora/helmfile.yaml @@ -11,7 +11,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.collabora.registry }}/\ + url: "{{ .Values.global.helmRegistry | default .Values.charts.collabora.registry }}/\ {{ .Values.charts.collabora.repository }}" releases: diff --git a/helmfile/apps/cryptpad/helmfile.yaml b/helmfile/apps/cryptpad/helmfile.yaml index 40d3e25a..051005ff 100644 --- a/helmfile/apps/cryptpad/helmfile.yaml +++ b/helmfile/apps/cryptpad/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.cryptpad.registry }}/{{ .Values.charts.cryptpad.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.cryptpad.registry }}/{{ .Values.charts.cryptpad.repository }}" releases: - name: "cryptpad" diff --git a/helmfile/apps/element/helmfile.yaml b/helmfile/apps/element/helmfile.yaml index b91d44b5..aec18b00 100644 --- a/helmfile/apps/element/helmfile.yaml +++ b/helmfile/apps/element/helmfile.yaml @@ -13,35 +13,35 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.element.registry }}/{{ .Values.charts.element.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.element.registry }}/{{ .Values.charts.element.repository }}" - name: "element-well-known-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.elementWellKnown.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.elementWellKnown.registry }}/{{ .Values.charts.elementWellKnown.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.elementWellKnown.registry }}/{{ .Values.charts.elementWellKnown.repository }}" - name: "synapse-web-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.synapseWeb.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.synapseWeb.registry }}/{{ .Values.charts.synapseWeb.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.synapseWeb.registry }}/{{ .Values.charts.synapseWeb.repository }}" - name: "synapse-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.synapse.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.synapse.registry }}/{{ .Values.charts.synapse.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.synapse.registry }}/{{ .Values.charts.synapse.repository }}" - name: "synapse-create-account-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.synapseCreateAccount.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.synapseCreateAccount.registry }}/{{ .Values.charts.synapseCreateAccount.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.synapseCreateAccount.registry }}/{{ .Values.charts.synapseCreateAccount.repository }}" # openDesk Matrix Widgets # Source: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-matrix-widgets @@ -51,7 +51,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.matrixUserVerificationService.registry }}/\ + url: "{{ .Values.global.helmRegistry | default .Values.charts.matrixUserVerificationService.registry }}/\ {{ .Values.charts.matrixUserVerificationService.repository }}" - name: "matrix-neoboard-widget-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" @@ -59,28 +59,28 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.matrixNeoboardWidget.registry }}/{{ .Values.charts.matrixNeoboardWidget.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.matrixNeoboardWidget.registry }}/{{ .Values.charts.matrixNeoboardWidget.repository }}" - name: "matrix-neochoice-widget-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.matrixNeoboardWidget.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.matrixNeoboardWidget.registry }}/{{ .Values.charts.matrixNeoboardWidget.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.matrixNeoboardWidget.registry }}/{{ .Values.charts.matrixNeoboardWidget.repository }}" - name: "matrix-neodatefix-widget-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.matrixNeodatefixWidget.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.matrixNeodatefixWidget.registry }}/{{ .Values.charts.matrixNeodatefixWidget.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.matrixNeodatefixWidget.registry }}/{{ .Values.charts.matrixNeodatefixWidget.repository }}" - name: "matrix-neodatefix-bot-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.matrixNeodatefixBot.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.matrixNeodatefixBot.registry }}/{{ .Values.charts.matrixNeodatefixBot.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.matrixNeodatefixBot.registry }}/{{ .Values.charts.matrixNeodatefixBot.repository }}" releases: diff --git a/helmfile/apps/intercom-service/helmfile.yaml b/helmfile/apps/intercom-service/helmfile.yaml index d4a0738a..0ce14450 100644 --- a/helmfile/apps/intercom-service/helmfile.yaml +++ b/helmfile/apps/intercom-service/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.intercomService.registry }}/{{ .Values.charts.intercomService.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.intercomService.registry }}/{{ .Values.charts.intercomService.repository }}" releases: - name: "intercom-service" diff --git a/helmfile/apps/jitsi/helmfile.yaml b/helmfile/apps/jitsi/helmfile.yaml index fbfb2706..9d78a4f5 100644 --- a/helmfile/apps/jitsi/helmfile.yaml +++ b/helmfile/apps/jitsi/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.jitsi.registry }}/{{ .Values.charts.jitsi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.jitsi.registry }}/{{ .Values.charts.jitsi.repository }}" releases: - name: "jitsi" diff --git a/helmfile/apps/nextcloud/helmfile.yaml b/helmfile/apps/nextcloud/helmfile.yaml index 4549d359..e3423a47 100644 --- a/helmfile/apps/nextcloud/helmfile.yaml +++ b/helmfile/apps/nextcloud/helmfile.yaml @@ -13,14 +13,14 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.nextcloudManagement.registry }}/{{ .Values.charts.nextcloudManagement.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.nextcloudManagement.registry }}/{{ .Values.charts.nextcloudManagement.repository }}" - name: "nextcloud-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.nextcloud.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.nextcloud.registry }}/{{ .Values.charts.nextcloud.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.nextcloud.registry }}/{{ .Values.charts.nextcloud.repository }}" releases: - name: "opendesk-nextcloud-management" diff --git a/helmfile/apps/open-xchange/helmfile.yaml b/helmfile/apps/open-xchange/helmfile.yaml index b99c7cb6..83365b45 100644 --- a/helmfile/apps/open-xchange/helmfile.yaml +++ b/helmfile/apps/open-xchange/helmfile.yaml @@ -13,14 +13,14 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.dovecot.registry }}/{{ .Values.charts.dovecot.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.dovecot.registry }}/{{ .Values.charts.dovecot.repository }}" # Open-Xchange - name: "open-xchange-repo" username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.openXchangeAppSuite.registry }}/{{ .Values.charts.openXchangeAppSuite.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuite.registry }}/{{ .Values.charts.openXchangeAppSuite.repository }}" # openDesk Open-Xchange Bootstrap # Source: https://gitlab.opencode.de/bmi/opendesk/components/charts/opendesk-open-xchange-bootstrap @@ -30,7 +30,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.openXchangeAppSuiteBootstrap.registry }}/\ + url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuiteBootstrap.registry }}/\ {{ .Values.charts.openXchangeAppSuiteBootstrap.repository }}" releases: diff --git a/helmfile/apps/openproject-bootstrap/helmfile.yaml b/helmfile/apps/openproject-bootstrap/helmfile.yaml index 7dd138f7..361212b7 100644 --- a/helmfile/apps/openproject-bootstrap/helmfile.yaml +++ b/helmfile/apps/openproject-bootstrap/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.openprojectBootstrap.registry }}/{{ .Values.charts.openprojectBootstrap.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.openprojectBootstrap.registry }}/{{ .Values.charts.openprojectBootstrap.repository }}" releases: - name: "opendesk-openproject-bootstrap" diff --git a/helmfile/apps/openproject/helmfile.yaml b/helmfile/apps/openproject/helmfile.yaml index 1e93f536..2b401beb 100644 --- a/helmfile/apps/openproject/helmfile.yaml +++ b/helmfile/apps/openproject/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.openproject.registry }}/{{ .Values.charts.openproject.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.openproject.registry }}/{{ .Values.charts.openproject.repository }}" releases: - name: "openproject" diff --git a/helmfile/apps/provisioning/helmfile.yaml b/helmfile/apps/provisioning/helmfile.yaml index cc7a9e4f..c89e989c 100644 --- a/helmfile/apps/provisioning/helmfile.yaml +++ b/helmfile/apps/provisioning/helmfile.yaml @@ -10,7 +10,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.oxConnector.registry }}/{{ .Values.charts.oxConnector.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.oxConnector.registry }}/{{ .Values.charts.oxConnector.repository }}" releases: - name: "ox-connector" diff --git a/helmfile/apps/services/helmfile.yaml b/helmfile/apps/services/helmfile.yaml index f84b228e..fd4a29dc 100644 --- a/helmfile/apps/services/helmfile.yaml +++ b/helmfile/apps/services/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.otterize.registry }}/{{ .Values.charts.otterize.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.otterize.registry }}/{{ .Values.charts.otterize.repository }}" # openDesk Certificates # Source: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-certificates @@ -23,7 +23,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.certificates.registry }}/{{ .Values.charts.certificates.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.certificates.registry }}/{{ .Values.charts.certificates.repository }}" # openDesk PostgreSQL # Source: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-postgresql @@ -33,7 +33,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.postgresql.registry }}/{{ .Values.charts.postgresql.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.postgresql.registry }}/{{ .Values.charts.postgresql.repository }}" # openDesk MariaDB # Source: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-mariadb @@ -43,7 +43,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.mariadb.registry }}/{{ .Values.charts.mariadb.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.mariadb.registry }}/{{ .Values.charts.mariadb.repository }}" # openDesk Postfix # https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-postfix @@ -53,7 +53,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.postfix.registry }}/{{ .Values.charts.postfix.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.postfix.registry }}/{{ .Values.charts.postfix.repository }}" # openDesk Istio Resources # https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-istio-resources @@ -63,7 +63,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.istioResources.registry }}/{{ .Values.charts.istioResources.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.istioResources.registry }}/{{ .Values.charts.istioResources.repository }}" # openDesk ClamAV # https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-clamav @@ -73,14 +73,14 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.clamav.registry }}/{{ .Values.charts.clamav.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.clamav.registry }}/{{ .Values.charts.clamav.repository }}" - name: "clamav-simple-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.clamavSimple.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.clamavSimple.registry }}/{{ .Values.charts.clamavSimple.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.clamavSimple.registry }}/{{ .Values.charts.clamavSimple.repository }}" # VMWare Bitnami # Source: https://github.com/bitnami/charts/ @@ -90,21 +90,21 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.memcached.registry }}/{{ .Values.charts.memcached.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.memcached.registry }}/{{ .Values.charts.memcached.repository }}" - name: "redis-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.redis.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.redis.registry }}/{{ .Values.charts.redis.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.redis.registry }}/{{ .Values.charts.redis.repository }}" - name: "minio-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.minio.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.minio.registry }}/{{ .Values.charts.minio.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.minio.registry }}/{{ .Values.charts.minio.repository }}" releases: - name: "opendesk-otterize" diff --git a/helmfile/apps/univention-management-stack/helmfile.yaml b/helmfile/apps/univention-management-stack/helmfile.yaml index ba403438..09ad9e42 100644 --- a/helmfile/apps/univention-management-stack/helmfile.yaml +++ b/helmfile/apps/univention-management-stack/helmfile.yaml @@ -12,133 +12,133 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsGuardianManagementApi.registry }}/{{ .Values.charts.umsGuardianManagementApi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsGuardianManagementApi.registry }}/{{ .Values.charts.umsGuardianManagementApi.repository }}" - name: "ums-guardian-management-ui-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsGuardianManagementUi.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsGuardianManagementUi.registry }}/{{ .Values.charts.umsGuardianManagementUi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsGuardianManagementUi.registry }}/{{ .Values.charts.umsGuardianManagementUi.repository }}" - name: "ums-guardian-authorization-api-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsGuardianAuthorizationApi.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsGuardianAuthorizationApi.registry }}/{{ .Values.charts.umsGuardianAuthorizationApi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsGuardianAuthorizationApi.registry }}/{{ .Values.charts.umsGuardianAuthorizationApi.repository }}" - name: "ums-open-policy-agent-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsOpenPolicyAgent.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsOpenPolicyAgent.registry }}/{{ .Values.charts.umsOpenPolicyAgent.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsOpenPolicyAgent.registry }}/{{ .Values.charts.umsOpenPolicyAgent.repository }}" - name: "ums-store-dav-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsStoreDav.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsStoreDav.registry }}/{{ .Values.charts.umsStoreDav.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsStoreDav.registry }}/{{ .Values.charts.umsStoreDav.repository }}" - name: "ums-ldap-server-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsLdapServer.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsLdapServer.registry }}/{{ .Values.charts.umsLdapServer.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsLdapServer.registry }}/{{ .Values.charts.umsLdapServer.repository }}" - name: "ums-ldap-notifier-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsLdapNotifier.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsLdapNotifier.registry }}/{{ .Values.charts.umsLdapNotifier.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsLdapNotifier.registry }}/{{ .Values.charts.umsLdapNotifier.repository }}" - name: "ums-udm-rest-api-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsUdmRestApi.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsUdmRestApi.registry }}/{{ .Values.charts.umsUdmRestApi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsUdmRestApi.registry }}/{{ .Values.charts.umsUdmRestApi.repository }}" - name: "ums-stack-data-ums-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsStackDataUms.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsStackDataUms.registry }}/{{ .Values.charts.umsStackDataUms.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsStackDataUms.registry }}/{{ .Values.charts.umsStackDataUms.repository }}" - name: "ums-stack-data-swp-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsStackDataSwp.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsStackDataSwp.registry }}/{{ .Values.charts.umsStackDataSwp.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsStackDataSwp.registry }}/{{ .Values.charts.umsStackDataSwp.repository }}" - name: "ums-portal-server-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsPortalServer.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsPortalServer.registry }}/{{ .Values.charts.umsPortalServer.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsPortalServer.registry }}/{{ .Values.charts.umsPortalServer.repository }}" - name: "ums-notifications-api-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsNotificationsApi.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsNotificationsApi.registry }}/{{ .Values.charts.umsNotificationsApi.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsNotificationsApi.registry }}/{{ .Values.charts.umsNotificationsApi.repository }}" - name: "ums-portal-listener-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsPortalListener.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsPortalListener.registry }}/{{ .Values.charts.umsPortalListener.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsPortalListener.registry }}/{{ .Values.charts.umsPortalListener.repository }}" - name: "ums-portal-frontend-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsPortalFrontend.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsPortalFrontend.registry }}/{{ .Values.charts.umsPortalFrontend.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsPortalFrontend.registry }}/{{ .Values.charts.umsPortalFrontend.repository }}" - name: "ums-umc-gateway-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsUmcGateway.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsUmcGateway.registry }}/{{ .Values.charts.umsUmcGateway.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsUmcGateway.registry }}/{{ .Values.charts.umsUmcGateway.repository }}" - name: "ums-umc-server-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsUmcServer.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsUmcServer.registry }}/{{ .Values.charts.umsUmcServer.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsUmcServer.registry }}/{{ .Values.charts.umsUmcServer.repository }}" - name: "ums-selfservice-listener-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsSelfserviceListener.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsSelfserviceListener.registry }}/{{ .Values.charts.umsSelfserviceListener.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsSelfserviceListener.registry }}/{{ .Values.charts.umsSelfserviceListener.repository }}" - name: "ums-provisioning-repo" keyring: "../../files/gpg-pubkeys/univention-de.gpg" verify: {{ .Values.charts.umsProvisioning.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsProvisioning.registry }}/{{ .Values.charts.umsProvisioning.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsProvisioning.registry }}/{{ .Values.charts.umsProvisioning.repository }}" # Univention Keycloak Extensions - name: "ums-keycloak-extensions-repo" username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsKeycloakExtensions.registry }}/{{ .Values.charts.umsKeycloakExtensions.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsKeycloakExtensions.registry }}/{{ .Values.charts.umsKeycloakExtensions.repository }}" # Univention Keycloak - name: "ums-keycloak-repo" keyring: "../../files/gpg-pubkeys/souvap-univention-de.gpg" @@ -146,21 +146,21 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsKeycloak.registry }}/{{ .Values.charts.umsKeycloak.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsKeycloak.registry }}/{{ .Values.charts.umsKeycloak.repository }}" - name: "ums-keycloak-bootstrap-repo" keyring: "../../files/gpg-pubkeys/souvap-univention-de.gpg" verify: {{ .Values.charts.umsKeycloakBootstrap.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.umsKeycloakBootstrap.registry }}/{{ .Values.charts.umsKeycloakBootstrap.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.umsKeycloakBootstrap.registry }}/{{ .Values.charts.umsKeycloakBootstrap.repository }}" - name: "opendesk-keycloak-bootstrap-repo" keyring: "../../files/gpg-pubkeys/opencode.gpg" verify: {{ .Values.charts.opendeskKeycloakBootstrap.verify }} username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.opendeskKeycloakBootstrap.registry }}/\ + url: "{{ .Values.global.helmRegistry | default .Values.charts.opendeskKeycloakBootstrap.registry }}/\ {{ .Values.charts.opendeskKeycloakBootstrap.repository }}" # VMWare Bitnami # Source: https://github.com/bitnami/charts/ @@ -170,7 +170,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.nginx.registry }}/{{ .Values.charts.nginx.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.nginx.registry }}/{{ .Values.charts.nginx.repository }}" releases: - name: "ums-keycloak" diff --git a/helmfile/apps/xwiki/helmfile.yaml b/helmfile/apps/xwiki/helmfile.yaml index d16237c8..e9456b50 100644 --- a/helmfile/apps/xwiki/helmfile.yaml +++ b/helmfile/apps/xwiki/helmfile.yaml @@ -13,7 +13,7 @@ repositories: username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }} password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }} oci: true - url: "{{ .Values.global.imageRegistry | default .Values.charts.xwiki.registry }}/{{ .Values.charts.xwiki.repository }}" + url: "{{ .Values.global.helmRegistry | default .Values.charts.xwiki.registry }}/{{ .Values.charts.xwiki.repository }}" releases: - name: "xwiki" diff --git a/helmfile/environments/default/global.gotmpl b/helmfile/environments/default/global.gotmpl index 5055a458..c5ee0cd4 100644 --- a/helmfile/environments/default/global.gotmpl +++ b/helmfile/environments/default/global.gotmpl @@ -13,5 +13,6 @@ global: ## Define docker registry address. # + helmRegistry: {{ env "PRIVATE_HELM_REGISTRY_URL" | quote }} imageRegistry: {{ env "PRIVATE_IMAGE_REGISTRY_URL" | quote }} ... diff --git a/helmfile/environments/dev/values.yaml.gotmpl.sample b/helmfile/environments/dev/values.yaml.gotmpl.sample index 0ea2b7c2..0c4eb810 100644 --- a/helmfile/environments/dev/values.yaml.gotmpl.sample +++ b/helmfile/environments/dev/values.yaml.gotmpl.sample @@ -3,5 +3,6 @@ --- sampleWithTemplating: {{ env "YOUR_ENV_VARIABLE_FOR_TEMPLATING" | quote }} global: - imageRegistry: "your.private.ociregistry/with_optional_path" + imageRegistry: "your.private.oci-container-image-registry/with_optional_path" + helmRegistry: "your.private.oci-helm-chart-registry/with_optional_path" ... diff --git a/helmfile/environments/prod/values.yaml.gotmpl.sample b/helmfile/environments/prod/values.yaml.gotmpl.sample index 0ea2b7c2..0c4eb810 100644 --- a/helmfile/environments/prod/values.yaml.gotmpl.sample +++ b/helmfile/environments/prod/values.yaml.gotmpl.sample @@ -3,5 +3,6 @@ --- sampleWithTemplating: {{ env "YOUR_ENV_VARIABLE_FOR_TEMPLATING" | quote }} global: - imageRegistry: "your.private.ociregistry/with_optional_path" + imageRegistry: "your.private.oci-container-image-registry/with_optional_path" + helmRegistry: "your.private.oci-helm-chart-registry/with_optional_path" ... diff --git a/helmfile/environments/test/values.yaml.gotmpl.sample b/helmfile/environments/test/values.yaml.gotmpl.sample index 0ea2b7c2..0c4eb810 100644 --- a/helmfile/environments/test/values.yaml.gotmpl.sample +++ b/helmfile/environments/test/values.yaml.gotmpl.sample @@ -3,5 +3,6 @@ --- sampleWithTemplating: {{ env "YOUR_ENV_VARIABLE_FOR_TEMPLATING" | quote }} global: - imageRegistry: "your.private.ociregistry/with_optional_path" + imageRegistry: "your.private.oci-container-image-registry/with_optional_path" + helmRegistry: "your.private.oci-helm-chart-registry/with_optional_path" ...