chore(release): 0.2.0 [skip ci]

# [0.2.0](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/compare/v0.1.2...v0.2.0) (2023-08-15) ### Bug Fixes * **helmfile:** Replace bitnami repositories with OCI ([4c21fd2](4c21fd2286)) ### Features * **helmfile:** Implement private image/chart registry variables ([5788323](5788323621))
fix(helmfile): Replace bitnami repositories with OCI
2025-12-08 16:28:36 +01:00 · 2023-08-15 10:40:25 +00:00 · 2023-08-15 11:32:03 +02:00 · 2023-08-15 11:32:03 +02:00
16 changed files with 149 additions and 87 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,15 @@
 # [0.2.0](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/compare/v0.1.2...v0.2.0) (2023-08-15)
 ### Bug Fixes
 * **helmfile:** Replace bitnami repositories with OCI ([4c21fd2](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/commit/4c21fd228654520bb71d56dc1bda96332334002b))
 ### Features
 * **helmfile:** Implement private image/chart registry variables ([5788323](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/commit/57883236219811d2a5fc422649b4f9b042a0ac22))
 ## [0.1.2](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/compare/v0.1.1...v0.1.2) (2023-08-15)
--- a/README.md
+++ b/README.md
@@ -149,6 +149,16 @@ and wait a little. After the deployment is finished some bootstrapping is
 executed which might take some more minutes before you can log in your new
 instance.
 ## Offline deployment
 Before executing a [local deployment](#local-deployment), you can set following
 environment variables to use your own container image and helm chart registry:
 | name                         | description                    |
 |------------------------------|--------------------------------|
 | PRIVATE_CHART_REPOSITORY_URL | Your helm chart repository url |
 | PRIVATE_IMAGE_REGISTRY_URL   | Your image registry url        |
 ## Logging in
 When successfully deployed the SWP, all K8s jobs from the deployment should be
--- a/helmfile/apps/collabora/helmfile.yaml
+++ b/helmfile/apps/collabora/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "collabora-online"
+  - name: "collabora-online-repo"
-    url: "https://collaboraonline.github.io/online"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://collaboraonline.github.io/online" }}
 releases:
  - name: "collabora-online"
-    chart: "collabora-online/collabora-online"
+    chart: "collabora-online-repo/collabora-online"
    version: "1.0.2"
    values:
      - "values.yaml"
--- a/helmfile/apps/element/helmfile.yaml
+++ b/helmfile/apps/element/helmfile.yaml
@@ -2,33 +2,35 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "sovereign-workplace-element"
+  - name: "sovereign-workplace-element-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/148/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/148/packages/helm/stable" }}
 releases:
  - name: "sovereign-workplace-element"
-    chart: "sovereign-workplace-element/sovereign-workplace-element"
+    chart: "sovereign-workplace-element-repo/sovereign-workplace-element"
    version: "1.1.2"
    values:
      - "values-element.gotmpl"
    condition: "element.enabled"
  - name: "sovereign-workplace-well-known"
-    chart: "sovereign-workplace-element/sovereign-workplace-well-known"
+    chart: "sovereign-workplace-element-repo/sovereign-workplace-well-known"
    version: "1.1.2"
    values:
      - "values-well-known.gotmpl"
    condition: "element.enabled"
  - name: "sovereign-workplace-synapse-web"
-    chart: "sovereign-workplace-element/sovereign-workplace-synapse-web"
+    chart: "sovereign-workplace-element-repo/sovereign-workplace-synapse-web"
    version: "1.1.2"
    values:
      - "values-synapse-web.gotmpl"
    condition: "element.enabled"
  - name: "sovereign-workplace-synapse"
-    chart: "sovereign-workplace-element/sovereign-workplace-synapse"
+    chart: "sovereign-workplace-element-repo/sovereign-workplace-synapse"
    version: "1.1.2"
    values:
      - "values-synapse.gotmpl"
--- a/helmfile/apps/intercom-service/helmfile.yaml
+++ b/helmfile/apps/intercom-service/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "intercom-service"
+  - name: "intercom-service-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/66/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/66/packages/helm/stable" }}
 releases:
  - name: "intercom-service"
-    chart: "intercom-service/intercom-service"
+    chart: "intercom-service-repo/intercom-service"
    version: "1.1.3"
    values:
      - "values.yaml"
--- a/helmfile/apps/jitsi/helmfile.yaml
+++ b/helmfile/apps/jitsi/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "jitsi"
+  - name: "jitsi-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/137/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/137/packages/helm/stable" }}
 releases:
  - name: "jitsi"
-    chart: "jitsi/sovereign-workplace-jitsi"
+    chart: "jitsi-repo/sovereign-workplace-jitsi"
    version: "1.2.1"
    values:
      - "values-jitsi.gotmpl"
--- a/helmfile/apps/keycloak-bootstrap/helmfile.yaml
+++ b/helmfile/apps/keycloak-bootstrap/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "sovereign-workplace-keycloak-bootstrap"
+  - name: "sovereign-workplace-keycloak-bootstrap-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/138/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/138/packages/helm/stable" }}
 releases:
  - name: "sovereign-workplace-keycloak-bootstrap"
-    chart: "sovereign-workplace-keycloak-bootstrap/sovereign-workplace-keycloak-bootstrap"
+    chart: "sovereign-workplace-keycloak-bootstrap-repo/sovereign-workplace-keycloak-bootstrap"
    version: "1.1.11"
    values:
      - "values-bootstrap.gotmpl"
--- a/helmfile/apps/keycloak/helmfile.yaml
+++ b/helmfile/apps/keycloak/helmfile.yaml
@@ -2,22 +2,29 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "bitnami"
+  - name: "bitnami-repo"
-    url: "https://charts.bitnami.com/bitnami"
+    oci: true
-  - name: "keycloak-theme"
+    url: >-
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/96/packages/helm/stable"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-  - name: "keycloak-extensions"
+         default "registry-1.docker.io/bitnamicharts" }}
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/77/packages/helm/stable"
+  - name: "keycloak-theme-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/96/packages/helm/stable" }}
  - name: "keycloak-extensions-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/77/packages/helm/stable" }}
 releases:
  - name: "keycloak-theme"
-    chart: "keycloak-theme/sovereign-workplace-theme"
+    chart: "keycloak-theme-repo/sovereign-workplace-theme"
    version: "1.0.0"
    values:
      - "values-theme.gotmpl"
    condition: "keycloak.enabled"
  - name: "keycloak"
-    chart: "bitnami/keycloak"
+    chart: "bitnami-repo/keycloak"
    version: "12.2.0"
    values:
      - "values-keycloak.gotmpl"
@@ -26,7 +33,7 @@ releases:
    wait: true
    condition: "keycloak.enabled"
  - name: "keycloak-extensions"
-    chart: "keycloak-extensions/keycloak-extensions"
+    chart: "keycloak-extensions-repo/keycloak-extensions"
    version: "0.1.0"
    needs:
      - "keycloak"
--- a/helmfile/apps/nextcloud/helmfile.yaml
+++ b/helmfile/apps/nextcloud/helmfile.yaml
@@ -2,14 +2,18 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "sovereign-workplace-nextcloud-bootstrap"
+  - name: "sovereign-workplace-nextcloud-bootstrap-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/130/packages/helm/stable"
+    url: >-
-  - name: "nextcloud"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-    url: "https://nextcloud.github.io/helm/"
+         default "https://gitlab.souvap-univention.de/api/v4/projects/130/packages/helm/stable" }}
  - name: "nextcloud-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://nextcloud.github.io/helm/" }}
 releases:
  - name: "sovereign-workplace-nextcloud-bootstrap"
-    chart: "sovereign-workplace-nextcloud-bootstrap/sovereign-workplace-nextcloud-bootstrap"
+    chart: "sovereign-workplace-nextcloud-bootstrap-repo/sovereign-workplace-nextcloud-bootstrap"
    version: "2.2.0"
    wait: true
    waitForJobs: true
@@ -20,7 +24,7 @@ releases:
    timeout: 1800
  - name: "nextcloud"
-    chart: "nextcloud/nextcloud"
+    chart: "nextcloud-repo/nextcloud"
    version: "3.5.19"
    needs:
      - "sovereign-workplace-nextcloud-bootstrap"
--- a/helmfile/apps/open-xchange/helmfile.yaml
+++ b/helmfile/apps/open-xchange/helmfile.yaml
@@ -2,31 +2,37 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "dovecot"
+  - name: "dovecot-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/80/packages/helm/stable"
+    url: >-
-  - name: "openxchange"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-    url: "registry.open-xchange.com"
+         default "https://gitlab.souvap-univention.de/api/v4/projects/80/packages/helm/stable" }}
  - name: "openxchange-repo"
    oci: true
-  - name: "sovereign-workplace-open-xchange-bootstrap"
+    url: >-
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/139/packages/helm/stable"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "registry.open-xchange.com" }}
  - name: "sovereign-workplace-open-xchange-bootstrap-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/139/packages/helm/stable" }}
 releases:
  - name: "dovecot"
-    chart: "dovecot/dovecot"
+    chart: "dovecot-repo/dovecot"
    version: "1.3.1"
    values:
      - "values-dovecot.yaml"
      - "values-dovecot.gotmpl"
    condition: "dovecot.enabled"
  - name: "open-xchange"
-    chart: "openxchange/appsuite-public-sector/charts/appsuite-public-sector"
+    chart: "openxchange-repo/appsuite-public-sector/charts/appsuite-public-sector"
    version: "1.2.13"
    values:
      - "values-openxchange.yaml"
      - "values-openxchange.gotmpl"
    condition: "oxAppsuite.enabled"
  - name: "sovereign-workplace-open-xchange-bootstrap"
-    chart: "sovereign-workplace-open-xchange-bootstrap/sovereign-workplace-open-xchange-bootstrap"
+    chart: "sovereign-workplace-open-xchange-bootstrap-repo/sovereign-workplace-open-xchange-bootstrap"
    version: "1.3.1"
    values:
      - "values-openxchange-bootstrap.yaml"
--- a/helmfile/apps/openproject/helmfile.yaml
+++ b/helmfile/apps/openproject/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "openproject"
+  - name: "openproject-repo"
-    url: "https://charts.openproject.org"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://charts.openproject.org" }}
 releases:
  - name: "openproject"
-    chart: "openproject/openproject"
+    chart: "openproject-repo/openproject"
    version: "1.8.0"
    values:
      - "values.yaml"
--- a/helmfile/apps/provisioning/helmfile.yaml
+++ b/helmfile/apps/provisioning/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "ox-connector"
+  - name: "ox-connector-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/128/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/128/packages/helm/stable" }}
 releases:
  - name: "ox-connector"
-    chart: "ox-connector/ox-connector"
+    chart: "ox-connector-repo/ox-connector"
    version: "0.1.0-pre-jconde-listener-entrypoint-chaining"
    values:
      - "values-oxconnector.yaml"
--- a/helmfile/apps/services/helmfile.yaml
+++ b/helmfile/apps/services/helmfile.yaml
@@ -2,70 +2,85 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "sovereign-workplace-certificates"
+  - name: "sovereign-workplace-certificates-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/133/packages/helm/stable"
+    url: >-
-  - name: "postgresql"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/83/packages/helm/stable"
+         default "https://gitlab.souvap-univention.de/api/v4/projects/133/packages/helm/stable" }}
-  - name: "mariadb"
+  - name: "postgresql-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/86/packages/helm/stable"
+    url: >-
-  - name: "postfix"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/85/packages/helm/stable"
+         default "https://gitlab.souvap-univention.de/api/v4/projects/83/packages/helm/stable" }}
-  - name: "istio-resources"
+  - name: "mariadb-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/69/packages/helm/stable"
+    url: >-
-  - name: "clamav"
+      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/73/packages/helm/stable"
+         default "https://gitlab.souvap-univention.de/api/v4/projects/86/packages/helm/stable" }}
-  - name: "bitnami"
+  - name: "postfix-repo"
-    url: "https://charts.bitnami.com/bitnami"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/85/packages/helm/stable" }}
  - name: "istio-resources-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/69/packages/helm/stable" }}
  - name: "clamav-repo"
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/73/packages/helm/stable" }}
  - name: "bitnami-repo"
    oci: true
    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "registry-1.docker.io/bitnamicharts" }}
 releases:
  - name: "sovereign-workplace-certificates"
-    chart: "sovereign-workplace-certificates/sovereign-workplace-certificates"
+    chart: "sovereign-workplace-certificates-repo/sovereign-workplace-certificates"
    version: "1.2.2"
    values:
      - "values-certificates.gotmpl"
    condition: "certificates.enabled"
  - name: "redis"
-    chart: "bitnami/redis"
+    chart: "bitnami-repo/redis"
    version: "^17.9.3"
    values:
      - "values-redis.gotmpl"
      - "values-redis.yaml"
    condition: "redis.enabled"
  - name: "postgresql"
-    chart: "postgresql/postgresql"
+    chart: "postgresql-repo/postgresql"
    version: "2.0.0"
    values:
      - "values-postgresql.yaml"
      - "values-postgresql.gotmpl"
    condition: "postgresql.enabled"
  - name: "mariadb"
-    chart: "mariadb/mariadb"
+    chart: "mariadb-repo/mariadb"
    version: "2.0.0"
    values:
      - "values-mariadb.yaml"
      - "values-mariadb.gotmpl"
    condition: "mariadb.enabled"
  - name: "postfix"
-    chart: "postfix/postfix"
+    chart: "postfix-repo/postfix"
    version: "1.13.0"
    values:
      - "values-postfix.yaml"
      - "values-postfix.gotmpl"
    condition: "postfix.enabled"
  - name: "clamav"
-    chart: "clamav/sovereign-workplace-clamav"
+    chart: "clamav-repo/sovereign-workplace-clamav"
    version: "2.1.0"
    values:
      - "values-clamav-distributed.gotmpl"
    condition: "clamavDistributed.enabled"
  - name: "clamav-simple"
-    chart: "clamav/clamav-simple"
+    chart: "clamav-repo/clamav-simple"
    version: "2.1.0"
    values:
      - "values-clamav-simple.gotmpl"
    condition: "clamavSimple.enabled"
  - name: "sovereign-workplace-gateway"
-    chart: "istio-resources/istio-gateway"
+    chart: "istio-resources-repo/istio-gateway"
    version: "1.1.2"
    values:
      - "values-istio-gateway.gotmpl"
--- a/helmfile/apps/univention-corporate-container/helmfile.yaml
+++ b/helmfile/apps/univention-corporate-container/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "univention-corporate-container"
+  - name: "univention-corporate-container-repo"
-    url: "https://gitlab.souvap-univention.de/api/v4/projects/132/packages/helm/stable"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://gitlab.souvap-univention.de/api/v4/projects/132/packages/helm/stable" }}
 releases:
  - name: "univention-corporate-container"
-    chart: "univention-corporate-container/univention-corporate-container"
+    chart: "univention-corporate-container-repo/univention-corporate-container"
    version: "1.0.10"
    values:
      - "values.yaml"
--- a/helmfile/apps/xwiki/helmfile.yaml
+++ b/helmfile/apps/xwiki/helmfile.yaml
@@ -2,12 +2,14 @@
 # SPDX-License-Identifier: Apache-2.0
 ---
 repositories:
-  - name: "xwiki"
+  - name: "xwiki-repo"
-    url: "https://xwiki-contrib.github.io/xwiki-helm"
+    url: >-
      {{ env "PRIVATE_CHART_REPOSITORY_URL" |
         default "https://xwiki-contrib.github.io/xwiki-helm" }}
 releases:
  - name: "xwiki"
-    chart: "xwiki/xwiki"
+    chart: "xwiki-repo/xwiki"
    version: "1.1.1"
    wait: true
    timeout: 600
--- a/helmfile/environments/default/global.gotmpl
+++ b/helmfile/environments/default/global.gotmpl
@@ -36,21 +36,11 @@ global:
  ## Define docker registry address.
  #
-  imageRegistry: "external-registry.souvap-univention.de/sovereign-workplace"
+  imageRegistry: {{ env "PRIVATE_IMAGE_REGISTRY_URL" | default "external-registry.souvap-univention.de/sovereign-workplace" }}
  ## Credentials to fetch images from private registry
  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  #
  imagePullSecrets:
    - "external-registry"
  ## Define internal kubernetes domain, usually svc.cluster.local
  ## Workaround for calico with postfix
  #
  internalDomain: "svc.cluster.local"
  ## Define internal kubernetes network for postfix
  ## Attention: Mail from this network can be sent without authentication!
  #
  internalNetwork: "10.0.0.0/8"
 ...
Author	SHA1	Message	Date
Dominik Kaminski	83aeb4ece2	chore(release): 0.2.0 [skip ci] # [0.2.0](https://gitlab.souvap-univention.de/souvap/devops/sovereign-workplace/compare/v0.1.2...v0.2.0) (2023-08-15) ### Bug Fixes * helmfile: Replace bitnami repositories with OCI ([`4c21fd2`](`4c21fd2286`)) ### Features * helmfile: Implement private image/chart registry variables ([`5788323`](`5788323621`))	2023-08-15 10:40:25 +00:00
Dominik Kaminski	4c21fd2286	fix(helmfile): Replace bitnami repositories with OCI	2023-08-15 11:32:03 +02:00
Dominik Kaminski	5788323621	feat(helmfile): Implement private image/chart registry variables	2023-08-15 11:32:03 +02:00