From cd391e4d52122d6d11ee8e7e2d30d73b879f7b59 Mon Sep 17 00:00:00 2001 From: Gianni Carafa Date: Fri, 4 Oct 2024 14:57:31 +0200 Subject: [PATCH] use separate files for registry secret creation --- Makefile | 2 +- VERSION | 2 +- ...kubero-operator.clusterserviceversion.yaml | 10 +- config/manager/kustomization.yaml | 2 +- ...kubero-operator.clusterserviceversion.yaml | 2 +- deploy/operator.0.1.5-rc.10-debug.yaml | 1540 +++++++++++++++++ deploy/operator.yaml | 2 +- .../kuberopipeline/templates/_helpers.tpl | 45 - .../templates/secret-pull-secret-copy.yaml | 37 + .../templates/secret-pull-secret-create.yaml | 33 + .../templates/secret-pull-secret.yaml | 33 - helm-charts/kuberopipeline/values.yaml | 4 +- 12 files changed, 1622 insertions(+), 90 deletions(-) create mode 100644 deploy/operator.0.1.5-rc.10-debug.yaml delete mode 100644 helm-charts/kuberopipeline/templates/_helpers.tpl create mode 100644 helm-charts/kuberopipeline/templates/secret-pull-secret-copy.yaml create mode 100644 helm-charts/kuberopipeline/templates/secret-pull-secret-create.yaml delete mode 100644 helm-charts/kuberopipeline/templates/secret-pull-secret.yaml diff --git a/Makefile b/Makefile index 27a9792..6703da5 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ # To re-generate a bundle for another specific version without changing the standard setup, you can: # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) -VERSION ?= 0.1.5-rc.8-debug +VERSION ?= 0.1.5-rc.10-debug # CHANNELS define the bundle channels used in the bundle. # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") diff --git a/VERSION b/VERSION index 8263fb8..578fd2c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.1.5-rc.9-debug +0.1.5-rc.10-debug diff --git a/bundle/manifests/kubero-operator.clusterserviceversion.yaml b/bundle/manifests/kubero-operator.clusterserviceversion.yaml index 9509514..eeff4db 100644 --- a/bundle/manifests/kubero-operator.clusterserviceversion.yaml +++ b/bundle/manifests/kubero-operator.clusterserviceversion.yaml @@ -1136,14 +1136,14 @@ metadata: capabilities: Basic Install categories: Integration & Delivery certified: "false" - containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.8-debug - createdAt: "2024-10-04T12:17:00Z" + containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.10-debug + createdAt: "2024-10-04T12:57:07Z" description: Kubero is a GitOps continuous delivery tool for Kubernetes. operators.operatorframework.io/builder: operator-sdk-v1.34.1 operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 repository: https://github.com/kubero-dev/kubero support: Kubero Community - name: kubero-operator.v0.1.5-rc.8-debug + name: kubero-operator.v0.1.5-rc.10-debug namespace: placeholder spec: apiservicedefinitions: {} @@ -2040,7 +2040,7 @@ spec: - --leader-elect - --leader-election-id=kubero-operator - --zap-log-level=info - image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.8-debug + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.10-debug livenessProbe: httpGet: path: /healthz @@ -2127,4 +2127,4 @@ spec: provider: name: kubero url: https://github.com/kubero-dev/ - version: 0.1.5-rc.8-debug + version: 0.1.5-rc.10-debug diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 3110594..3029c2c 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -13,4 +13,4 @@ kind: Kustomization images: - name: controller newName: ghcr.io/kubero-dev/kubero-operator/kuberoapp - newTag: v0.1.5-rc.8-debug + newTag: v0.1.5-rc.10-debug diff --git a/config/manifests/bases/kubero-operator.clusterserviceversion.yaml b/config/manifests/bases/kubero-operator.clusterserviceversion.yaml index 9246cf6..9239483 100644 --- a/config/manifests/bases/kubero-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/kubero-operator.clusterserviceversion.yaml @@ -6,7 +6,7 @@ metadata: capabilities: Basic Install categories: Integration & Delivery certified: "false" - containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.8-debug + containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.10-debug description: Kubero is a GitOps continuous delivery tool for Kubernetes. repository: https://github.com/kubero-dev/kubero support: Kubero Community diff --git a/deploy/operator.0.1.5-rc.10-debug.yaml b/deploy/operator.0.1.5-rc.10-debug.yaml new file mode 100644 index 0000000..b0eed24 --- /dev/null +++ b/deploy/operator.0.1.5-rc.10-debug.yaml @@ -0,0 +1,1540 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.10-debug + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.yaml b/deploy/operator.yaml index bc59b08..b0eed24 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -1511,7 +1511,7 @@ spec: - --leader-elect - --leader-election-id=kubero-operator - --zap-log-level=info - image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.8-debug + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.5-rc.10-debug livenessProbe: httpGet: path: /healthz diff --git a/helm-charts/kuberopipeline/templates/_helpers.tpl b/helm-charts/kuberopipeline/templates/_helpers.tpl deleted file mode 100644 index b04a06f..0000000 --- a/helm-charts/kuberopipeline/templates/_helpers.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{- define "kubero.registryUsername" -}} -{{- if eq .Values.registry.createSecret "create" }} -{{- $registryUsername := .Values.registry.username | b64enc }} -{{- $registryUsername }} -{{- end }} - -{{- if or (not .Values.registry.createSecret) (eq .Values.registry.createSecret "copy") }} -{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} -{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} -{{- $secretData := (get $secretObj "data") | default dict }} -{{- $registryUsername := (get $secretData "username") | default "empty" }} -{{- $registryUsername }} -{{- end }} -{{- end }} - -{{- define "kubero.registryPassword" -}} -{{- if eq .Values.registry.createSecret "create" }} -{{- $registryPassword := .Values.registry.password | b64enc }} -{{- $registryPassword }} -{{- end }} - -{{- if or (not .Values.registry.createSecret) (eq .Values.registry.createSecret "copy") }} -{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} -{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} -{{- $secretData := (get $secretObj "data") | default dict }} -{{- $registryPassword := (get $secretData "password") | default "empty" }} -{{- $registryPassword }} -{{- end }} -{{- end }} - -{{- define "kubero.dockerconfigjson" -}} -{{- if eq .Values.registry.createSecret "create" }} -{{- $dockerAuth := (printf "%s:%s" .Values.registry.username .Values.registry.password) | b64enc -}} -{{- $dockerconfigjson := (printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"auth\":\"%s\"}}}" .Values.registry.host .Values.registry.username .Values.registry.password $dockerAuth) | b64enc -}} -{{- $dockerconfigjson }} -{{- end }} - -{{- if or (not .Values.registry.createSecret) (eq .Values.registry.createSecret "copy") }} -{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} -{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} -{{- $secretData := (get $secretObj "data") | default dict }} -{{- $dockerconfigjson := (get $secretData ".dockerconfigjson") | default "empty" }} -{{- $dockerconfigjson }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/secret-pull-secret-copy.yaml b/helm-charts/kuberopipeline/templates/secret-pull-secret-copy.yaml new file mode 100644 index 0000000..92768bb --- /dev/null +++ b/helm-charts/kuberopipeline/templates/secret-pull-secret-copy.yaml @@ -0,0 +1,37 @@ +{{- $name := .Values.name -}} + +{{- if and (eq .Values.deploymentstrategy "git") (eq .Values.registry.createSecret "copy") }} + +{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} +{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $dockerconfigjson := (get $secretData ".dockerconfigjson") | default "ZW1wdHk=" }} +{{- $registryUsername := (get $secretData "username") | default "ZW1wdHk=" }} +{{- $registryPassword := (get $secretData "password") | default "ZW1wdHk=" }} + + +{{- range .Values.phases }} +{{- if .enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: kubero-pull-secret + namespace: {{ $name }}-{{ .name }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $dockerconfigjson | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: registry-credentials + namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "required by trivy to scan the image" +type: Opaque +data: + username: {{ $registryUsername | quote }} + password: {{ $registryPassword | quote }} +{{- end }}{{/* if .enabled */}} +{{- end }}{{/* end range .Values.phases */}} +{{- end }}{{/* if and (eq .Values.deploymentstrategy "git") (eq .Values.registry.createSecret "copy") */}} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/secret-pull-secret-create.yaml b/helm-charts/kuberopipeline/templates/secret-pull-secret-create.yaml new file mode 100644 index 0000000..03c0118 --- /dev/null +++ b/helm-charts/kuberopipeline/templates/secret-pull-secret-create.yaml @@ -0,0 +1,33 @@ +{{- $name := .Values.name -}} + +{{- if and (eq .Values.deploymentstrategy "git") (eq .Values.registry.createSecret "create") }} +{{- $dockerAuth := (printf "%s:%s" .Values.registry.username .Values.registry.password) | b64enc -}} +{{- $dockerconfigjson := (printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"auth\":\"%s\"}}}" .Values.registry.host .Values.registry.username .Values.registry.password $dockerAuth) | b64enc -}} +{{- $registryUsername := .Values.registry.username | b64enc -}} +{{- $registryPassword := .Values.registry.password | b64enc -}} + +{{- range .Values.phases }} +{{- if .enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: kubero-pull-secret + namespace: {{ $name }}-{{ .name }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $dockerconfigjson | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: registry-credentials + namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "required by trivy to scan the image" +type: Opaque +data: + username: {{ $registryUsername | quote }} + password: {{ $registryPassword | quote }} +{{- end }}{{/* if .enabled */}} +{{- end }}{{/* end range .Values.phases */}} +{{- end }}{{/* if and (eq .Values.deploymentstrategy "git") (eq .Values.registry.createSecret "copy") */}} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/secret-pull-secret.yaml b/helm-charts/kuberopipeline/templates/secret-pull-secret.yaml deleted file mode 100644 index ee12a34..0000000 --- a/helm-charts/kuberopipeline/templates/secret-pull-secret.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- $name := .Values.name -}} -{{- $deploymentstrategy := .Values.deploymentstrategy -}} -{{- $createSecret := .Values.registry.createSecret | default "create" -}} -{{- $dockerconfigjson := include "kubero.dockerconfigjson" . -}} -{{- $registryUsername := include "kubero.registryUsername" . -}} -{{- $registryPassword := include "kubero.registryPassword" . -}} - -{{- range .Values.phases }} -{{- if .enabled }} -{{- if and (eq $deploymentstrategy "git") (ne $createSecret "none") }} -apiVersion: v1 -kind: Secret -metadata: - name: kubero-pull-secret - namespace: {{ $name }}-{{ .name }} -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: {{ $dockerconfigjson | quote }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: registry-credentials - namespace: {{ $name }}-{{ .name }} - annotations: - app.kubernetes.io/comment: "required by trivy to scan the image" -type: Opaque -data: - username: {{ $registryUsername | quote }} - password: {{ $registryPassword | quote }} -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/values.yaml b/helm-charts/kuberopipeline/values.yaml index 73c8ed7..e1c50be 100644 --- a/helm-charts/kuberopipeline/values.yaml +++ b/helm-charts/kuberopipeline/values.yaml @@ -2,11 +2,11 @@ deploymentstrategy: git buildstrategy: plain mainnamespace: kubero registry: - # Possible values: copy, create, none (default: copy) + # Possible values: copy, create, none (default: create) # copy: Copy the secret from the main namespace # create: Create a new secret in the pipeline namespace # none: Do not create a secret - createSecret: create + createSecret: copy host: missingregistry.mydomain.com/example username: admin password: admin