refs platform/#2862: add variable to change the image configuration for the default image and for the docker mirror image

[Monska85]

PR Type

Enhancement, Configuration changes

---

Description

• Introduced configurable variables for both default and docker-mirror images in GitLab CI template
• Added ability to override image configuration through project-specific .gitlab-ci.yml files
• Replaced hardcoded image references with variable interpolation:
  • Default image: ${DEFAULT_IMAGE_REGISTRY}/${DEFAULT_IMAGE_REPOSITORY}:${DEFAULT_IMAGE_TAG}
  • Docker mirror: ${DOCKER_MIRROR_IMAGE_REGISTRY}/${DOCKER_MIRROR_IMAGE_REPOSITORY}:${DOCKER_MIRROR_IMAGE_TAG}
• Default values maintain current behavior using ghcr.io registry

---

Changes walkthrough 📝

	Relevant files
Configuration changes	.gitlab-ci-template.yml Configurable Docker image variables for CI template            templates/.gitlab-ci-template.yml Replaced hardcoded image references with configurable variables Added variables for default image configuration (registry, repository, tag) Added variables for docker-mirror image configuration (registry, repository, tag) +14/-2

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[sparkfabrik-ai-bot]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Container Registry Access: The PR introduces configurable image registries through variables. While this provides flexibility, it's important to ensure that only trusted registries are used and that proper access controls are in place to prevent pulling malicious images. Consider adding registry URL validation or restricting to allowed registries.

⚡ Recommended focus areas for review Configuration Validation Verify that the default values for the new image configuration variables match the previously hardcoded values to maintain backward compatibility Documentation Consider adding documentation about the required format and examples for overriding these variables in project-specific gitlab-ci.yml files

[sparkfabrik-ai-bot]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Score
Best practice	Use specific version tags instead of 'latest' to ensure reproducible builds and avoid unexpected changes Add version pinning to avoid potential breaking changes from 'latest' tag templates/.gitlab-ci-template.yml [31-37] -DEFAULT_IMAGE_TAG: latest -DOCKER_MIRROR_IMAGE_TAG: latest +DEFAULT_IMAGE_TAG: "1.0.0" +DOCKER_MIRROR_IMAGE_TAG: "1.0.0" Suggestion importance[1-10]: 9 Why: Version pinning is critical for build reproducibility and stability, preventing unexpected breaking changes that could occur with 'latest' tags.	9
	Add fallback values for environment variables to improve pipeline reliability when variables are not set Add default fallback values using YAML anchors to ensure the pipeline doesn't fail if variables are unset templates/.gitlab-ci-template.yml [1] -image: ${DEFAULT_IMAGE_REGISTRY}/${DEFAULT_IMAGE_REPOSITORY}:${DEFAULT_IMAGE_TAG} +image: ${DEFAULT_IMAGE_REGISTRY:-ghcr.io}/${DEFAULT_IMAGE_REPOSITORY:-sparkfabrik/spark-k8s-deployer}:${DEFAULT_IMAGE_TAG:-latest} Suggestion importance[1-10]: 8 Why: Adding default fallback values is a crucial improvement for pipeline stability, preventing failures when variables are unset and maintaining backward compatibility.	8
Possible issue	Add validation rules for registry URLs to prevent pipeline failures due to invalid configurations Add validation for required registry URLs using CI/CD variable rules to catch configuration errors early templates/.gitlab-ci-template.yml [29-30] variables: DEFAULT_IMAGE_REGISTRY: ghcr.io DOCKER_MIRROR_IMAGE_REGISTRY: ghcr.io +rules: + - if: $DEFAULT_IMAGE_REGISTRY =~ /^[a-zA-Z0-9][a-zA-Z0-9-_.]+[a-zA-Z0-9]$/ + - if: $DOCKER_MIRROR_IMAGE_REGISTRY =~ /^[a-zA-Z0-9][a-zA-Z0-9-_.]+[a-zA-Z0-9]$/ Suggestion importance[1-10]: 7 Why: Adding validation rules for registry URLs helps catch configuration errors early in the pipeline, preventing runtime failures due to invalid registry specifications.	7