From 1108d655f6d9511e30aeec11ed6075475786b771 Mon Sep 17 00:00:00 2001 From: Kevin Wilder Date: Fri, 8 Jan 2021 08:44:21 -0700 Subject: [PATCH 1/3] add imagepullsecrets to shared-secrets jobs --- chart/values.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index e7dc180..0aa5ade 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -473,6 +473,8 @@ global: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 + pullSecrets: + - name: private-registry customCAs: [] # - secret: custom-CA # - secret: more-custom-CAs @@ -482,7 +484,8 @@ global: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/kubectl tag: 13.2.0 - pullSecrets: [] + pullSecrets: + - name: private-registry securityContext: # in most base images, this is `nobody:nogroup` runAsUser: 65534 @@ -694,9 +697,16 @@ shared-secrets: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 + pullSecrets: + - name: private-registry rbac: create: true +selfsign: + image: + pullSecrets: + - name: private-registry + ## Installation & configuration of gitlab/gitlab-runner ## See requirements.yaml for current version gitlab-runner: -- GitLab From ea1656c106e34262ece5a4d04fc115bc5c872b2f Mon Sep 17 00:00:00 2001 From: Kevin Wilder Date: Fri, 8 Jan 2021 14:32:59 -0700 Subject: [PATCH 2/3] add image pull secrets --- chart/values.yaml | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 0aa5ade..0b60b87 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -474,7 +474,7 @@ global: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 pullSecrets: - - name: private-registry + - name: private-registry customCAs: [] # - secret: custom-CA # - secret: more-custom-CAs @@ -485,7 +485,7 @@ global: repository: registry1.dso.mil/ironbank/gitlab/gitlab/kubectl tag: 13.2.0 pullSecrets: - - name: private-registry + - name: private-registry securityContext: # in most base images, this is `nobody:nogroup` runAsUser: 65534 @@ -638,16 +638,19 @@ redis: registry: registry1.dso.mil/ironbank/bitnami repository: analytics/redis-exporter tag: 1.6.1 + pullSecrets: + - private-registry image: registry: registry1.dso.mil/ironbank/opensource repository: redis/redis5 tag: 5.0.9 + pullSecrets: + - private-registry master: command: "redis-server" slave: command: "redis-server" - ## Instllation & configuration of stable/prostgresql ## See requirements.yaml for current version postgresql: @@ -686,6 +689,8 @@ registry: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry tag: 13.2.0 + pullSecrets: + - name: private-registry ## Automatic shared secret generation ## doc/installation/secrets.md @@ -698,15 +703,10 @@ shared-secrets: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 pullSecrets: - - name: private-registry + - name: private-registry rbac: create: true -selfsign: - image: - pullSecrets: - - name: private-registry - ## Installation & configuration of gitlab/gitlab-runner ## See requirements.yaml for current version gitlab-runner: @@ -790,38 +790,52 @@ gitlab: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-task-runner tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/migrations migrations: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-task-runner tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/webservice webservice: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice tag: 13.2.0 + pullSecrets: + - name: private-registry workhorse: image: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/sidekiq sidekiq: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/gitaly gitaly: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/gitlab-shell gitlab-shell: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell tag: 13.2.0 + pullSecrets: + - name: private-registry ## doc/charts/gitlab/gitlab-grafana # gitlab-grafana: ## gitlab exporter for prometheus metrics @@ -829,6 +843,8 @@ gitlab: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter tag: 13.2.0 + pullSecrets: + - name: private-registry metrics: enabled: true port: 9168 @@ -844,6 +860,8 @@ gitlab: minio: image: registry1.dso.mil/ironbank/opensource/minio/minio imageTag: RELEASE.2020-11-19T23-48-16Z + pullSecrets: + - name: private-registry minioMc: # the MinIO sub-chart config script was modified to work with newer mc version in IronBank image # chart/charts/minio/templates/create-buckets-job.yaml -- GitLab From 1fd686903ae012556b4f2cdc32f364b5ce89bc54 Mon Sep 17 00:00:00 2001 From: Kevin Wilder Date: Mon, 11 Jan 2021 07:49:58 -0700 Subject: [PATCH 3/3] comment pull secrets --- chart/values.yaml | 60 +++++++++++++++++++++++------------------------ 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index 0b60b87..1d0d892 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -473,8 +473,8 @@ global: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry customCAs: [] # - secret: custom-CA # - secret: more-custom-CAs @@ -484,8 +484,8 @@ global: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/kubectl tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry securityContext: # in most base images, this is `nobody:nogroup` runAsUser: 65534 @@ -638,14 +638,14 @@ redis: registry: registry1.dso.mil/ironbank/bitnami repository: analytics/redis-exporter tag: 1.6.1 - pullSecrets: - - private-registry + # pullSecrets: + # - private-registry image: registry: registry1.dso.mil/ironbank/opensource repository: redis/redis5 tag: 5.0.9 - pullSecrets: - - private-registry + # pullSecrets: + # - private-registry master: command: "redis-server" slave: @@ -689,8 +689,8 @@ registry: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-container-registry tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## Automatic shared secret generation ## doc/installation/secrets.md @@ -702,8 +702,8 @@ shared-secrets: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/cfssl-self-sign tag: 1.4.1 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry rbac: create: true @@ -790,52 +790,52 @@ gitlab: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-task-runner tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/migrations migrations: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-task-runner tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/webservice webservice: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-webservice tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry workhorse: image: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-workhorse tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/sidekiq sidekiq: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-sidekiq tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/gitaly gitaly: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitaly tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/gitlab-shell gitlab-shell: # enabled: false image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-shell tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry ## doc/charts/gitlab/gitlab-grafana # gitlab-grafana: ## gitlab exporter for prometheus metrics @@ -843,8 +843,8 @@ gitlab: image: repository: registry1.dso.mil/ironbank/gitlab/gitlab/gitlab-exporter tag: 13.2.0 - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry metrics: enabled: true port: 9168 @@ -860,8 +860,8 @@ gitlab: minio: image: registry1.dso.mil/ironbank/opensource/minio/minio imageTag: RELEASE.2020-11-19T23-48-16Z - pullSecrets: - - name: private-registry + # pullSecrets: + # - name: private-registry minioMc: # the MinIO sub-chart config script was modified to work with newer mc version in IronBank image # chart/charts/minio/templates/create-buckets-job.yaml -- GitLab