diff --git a/chart/charts/redis-10.5.7.tgz b/chart/charts/redis-10.5.7.tgz new file mode 100644 index 0000000000000000000000000000000000000000..95d04d5a3544c053b3ab95b07bbb00f02941fca3 Binary files /dev/null and b/chart/charts/redis-10.5.7.tgz differ diff --git a/chart/charts/redis-6.0.10.tgz b/chart/charts/redis-6.0.10.tgz deleted file mode 100644 index 64bca5e86e9a3c11183b6b62fa7664e25fd095a2..0000000000000000000000000000000000000000 Binary files a/chart/charts/redis-6.0.10.tgz and /dev/null differ diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index d6694292899638e4b0e0bd4484c62fcab4b299f4..9c9063e62e201fded7042849eefaf2a45431976c 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -191,3 +191,9 @@ When applicable, we use the secrets created by the postgres/redis charts (which {{ toYaml .Values.airflow.extraEnv }} {{- end }} {{- end }} + +{{- define "imagePullSecret" }} +{{- with .Values.imageCreds }} +{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/chart/templates/image-secret.yaml b/chart/templates/image-secret.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5ffde710cc3d8f4c552adc374c6f5bf260d6b60a --- /dev/null +++ b/chart/templates/image-secret.yaml @@ -0,0 +1,9 @@ +{{- if not .Values.useExistingSecret.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: regcreds +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ template "imagePullSecret" . }} +{{- end }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index 0717d892b1db805a8958063c6ba818d24a574895..70627c7a874be8b88d0bb8c014ac4294ad54f9fa 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -15,7 +15,7 @@ airflow: tag: 1.10.12-python3.6 ## values: Always or IfNotPresent pullPolicy: Always - pullSecret: il2-registry + pullSecret: regcreds ## the airflow executor type to use ## @@ -916,10 +916,10 @@ tfx: ## - if set to "", then `PersistentVolumeClaim/spec.storageClassName` is omitted ## - if set to "-", then `PersistentVolumeClaim/spec.storageClassName` is set to "" ## - storageClass: azure-file-sc + storageClass: "" ## Azure storage parameters: defined with ../../scripts/storage_azure.sh - azure_location: usgovarizona + azure_location: "" azure_storage_account: "" azure_resource_group: "" @@ -986,10 +986,10 @@ data: ## - if set to "", then `PersistentVolumeClaim/spec.storageClassName` is omitted ## - if set to "-", then `PersistentVolumeClaim/spec.storageClassName` is set to "" ## - storageClass: azure-file-sc + storageClass: "" ## Azure storage parameters: defined with ../../scripts/storage_azure.sh - azure_location: usgovarizona + azure_location: "" azure_storage_account: "" azure_resource_group: "" @@ -1075,10 +1075,10 @@ dags: ## - if set to "", then `PersistentVolumeClaim/spec.storageClassName` is omitted ## - if set to "-", then `PersistentVolumeClaim/spec.storageClassName` is set to "" ## - storageClass: azure-file-sc + storageClass: "" ## Azure storage parameters: defined with ../../scripts/storage_azure.sh - azure_location: usgovarizona + azure_location: "" azure_storage_account: "" azure_resource_group: "" @@ -1644,16 +1644,18 @@ redis: slaveCount: 1 image: - registry: registry.il2.dso.mil - repository: jaic-devsecops/apps/bitnami/redis + registry: registry1.dso.mil + repository: ironbank/opensource/redis/redis6 tag: 6.0.4 - pullPolicy: Always pullSecrets: - - il2-registry + - ironbank ## configs for the redis master ## master: + ## Enable hardened redis 6.0.4 installation + command: "" + ## resource requests/limits for the master Pod ## ## EXAMPLE: @@ -1808,5 +1810,10 @@ prometheusRule: ## groups: [] +imageCreds: + registry: registry.il2.dso.mil + username: passInValue + password: passInValue + useExistingSecret: enabled: false