Skip to content

Commit

Permalink
Separate registry, repo and tag values
Browse files Browse the repository at this point in the history
  • Loading branch information
@airadier
airadier committed Aug 18, 2023
1 parent 54649d9 commit 85d2ab0
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 11 deletions.
14 changes: 9 additions & 5 deletions charts/admission-controller/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,14 +139,18 @@ The following table lists the configurable parameters of the `admission-controll
| webhook.v2.service.type | Use this type as webhook service | <code>ClusterIP</code> |
| webhook.v2.service.port | Configure port for the V2 webhook service | <code>7443</code> |
| webhook.v2.http.port | HTTP serve port where the requests will be served from | <code>7443</code> |
| webhook.v2.image | | <code>quay.io/sysdig/secure-admission-controller:1.0.0</code> |
| webhook.v2.image.registry | The KSPM Admission Controller image registry | <code>quay.io</code> |
| webhook.v2.image.repository | The KSPM Admission Controller image repository | <code>sysdig/secure-admission-controller</code> |
| webhook.v2.image.tag | The KSPM Admission Controller image tag | <code>1.0.0</code> |
| webhook.v2.image.digest | Specifies the image digest value. If set, this value is used instead of the tag value | <code></code> |
| webhook.v2.image.pullPolicy | The PullPolicy for KSPM Admission Controller image | <code></code> |
| webhook.name | The service name for Webhook deployment | <code>webhook</code> |
| webhook.replicaCount | The number of replicas for webhook. **Deprecated**, use `webhook.autoscaling.minReplicas` and `webhook.autoscaling.maxReplicas` instead. | <code>1</code> |
| webhook.image.registry | The webhook image registry. | <code>quay.io</code> |
| webhook.image.repository | The webhook image registry. | <code>sysdig/admission-controller</code> |
| webhook.image.pullPolicy | The PullPolicy for Webhook image. | <code></code> |
| webhook.image.registry | The webhook image registry | <code>quay.io</code> |
| webhook.image.repository | The webhook image repository | <code>sysdig/admission-controller</code> |
| webhook.image.pullPolicy | The PullPolicy for Webhook image | <code></code> |
| webhook.image.tag | Overrides the default image tag. If not specified, it defaults to appVersion in Chart.yaml | <code></code> |
| webhook.image.digest | Specifies the image digest value. If set, this value is used instead of the tag value. | <code></code> |
| webhook.image.digest | Specifies the image digest value. If set, this value is used instead of the tag value | <code></code> |
| webhook.labels | Specifies the additional labels; applies to webhook only. | <code>{}</code> |
| webhook.service.type | Use this type as webhook service. | <code>ClusterIP</code> |
| webhook.service.port | Configure port for the webhook service. | <code>443</code> |
Expand Down
13 changes: 13 additions & 0 deletions charts/admission-controller/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,19 @@ Allow overriding registry and repository for air-gapped environments
{{- end -}}
{{- end -}}

{{- define "admissionController.kspm.image" -}}
{{- if .Values.webhook.v2.image.overrideValue -}}
{{- .Values.webhook.v2.image.overrideValue -}}
{{- else -}}
{{- $imageRegistry := .Values.webhook.v2.image.registry -}}
{{- $imageRepository := .Values.webhook.v2.image.repository -}}
{{- $imageTag := .Values.webhook.v2.image.tag -}}
{{- $imageDigest := .Values.webhook.v2.image.digest -}}
{{- $globalRegistry := (default .Values.global dict).imageRegistry -}}
{{- $globalRegistry | default $imageRegistry | default "docker.io" -}} / {{- $imageRepository -}} {{- if $imageDigest -}} @ {{- $imageDigest -}} {{- else -}} : {{- $imageTag -}} {{- end -}}
{{- end -}}
{{- end -}}

{{/*
Inline Scanner Service
*/}}
Expand Down
3 changes: 2 additions & 1 deletion charts/admission-controller/templates/webhook/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,8 @@ spec:
containers:
{{- if .Values.features.kspmAdmissionController}}
- name: kspm-admission-controller
image: {{ .Values.webhook.v2.image }}
image: {{ include "admissionController.kspm.image" . }}
imagePullPolicy: {{ .Values.webhook.v2.image.pullPolicy | default .Values.global.image.pullPolicy }}
env:
- name: DRY_RUN
value: "true"
Expand Down
20 changes: 15 additions & 5 deletions charts/admission-controller/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,22 +180,32 @@ webhook:
# HTTP serve port where the requests will be served from
port: 7443
# KSPM Admission Controller container image
image: quay.io/sysdig/secure-admission-controller:1.0.0
image:
# The KSPM Admission Controller image registry
registry: quay.io
# The KSPM Admission Controller image repository
repository: sysdig/secure-admission-controller
# The KSPM Admission Controller image tag
tag: 1.0.0
# Specifies the image digest value. If set, this value is used instead of the tag value
digest:
# The PullPolicy for KSPM Admission Controller image
pullPolicy:
# The service name for Webhook deployment
name: webhook
# The number of replicas for webhook. **Deprecated**, use `webhook.autoscaling.minReplicas` and `webhook.autoscaling.maxReplicas` instead.
replicaCount: 1

image:
# The webhook image registry.
# The webhook image registry
registry: quay.io
# The webhook image registry.
# The webhook image repository
repository: sysdig/admission-controller
# The PullPolicy for Webhook image.
# The PullPolicy for Webhook image
pullPolicy:
# Overrides the default image tag. If not specified, it defaults to appVersion in Chart.yaml
tag:
# Specifies the image digest value. If set, this value is used instead of the tag value.
# Specifies the image digest value. If set, this value is used instead of the tag value
digest:

# Specifies the additional labels; applies to webhook only.
Expand Down

0 comments on commit 85d2ab0

Please sign in to comment.