mirror of
https://github.com/stefanprodan/podinfo.git
synced 2026-04-07 11:36:50 +00:00
Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
d9bc6301e9 | ||
|
|
a0e323e331 | ||
|
|
1ee349fa17 | ||
|
|
0f526c3cd4 | ||
|
|
021c55fed9 | ||
|
|
bb2408d17d | ||
|
|
5eb3cafd6a | ||
|
|
df0f8ba885 | ||
|
|
19a59d96f1 | ||
|
|
401461595a | ||
|
|
bd77584ade | ||
|
|
87e0dbaa7e | ||
|
c5494104a1 | ||
|
|
74c60a927c | ||
|
|
ecdf07c4d5 | ||
|
|
ff29c549ff | ||
|
|
fa75fc0520 |
@@ -1,9 +1,10 @@
|
||||
# Podinfo signed releases
|
||||
|
||||
Podinfo deployment manifests are published to GitHub Container Registry as OCI artifacts
|
||||
and are signed using [cosign](https://github.com/sigstore/cosign).
|
||||
Podinfo release assets (container image, Helm chart, Flux artifact, Timoni module)
|
||||
are published to GitHub Container Registry and are signed with
|
||||
[Cosign v2](https://github.com/sigstore/cosign) keyless & GitHub Actions OIDC.
|
||||
|
||||
## Verify the artifacts with cosign
|
||||
## Verify podinfo with cosign
|
||||
|
||||
Install the [cosign](https://github.com/sigstore/cosign) CLI:
|
||||
|
||||
@@ -11,29 +12,50 @@ Install the [cosign](https://github.com/sigstore/cosign) CLI:
|
||||
brew install sigstore/tap/cosign
|
||||
```
|
||||
|
||||
Verify a podinfo release with cosign CLI:
|
||||
### Container image
|
||||
|
||||
Verify the podinfo container image hosted on GHCR:
|
||||
|
||||
```sh
|
||||
cosign verify -key https://raw.githubusercontent.com/stefanprodan/podinfo/master/cosign/cosign.pub \
|
||||
ghcr.io/stefanprodan/podinfo-deploy:latest
|
||||
cosign verify ghcr.io/stefanprodan/podinfo:6.5.0 \
|
||||
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
|
||||
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
|
||||
```
|
||||
|
||||
## Download the artifacts with crane
|
||||
|
||||
Install the [crane](https://github.com/google/go-containerregistry/tree/main/cmd/crane) CLI:
|
||||
Verify the podinfo container image hosted on Docker Hub:
|
||||
|
||||
```sh
|
||||
brew install crane
|
||||
cosign verify docker.io/stefanprodan/podinfo:6.5.0 \
|
||||
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
|
||||
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
|
||||
```
|
||||
|
||||
Download the podinfo deployment manifests with crane CLI:
|
||||
### Helm chart
|
||||
|
||||
```console
|
||||
$ crane export ghcr.io/stefanprodan/podinfo-deploy:latest -| tar -xf -
|
||||
Verify the podinfo [Helm](https://helm.sh) chart hosted on GHCR:
|
||||
|
||||
$ ls -1
|
||||
deployment.yaml
|
||||
hpa.yaml
|
||||
kustomization.yaml
|
||||
service.yaml
|
||||
```sh
|
||||
cosign verify ghcr.io/stefanprodan/charts/podinfo:6.5.0 \
|
||||
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
|
||||
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
|
||||
```
|
||||
|
||||
### Flux artifact
|
||||
|
||||
Verify the podinfo [Flux](https://fluxcd.io) artifact hosted on GHCR:
|
||||
|
||||
```sh
|
||||
cosign verify ghcr.io/stefanprodan/manifests/podinfo:6.5.0 \
|
||||
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
|
||||
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
|
||||
```
|
||||
|
||||
### Timoni module
|
||||
|
||||
Verify the podinfo [Timoni](https://timoni.sh) module hosted on GHCR:
|
||||
|
||||
```sh
|
||||
cosign verify ghcr.io/stefanprodan/modules/podinfo:6.5.0 \
|
||||
--certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
|
||||
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
|
||||
```
|
||||
|
||||
3
.github/workflows/e2e.yml
vendored
3
.github/workflows/e2e.yml
vendored
@@ -61,6 +61,9 @@ jobs:
|
||||
run: |
|
||||
docker build -t ${PODINFO_IMAGE_URL}:${PODINFO_VERSION} --build-arg "REVISION=${GITHUB_SHA}" -f Dockerfile.xx .
|
||||
kind load docker-image ${PODINFO_IMAGE_URL}:${PODINFO_VERSION}
|
||||
- name: Vet module
|
||||
run: |
|
||||
timoni mod vet ./timoni/podinfo --debug
|
||||
- name: Build module
|
||||
run: |
|
||||
timoni mod push ./timoni/podinfo ${PODINFO_MODULE_URL} -v ${PODINFO_VERSION}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v1
|
||||
version: 6.5.1
|
||||
appVersion: 6.5.1
|
||||
version: 6.5.3
|
||||
appVersion: 6.5.3
|
||||
name: podinfo
|
||||
engine: gotpl
|
||||
description: Podinfo Helm chart for Kubernetes
|
||||
|
||||
@@ -8,7 +8,7 @@ backends: []
|
||||
|
||||
image:
|
||||
repository: ghcr.io/stefanprodan/podinfo
|
||||
tag: 6.5.1
|
||||
tag: 6.5.3
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
ui:
|
||||
|
||||
@@ -8,7 +8,7 @@ backends: []
|
||||
|
||||
image:
|
||||
repository: ghcr.io/stefanprodan/podinfo
|
||||
tag: 6.5.1
|
||||
tag: 6.5.3
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
ui:
|
||||
|
||||
@@ -23,7 +23,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: backend
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.1
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -23,7 +23,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: frontend
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.1
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -25,7 +25,7 @@ spec:
|
||||
serviceAccountName: webapp
|
||||
containers:
|
||||
- name: backend
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.1
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -25,7 +25,7 @@ spec:
|
||||
serviceAccountName: webapp
|
||||
containers:
|
||||
- name: frontend
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.1
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
6
go.mod
6
go.mod
@@ -29,8 +29,8 @@ require (
|
||||
go.opentelemetry.io/otel/sdk v1.19.0
|
||||
go.opentelemetry.io/otel/trace v1.19.0
|
||||
go.uber.org/zap v1.26.0
|
||||
golang.org/x/net v0.15.0
|
||||
google.golang.org/grpc v1.58.2
|
||||
golang.org/x/net v0.17.0
|
||||
google.golang.org/grpc v1.58.3
|
||||
)
|
||||
|
||||
// Fix CVE-2022-32149
|
||||
@@ -74,7 +74,7 @@ require (
|
||||
go.opentelemetry.io/otel/metric v1.19.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/sys v0.12.0 // indirect
|
||||
golang.org/x/sys v0.13.0 // indirect
|
||||
golang.org/x/text v0.13.0 // indirect
|
||||
golang.org/x/tools v0.7.0 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect
|
||||
|
||||
12
go.sum
12
go.sum
@@ -384,8 +384,8 @@ golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qx
|
||||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
|
||||
golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
|
||||
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
|
||||
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
@@ -448,8 +448,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
|
||||
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
||||
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
@@ -596,8 +596,8 @@ google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM
|
||||
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
|
||||
google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
|
||||
google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
|
||||
google.golang.org/grpc v1.58.2 h1:SXUpjxeVF3FKrTYQI4f4KvbGD5u2xccdYdurwowix5I=
|
||||
google.golang.org/grpc v1.58.2/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0=
|
||||
google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ=
|
||||
google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0=
|
||||
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
|
||||
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
|
||||
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
|
||||
|
||||
@@ -23,7 +23,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: podinfod
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.1
|
||||
image: ghcr.io/stefanprodan/podinfo:6.5.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package version
|
||||
|
||||
var VERSION = "6.5.1"
|
||||
var VERSION = "6.5.3"
|
||||
var REVISION = "unknown"
|
||||
|
||||
@@ -25,6 +25,7 @@ bundle: {
|
||||
maxReplicas: 10
|
||||
cpu: 90
|
||||
}
|
||||
test: enabled: true
|
||||
}
|
||||
}
|
||||
frontend: {
|
||||
@@ -60,6 +61,7 @@ bundle: {
|
||||
"cert-manager.io/cluster-issuer": "self-signed"
|
||||
}
|
||||
}
|
||||
test: enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -71,6 +71,7 @@ timoni -n default delete podinfo
|
||||
| `topologySpreadConstraints:` | `[...corev1.#TopologySpreadConstraint]` | `[]` | [Kubernetes pod topology spread constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints) |
|
||||
| `podSecurityContext:` | `corev1.#PodSecurityContext` | `{}` | [Kubernetes pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context) |
|
||||
| `securityContext:` | `corev1.#SecurityContext` | `{}` | [Kubernetes container security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context) |
|
||||
| `test: enabled:` | `bool` | `false` | Run end-to-end tests at install and upgrades |
|
||||
|
||||
#### Recommended values
|
||||
|
||||
|
||||
26
timoni/podinfo/cue.mod/pkg/timoni.sh/core/v1alpha1/action.cue
vendored
Normal file
26
timoni/podinfo/cue.mod/pkg/timoni.sh/core/v1alpha1/action.cue
vendored
Normal file
@@ -0,0 +1,26 @@
|
||||
// Copyright 2023 Stefan Prodan
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package v1alpha1
|
||||
|
||||
// Action holds the list of annotations for controlling
|
||||
// Timoni's apply behaviour of Kubernetes resources.
|
||||
Action: {
|
||||
// Force annotation for recreating immutable resources such as Kubernetes Jobs.
|
||||
Force: {
|
||||
"action.timoni.sh/force": ActionStatus.Enabled
|
||||
}
|
||||
// One-off annotation for appling resources only if they don't exist on the cluster.
|
||||
Oneoff: {
|
||||
"action.timoni.sh/one-off": ActionStatus.Enabled
|
||||
}
|
||||
// Keep annotation for preventing Timoni's garbage collector from deleting resources.
|
||||
Keep: {
|
||||
"action.timoni.sh/prune": ActionStatus.Disabled
|
||||
}
|
||||
}
|
||||
|
||||
ActionStatus: {
|
||||
Enabled: "enabled"
|
||||
Disabled: "disabled"
|
||||
}
|
||||
@@ -6,21 +6,23 @@ import (
|
||||
"text/tabwriter"
|
||||
)
|
||||
|
||||
_resources: timoni.apply.app + timoni.apply.test
|
||||
|
||||
// The build command generates the Kubernetes manifests and prints the multi-docs YAML to stdout.
|
||||
// Example 'cue cmd -t test -t name=test -t namespace=test -t mv=6.5.0 -t kv=1.28.0 build'.
|
||||
// Example 'cue cmd -t debug -t name=podinfo -t namespace=test -t mv=1.0.0 -t kv=1.28.0 build'.
|
||||
command: build: {
|
||||
task: print: cli.Print & {
|
||||
text: yaml.MarshalStream(timoni.apply.all)
|
||||
text: yaml.MarshalStream(_resources)
|
||||
}
|
||||
}
|
||||
|
||||
// The ls command prints a table with the Kubernetes resources kind, namespace, name and version.
|
||||
// Example 'cue cmd -t test -t name=test -t namespace=test -t mv=6.5.0 -t kv=1.28.0 ls'.
|
||||
// Example 'cue cmd -t debug -t name=podinfo -t namespace=test -t mv=1.0.0 -t kv=1.28.0 ls'.
|
||||
command: ls: {
|
||||
task: print: cli.Print & {
|
||||
text: tabwriter.Write([
|
||||
"RESOURCE \tAPI VERSION",
|
||||
for r in timoni.apply.all {
|
||||
for r in _resources {
|
||||
if r.metadata.namespace == _|_ {
|
||||
"\(r.kind)/\(r.metadata.name) \t\(r.apiVersion)"
|
||||
}
|
||||
@@ -1,8 +1,25 @@
|
||||
@if(test)
|
||||
@if(debug)
|
||||
|
||||
package main
|
||||
|
||||
// Values used by debug_tool.cue.
|
||||
// Debug example 'cue cmd -t debug -t name=podinfo -t namespace=test -t mv=1.0.0 -t kv=1.28.0 build'.
|
||||
values: {
|
||||
image: {
|
||||
repository: "docker.io/stefanprodan/podinfo"
|
||||
tag: "latest"
|
||||
digest: ""
|
||||
}
|
||||
|
||||
test: {
|
||||
enabled: true
|
||||
image: {
|
||||
repository: "ghcr.io/curl/curl-container/curl-multi"
|
||||
tag: "master"
|
||||
digest: ""
|
||||
}
|
||||
}
|
||||
|
||||
ui: backend: "http://backend.default.svc.cluster.local/echo"
|
||||
|
||||
metadata: {
|
||||
@@ -23,7 +40,7 @@ values: {
|
||||
annotations: "cert-manager.io/cluster-issuer": "letsencrypt"
|
||||
}
|
||||
|
||||
monitoring: enabled: false
|
||||
monitoring: enabled: true
|
||||
|
||||
_mcpu: 100
|
||||
_mem: 128
|
||||
@@ -78,6 +78,12 @@ import (
|
||||
enabled: *false | bool
|
||||
redisURL?: string & =~"^tcp://.*$"
|
||||
}
|
||||
|
||||
// Test Jobs (optional)
|
||||
test: {
|
||||
enabled: *false | bool
|
||||
image!: timoniv1.#Image
|
||||
}
|
||||
}
|
||||
|
||||
// Instance takes the config values and outputs the Kubernetes objects.
|
||||
@@ -101,4 +107,8 @@ import (
|
||||
"\(config.metadata.name)-monitor": #ServiceMonitor & {_config: config}
|
||||
}
|
||||
}
|
||||
|
||||
tests: {
|
||||
"test-svc": #TestJob & {_config: config}
|
||||
}
|
||||
}
|
||||
|
||||
58
timoni/podinfo/templates/job.cue
Normal file
58
timoni/podinfo/templates/job.cue
Normal file
@@ -0,0 +1,58 @@
|
||||
package templates
|
||||
|
||||
import (
|
||||
"encoding/yaml"
|
||||
"uuid"
|
||||
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
batchv1 "k8s.io/api/batch/v1"
|
||||
timoniv1 "timoni.sh/core/v1alpha1"
|
||||
)
|
||||
|
||||
#TestJob: batchv1.#Job & {
|
||||
_config: #Config
|
||||
apiVersion: "batch/v1"
|
||||
kind: "Job"
|
||||
metadata: name: "\(_config.metadata.name)-test"
|
||||
metadata: namespace: _config.metadata.namespace
|
||||
metadata: labels: _config.metadata.labels
|
||||
metadata: annotations: timoniv1.Action.Force
|
||||
spec: batchv1.#JobSpec & {
|
||||
template: corev1.#PodTemplateSpec & {
|
||||
metadata: labels: _config.metadata.labels
|
||||
let _checksum = uuid.SHA1(uuid.ns.DNS, yaml.Marshal(_config))
|
||||
metadata: annotations: "timoni.sh/checksum": "\(_checksum)"
|
||||
spec: {
|
||||
containers: [{
|
||||
name: "curl"
|
||||
image: _config.test.image.reference
|
||||
imagePullPolicy: _config.imagePullPolicy
|
||||
command: [
|
||||
"curl",
|
||||
"-v",
|
||||
"-m",
|
||||
"5",
|
||||
"\(_config.metadata.name):\(_config.service.port)",
|
||||
]
|
||||
}]
|
||||
restartPolicy: "Never"
|
||||
if _config.podSecurityContext != _|_ {
|
||||
securityContext: _config.podSecurityContext
|
||||
}
|
||||
if _config.topologySpreadConstraints != _|_ {
|
||||
topologySpreadConstraints: _config.topologySpreadConstraints
|
||||
}
|
||||
if _config.affinity != _|_ {
|
||||
affinity: _config.affinity
|
||||
}
|
||||
if _config.tolerations != _|_ {
|
||||
tolerations: _config.tolerations
|
||||
}
|
||||
if _config.imagePullSecrets != _|_ {
|
||||
imagePullSecrets: _config.imagePullSecrets
|
||||
}
|
||||
}
|
||||
}
|
||||
backoffLimit: 1
|
||||
}
|
||||
}
|
||||
@@ -45,5 +45,10 @@ timoni: {
|
||||
|
||||
// Pass Kubernetes resources outputted by the instance
|
||||
// to Timoni's multi-step apply.
|
||||
apply: all: [ for obj in instance.objects {obj}]
|
||||
apply: app: [ for obj in instance.objects {obj}]
|
||||
|
||||
// Conditionally run tests after an install or upgrade.
|
||||
if instance.config.test.enabled {
|
||||
apply: test: [ for obj in instance.tests {obj}]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,13 +1,20 @@
|
||||
// Code generated by timoni. DO NOT EDIT.
|
||||
// Code generated by timoni.
|
||||
// Note that this file must have no imports and all values must be concrete.
|
||||
|
||||
@if(!debug)
|
||||
|
||||
package main
|
||||
|
||||
// Defaults
|
||||
values: {
|
||||
image: {
|
||||
repository: "ghcr.io/stefanprodan/podinfo"
|
||||
tag: "6.5.1"
|
||||
tag: "6.5.3"
|
||||
digest: ""
|
||||
}
|
||||
test: image: {
|
||||
repository: "ghcr.io/curl/curl-container/curl-multi"
|
||||
tag: "master"
|
||||
digest: ""
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user