diff --git a/aodh/Chart.yaml b/aodh/Chart.yaml index eea7192c69..421ecc5395 100644 --- a/aodh/Chart.yaml +++ b/aodh/Chart.yaml @@ -16,7 +16,7 @@ apiVersion: v1 appVersion: v1.0.0 description: Openstack-Helm Aodh name: aodh -version: 0.2.4 +version: 0.2.5 home: https://docs.openstack.org/aodh/latest/ sources: - https://opendev.org/openstack/aodh diff --git a/aodh/templates/secret-registry.yaml b/aodh/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/aodh/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/aodh/values.yaml b/aodh/values.yaml index c584d10f7f..9d2fe68ec0 100644 --- a/aodh/values.yaml +++ b/aodh/values.yaml @@ -556,6 +556,8 @@ secrets: alarming: api: public: aodh-tls-public + oci_image_registry: + aodh: aodh-oci-image-registry bootstrap: enabled: false @@ -580,6 +582,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + aodh: + username: aodh + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -732,9 +749,10 @@ manifests: pdb_api: true pod_aodh_test: true secret_db: true + secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true - secret_ingress_tls: true + secret_registry: true service_api: true service_ingress_api: true ... diff --git a/barbican/Chart.yaml b/barbican/Chart.yaml index 556bf9b592..0191c8435d 100644 --- a/barbican/Chart.yaml +++ b/barbican/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Barbican name: barbican -version: 0.2.14 +version: 0.2.15 home: https://docs.openstack.org/barbican/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Barbican/OpenStack_Project_Barbican_vertical.png sources: diff --git a/barbican/templates/secret-registry.yaml b/barbican/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/barbican/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/barbican/values.yaml b/barbican/values.yaml index 5bd154e003..f595d9e6d9 100644 --- a/barbican/values.yaml +++ b/barbican/values.yaml @@ -496,6 +496,8 @@ secrets: key_manager: api: public: barbican-tls-public + oci_image_registry: + barbican: barbican-oci-image-registry endpoints: cluster_domain_suffix: cluster.local @@ -511,6 +513,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + barbican: + username: barbican + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -676,6 +693,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true ... diff --git a/ceilometer/Chart.yaml b/ceilometer/Chart.yaml index 18e5c5a463..ea302c0085 100644 --- a/ceilometer/Chart.yaml +++ b/ceilometer/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Ceilometer name: ceilometer -version: 0.2.5 +version: 0.2.6 home: https://docs.openstack.org/ceilometer/latest/ sources: - https://opendev.org/openstack/ceilometer diff --git a/ceilometer/templates/secret-registry.yaml b/ceilometer/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/ceilometer/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml index b314138dd6..0e146346fd 100644 --- a/ceilometer/values.yaml +++ b/ceilometer/values.yaml @@ -1732,6 +1732,8 @@ secrets: oslo_messaging: admin: ceilometer-rabbitmq-admin ceilometer: ceilometer-rabbitmq-user + oci_image_registry: + ceilometer: ceilometer-oci-image-registry bootstrap: enabled: false @@ -1756,6 +1758,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + ceilometer: + username: ceilometer + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -2136,6 +2153,7 @@ manifests: secret_keystone: true secret_mongodb: true secret_rabbitmq: true + secret_registry: true service_api: true service_ingress_api: true ... diff --git a/cinder/Chart.yaml b/cinder/Chart.yaml index da3cda8dce..536f64c600 100644 --- a/cinder/Chart.yaml +++ b/cinder/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Cinder name: cinder -version: 0.2.22 +version: 0.2.23 home: https://docs.openstack.org/cinder/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png sources: diff --git a/cinder/templates/secret-registry.yaml b/cinder/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/cinder/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/cinder/values.yaml b/cinder/values.yaml index 70ddc817f9..647a0492a1 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -1261,6 +1261,9 @@ secrets: api: public: cinder-tls-public internal: cinder-tls-api + oci_image_registry: + cinder: cinder-oci-image-registry + # We use a different layout of the endpoints here to account for versioning # this swaps the service name and type, and should be rolled out to other # services. @@ -1278,6 +1281,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + cinder: + username: cinder + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -1494,6 +1512,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_api: true service_ingress_api: true ... diff --git a/cyborg/Chart.yaml b/cyborg/Chart.yaml index da379cdd0d..84e344aacf 100644 --- a/cyborg/Chart.yaml +++ b/cyborg/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Cyborg name: cyborg -version: 0.1.1 +version: 0.1.2 home: https://docs.openstack.org/cyborg icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cyborg/OpenStack_Project_Cyborg_vertical.png sources: diff --git a/cyborg/templates/secret-registry.yaml b/cyborg/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/cyborg/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/cyborg/values.yaml b/cyborg/values.yaml index 0649b2125a..cfea638734 100644 --- a/cyborg/values.yaml +++ b/cyborg/values.yaml @@ -62,6 +62,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + cyborg: + username: cyborg + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null accelerator: name: cyborg hosts: @@ -245,6 +260,8 @@ secrets: oslo_messaging: admin: cyborg-rabbitmq-admin cyborg: cyborg-rabbitmq-user + oci_image_registry: + cyborg: cyborg-oci-image-registry dependencies: static: @@ -550,5 +567,6 @@ manifests: secret_db: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: false service_api: true diff --git a/designate/Chart.yaml b/designate/Chart.yaml index a4eb6ba0ec..d06a53377b 100644 --- a/designate/Chart.yaml +++ b/designate/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Designate name: designate -version: 0.2.5 +version: 0.2.6 home: https://docs.openstack.org/designate/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Designate/OpenStack_Project_Designate_vertical.jpg sources: diff --git a/designate/templates/secret-registry.yaml b/designate/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/designate/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/designate/values.yaml b/designate/values.yaml index ebcec73bd4..7abd43d54e 100644 --- a/designate/values.yaml +++ b/designate/values.yaml @@ -649,6 +649,8 @@ secrets: dns: api: public: designate-tls-public + oci_image_registry: + designate: designate-oci-image-registry endpoints: cluster_domain_suffix: cluster.local @@ -664,6 +666,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + designate: + username: designate + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -827,6 +844,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_api: true service_mdns: true service_ingress_api: true diff --git a/glance/Chart.yaml b/glance/Chart.yaml index 35efb0c61e..2d9f630f60 100644 --- a/glance/Chart.yaml +++ b/glance/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Glance name: glance -version: 0.3.7 +version: 0.3.8 home: https://docs.openstack.org/glance/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Glance/OpenStack_Project_Glance_vertical.png sources: diff --git a/glance/templates/secret-registry.yaml b/glance/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/glance/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/glance/values.yaml b/glance/values.yaml index 6d4dcf4a98..ba5eca7d81 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -509,6 +509,8 @@ secrets: api: public: glance-tls-public internal: glance-tls-api + oci_image_registry: + glance: glance-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -527,6 +529,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + glance: + username: glance + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -975,6 +992,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true ... diff --git a/heat/Chart.yaml b/heat/Chart.yaml index 46663840a2..014e5845e6 100644 --- a/heat/Chart.yaml +++ b/heat/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Heat name: heat -version: 0.2.13 +version: 0.2.14 home: https://docs.openstack.org/heat/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Heat/OpenStack_Project_Heat_vertical.png sources: diff --git a/heat/templates/secret-registry.yaml b/heat/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/heat/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/heat/values.yaml b/heat/values.yaml index 36017d63bb..7b03ea7a79 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -804,6 +804,9 @@ secrets: cfn: public: cloudformation-tls-public internal: heat-tls-cfn + oci_image_registry: + heat: heat-oci-image-registry + # typically overridden by environmental # values, but should include all endpoints # required by this chart @@ -821,6 +824,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + heat: + username: heat + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -1335,6 +1353,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_api: true service_cfn: true service_cloudwatch: false diff --git a/horizon/Chart.yaml b/horizon/Chart.yaml index acc3d58ac6..39ea283033 100644 --- a/horizon/Chart.yaml +++ b/horizon/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Horizon name: horizon -version: 0.2.24 +version: 0.2.25 home: https://docs.openstack.org/horizon/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png sources: diff --git a/horizon/templates/secret-registry.yaml b/horizon/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/horizon/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/horizon/values.yaml b/horizon/values.yaml index 4ea901bb10..1f58555371 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -1233,6 +1233,8 @@ secrets: dashboard: public: horizon-tls-public internal: horizon-tls-web + oci_image_registry: + horizon: horizon-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -1251,6 +1253,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + horizon: + username: horizon + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -1376,6 +1393,7 @@ manifests: secret_db: true secret_ingress_tls: true secret_keystone: true + secret_registry: true service_ingress: true service: true ... diff --git a/ironic/Chart.yaml b/ironic/Chart.yaml index 9c1d361c23..033884e3fe 100644 --- a/ironic/Chart.yaml +++ b/ironic/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Ironic name: ironic -version: 0.2.5 +version: 0.2.6 home: https://docs.openstack.org/ironic/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Ironic/OpenStack_Project_Ironic_vertical.png sources: diff --git a/ironic/templates/secret-registry.yaml b/ironic/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/ironic/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/ironic/values.yaml b/ironic/values.yaml index ec3d0230c9..6e5e3a8d42 100644 --- a/ironic/values.yaml +++ b/ironic/values.yaml @@ -350,6 +350,8 @@ secrets: oslo_messaging: admin: ironic-rabbitmq-admin ironic: ironic-rabbitmq-user + oci_image_registry: + ironic: ironic-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -368,6 +370,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + ironic: + username: ironic + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -709,6 +726,7 @@ manifests: secret_db: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_api: true service_ingress_api: true statefulset_conductor: true diff --git a/keystone/Chart.yaml b/keystone/Chart.yaml index dec751374a..8a247fbe61 100644 --- a/keystone/Chart.yaml +++ b/keystone/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Keystone name: keystone -version: 0.2.27 +version: 0.2.28 home: https://docs.openstack.org/keystone/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Keystone/OpenStack_Project_Keystone_vertical.png sources: diff --git a/keystone/templates/secret-registry.yaml b/keystone/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/keystone/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/keystone/values.yaml b/keystone/values.yaml index 935f618454..d6ad7b9d51 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -900,6 +900,8 @@ secrets: api: public: keystone-tls-public internal: keystone-tls-api + oci_image_registry: + keystone: keystone-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -918,6 +920,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + keystone: + username: keystone + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: namespace: null name: keystone @@ -1097,6 +1114,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true ... diff --git a/magnum/Chart.yaml b/magnum/Chart.yaml index 6e24567ba5..3f4ccf6d8d 100644 --- a/magnum/Chart.yaml +++ b/magnum/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Magnum name: magnum -version: 0.2.6 +version: 0.2.7 home: https://docs.openstack.org/magnum/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Magnum/OpenStack_Project_Magnum_vertical.png sources: diff --git a/magnum/templates/secret-registry.yaml b/magnum/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/magnum/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/magnum/values.yaml b/magnum/values.yaml index aa7b7a478c..f4d042a192 100644 --- a/magnum/values.yaml +++ b/magnum/values.yaml @@ -314,6 +314,8 @@ secrets: oslo_messaging: admin: magnum-rabbitmq-admin magnum: magnum-rabbitmq-user + oci_image_registry: + magnum: magnum-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -332,6 +334,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + magnum: + username: magnum + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -649,6 +666,7 @@ manifests: secret_db: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_api: true service_ingress_api: true statefulset_conductor: true diff --git a/masakari/Chart.yaml b/masakari/Chart.yaml index 9b8942e881..a70095c1e7 100644 --- a/masakari/Chart.yaml +++ b/masakari/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Masakari name: masakari -version: 0.1.4 +version: 0.1.5 home: https://docs.openstack.org/developer/masakari icon: https://www.openstack.org/themes/openstack/images/project-mascots/Masakari/OpenStack_Project_masakari_vertical.png sources: diff --git a/masakari/templates/secret-registry.yaml b/masakari/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/masakari/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/masakari/values.yaml b/masakari/values.yaml index 72af72ed0d..e6629e5402 100644 --- a/masakari/values.yaml +++ b/masakari/values.yaml @@ -61,6 +61,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + masakari: + username: masakari + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null instance_ha: name: masakari hosts: @@ -226,6 +241,8 @@ secrets: oslo_messaging: admin: masakari-rabbitmq-admin masakari: masakari-rabbitmq-user + oci_image_registry: + masakari: masakari-oci-image-registry dependencies: static: @@ -600,6 +617,7 @@ manifests: secret_db: true secret_rabbitmq: true secret_keystone: true + secret_registry: true job_rabbit_init: true service_api: true pdb_api: true diff --git a/mistral/Chart.yaml b/mistral/Chart.yaml index 65c35823cb..59d2f3e613 100644 --- a/mistral/Chart.yaml +++ b/mistral/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Mistral name: mistral -version: 0.2.4 +version: 0.2.5 home: https://docs.openstack.org/mistral/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Mistral/OpenStack_Project_Mistral_vertical.png sources: diff --git a/mistral/templates/secret-registry.yaml b/mistral/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/mistral/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/mistral/values.yaml b/mistral/values.yaml index 5b4451c99e..dd65149852 100644 --- a/mistral/values.yaml +++ b/mistral/values.yaml @@ -190,6 +190,8 @@ secrets: oslo_messaging: admin: mistral-rabbitmq-admin mistral: mistral-rabbitmq-user + oci_image_registry: + mistral: mistral-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -208,6 +210,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + mistral: + username: mistral + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -727,6 +744,7 @@ manifests: secret_db: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true statefulset_engine: true diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml index 1c885fea45..59c59a2f86 100644 --- a/neutron/Chart.yaml +++ b/neutron/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Neutron name: neutron -version: 0.2.23 +version: 0.2.24 home: https://docs.openstack.org/neutron/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png sources: diff --git a/neutron/templates/secret-registry.yaml b/neutron/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/neutron/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/neutron/values.yaml b/neutron/values.yaml index 05d3e2db55..ee417bb072 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -2230,6 +2230,8 @@ secrets: server: public: neutron-tls-public internal: neutron-tls-server + oci_image_registry: + neutron: neutron-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -2248,6 +2250,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + neutron: + username: neutron + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null oslo_db: auth: admin: @@ -2559,6 +2576,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_server: true service_server: true ... diff --git a/nova/Chart.yaml b/nova/Chart.yaml index 49cfd379c2..1bf65e7879 100644 --- a/nova/Chart.yaml +++ b/nova/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Nova name: nova -version: 0.2.42 +version: 0.2.43 home: https://docs.openstack.org/nova/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png sources: diff --git a/nova/templates/secret-registry.yaml b/nova/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/nova/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/nova/values.yaml b/nova/values.yaml index a039a01b6d..9d9f5ef69b 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -1563,6 +1563,8 @@ secrets: compute_spice_proxy: spiceproxy: internal: nova-tls-spiceproxy + oci_image_registry: + nova: nova-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -1581,6 +1583,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + nova: + username: nova + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null oslo_db: auth: admin: @@ -2458,6 +2475,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_metadata: true service_ingress_novncproxy: true service_ingress_osapi: true diff --git a/octavia/Chart.yaml b/octavia/Chart.yaml index 3ec4f45339..d7e3a084ce 100644 --- a/octavia/Chart.yaml +++ b/octavia/Chart.yaml @@ -16,7 +16,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Octavia name: octavia -version: 0.2.5 +version: 0.2.6 home: https://docs.openstack.org/octavia/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Octavia/OpenStack_Project_Octavia_vertical.png sources: diff --git a/octavia/templates/secret-registry.yaml b/octavia/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/octavia/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/octavia/values.yaml b/octavia/values.yaml index 8ba4e7b138..2caf8ca80a 100644 --- a/octavia/values.yaml +++ b/octavia/values.yaml @@ -350,6 +350,8 @@ secrets: load_balancer: api: public: octavia-tls-public + oci_image_registry: + octavia: octavia-oci-image-registry endpoints: cluster_domain_suffix: cluster.local @@ -365,6 +367,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + octavia: + username: octavia + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -681,6 +698,7 @@ manifests: secret_ingress_tls: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true ... diff --git a/placement/Chart.yaml b/placement/Chart.yaml index 123caf885d..715159da9e 100644 --- a/placement/Chart.yaml +++ b/placement/Chart.yaml @@ -16,7 +16,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Placement name: placement -version: 0.2.9 +version: 0.2.10 home: https://docs.openstack.org/placement/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Placement/OpenStack_Project_Placement_vertical.png sources: diff --git a/placement/templates/secret-registry.yaml b/placement/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/placement/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/placement/values.yaml b/placement/values.yaml index d3bd052dcb..578d9478e1 100644 --- a/placement/values.yaml +++ b/placement/values.yaml @@ -227,6 +227,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + placement: + username: placement + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null oslo_db: auth: admin: @@ -434,6 +449,8 @@ secrets: api: public: placement-tls-public internal: placement-tls-api + oci_image_registry: + placement: placement-oci-image-registry dependencies: dynamic: @@ -510,6 +527,7 @@ manifests: network_policy: false secret_db: true secret_ingress_tls: true + secret_registry: true pdb: true ingress: true secret_keystone: true diff --git a/rally/Chart.yaml b/rally/Chart.yaml index 514b0a5956..8b65d2eb09 100644 --- a/rally/Chart.yaml +++ b/rally/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm rally name: rally -version: 0.2.5 +version: 0.2.6 home: https://docs.openstack.org/developer/rally icon: https://www.openstack.org/themes/openstack/images/project-mascots/rally/OpenStack_Project_rally_vertical.png sources: diff --git a/rally/templates/secret-registry.yaml b/rally/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/rally/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/rally/values.yaml b/rally/values.yaml index 1346ba0d89..476c678e9c 100644 --- a/rally/values.yaml +++ b/rally/values.yaml @@ -205,6 +205,8 @@ secrets: oslo_db: admin: rally-db-admin rally: rally-db-user + oci_image_registry: + rally: rally-oci-image-registry endpoints: cluster_domain_suffix: cluster.local @@ -220,6 +222,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + rally: + username: rally + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -4021,4 +4038,5 @@ manifests: pvc_rally: true secret_db: true secret_keystone: true + secret_registry: true ... diff --git a/releasenotes/notes/aodh.yaml b/releasenotes/notes/aodh.yaml index c05714b0e7..c47f5737b2 100644 --- a/releasenotes/notes/aodh.yaml +++ b/releasenotes/notes/aodh.yaml @@ -7,4 +7,5 @@ aodh: - 0.2.2 Update htk requirements repo - 0.2.3 Enable taint toleration for Openstack services - 0.2.4 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1 + - 0.2.5 Added OCI registry authentication ... diff --git a/releasenotes/notes/barbican.yaml b/releasenotes/notes/barbican.yaml index d8a3c73111..574a186ae3 100644 --- a/releasenotes/notes/barbican.yaml +++ b/releasenotes/notes/barbican.yaml @@ -18,4 +18,5 @@ barbican: - 0.2.12 Remove older values overrides - 0.2.13 Migrated PodDisruptionBudget resource to policy/v1 API version - 0.2.14 Add Xena and Yoga values overrides + - 0.2.15 Added OCI registry authentication ... diff --git a/releasenotes/notes/ceilometer.yaml b/releasenotes/notes/ceilometer.yaml index 9c206edaf7..4b0ee540dd 100644 --- a/releasenotes/notes/ceilometer.yaml +++ b/releasenotes/notes/ceilometer.yaml @@ -8,4 +8,5 @@ ceilometer: - 0.2.3 Enable taint toleration for Openstack services - 0.2.4 Update default image values to Wallaby - 0.2.5 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.6 Added OCI registry authentication ... diff --git a/releasenotes/notes/cinder.yaml b/releasenotes/notes/cinder.yaml index aecffb03c2..5765918010 100644 --- a/releasenotes/notes/cinder.yaml +++ b/releasenotes/notes/cinder.yaml @@ -39,4 +39,5 @@ cinder: - 0.2.20 Allow cinder v1/v2 endpoint creation if needed - 0.2.21 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1 - 0.2.22 Add Xena and Yoga values overrides + - 0.2.23 Added OCI registry authentication ... diff --git a/releasenotes/notes/cyborg.yaml b/releasenotes/notes/cyborg.yaml index 12b461c5eb..d928f35259 100644 --- a/releasenotes/notes/cyborg.yaml +++ b/releasenotes/notes/cyborg.yaml @@ -2,4 +2,5 @@ cyborg: - 0.1.0 Initial Chart - 0.1.1 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.1.2 Added OCI registry authentication ... diff --git a/releasenotes/notes/designate.yaml b/releasenotes/notes/designate.yaml index 72c6578a78..1e6542a7d5 100644 --- a/releasenotes/notes/designate.yaml +++ b/releasenotes/notes/designate.yaml @@ -9,4 +9,5 @@ designate: - 0.2.3 Fix extra volume mounts - 0.2.4 Update default image values to Wallaby - 0.2.5 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.6 Added OCI registry authentication ... diff --git a/releasenotes/notes/glance.yaml b/releasenotes/notes/glance.yaml index 0785c0c8e6..7c15a5c8c3 100644 --- a/releasenotes/notes/glance.yaml +++ b/releasenotes/notes/glance.yaml @@ -28,4 +28,5 @@ glance: - 0.3.5 Migrated PodDisruptionBudget resource to policy/v1 API version - 0.3.6 Add Xena and Yoga values overrides - 0.3.7 Fix glance-etc template changing due to comment and whitespace between install and first upgrade + - 0.3.8 Added OCI registry authentication ... diff --git a/releasenotes/notes/heat.yaml b/releasenotes/notes/heat.yaml index f2535ef96d..58ee190d3c 100644 --- a/releasenotes/notes/heat.yaml +++ b/releasenotes/notes/heat.yaml @@ -20,4 +20,5 @@ heat: - 0.2.11 Remove old releases values override in heat - 0.2.12 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1 - 0.2.13 Add Xena and Yoga values overrides + - 0.2.14 Added OCI registry authentication ... diff --git a/releasenotes/notes/horizon.yaml b/releasenotes/notes/horizon.yaml index 9bdc947700..534b5db944 100644 --- a/releasenotes/notes/horizon.yaml +++ b/releasenotes/notes/horizon.yaml @@ -34,4 +34,5 @@ horizon: - 0.2.22 Migrated PodDisruptionBudget resource to policy/v1 API version - 0.2.23 Add Xena and Yoga value overrides - 0.2.24 Remove blank lines in logo configmap + - 0.2.25 Added OCI registry authentication ... diff --git a/releasenotes/notes/ironic.yaml b/releasenotes/notes/ironic.yaml index 5504a60ac4..0a2c98a676 100644 --- a/releasenotes/notes/ironic.yaml +++ b/releasenotes/notes/ironic.yaml @@ -9,4 +9,5 @@ ironic: - 0.2.3 Enable taint toleration for Openstack services - 0.2.4 Update defaults to W release - 0.2.5 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.6 Added OCI registry authentication ... diff --git a/releasenotes/notes/keystone.yaml b/releasenotes/notes/keystone.yaml index ea79493118..d74a67bebe 100644 --- a/releasenotes/notes/keystone.yaml +++ b/releasenotes/notes/keystone.yaml @@ -43,4 +43,5 @@ keystone: - 0.2.25 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1 - 0.2.26 Add Xena and Yoga values overrides - 0.2.27 Use LOG.warning instead of deprecated LOG.warn + - 0.2.28 Added OCI registry authentication ... diff --git a/releasenotes/notes/magnum.yaml b/releasenotes/notes/magnum.yaml index cc11677e7b..2da90ade18 100644 --- a/releasenotes/notes/magnum.yaml +++ b/releasenotes/notes/magnum.yaml @@ -10,4 +10,5 @@ magnum: - 0.2.4 Mount empty temp_cache_dir for performance - 0.2.5 Update default image values to wallaby - 0.2.6 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.7 Added OCI registry authentication ... diff --git a/releasenotes/notes/masakari.yaml b/releasenotes/notes/masakari.yaml index 0d94188bfa..d9156ba7e3 100644 --- a/releasenotes/notes/masakari.yaml +++ b/releasenotes/notes/masakari.yaml @@ -5,4 +5,5 @@ masakari: - 0.1.2 Added halm hook and fix for hostmonitors to support pacemaker remote - 0.1.3 Mount sudoers file for masakari hostmonitors - 0.1.4 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.1.5 Added OCI registry authentication ... diff --git a/releasenotes/notes/mistral.yaml b/releasenotes/notes/mistral.yaml index d95ef50431..d59921ce86 100644 --- a/releasenotes/notes/mistral.yaml +++ b/releasenotes/notes/mistral.yaml @@ -8,4 +8,5 @@ mistral: - 0.2.2 Update htk requirements repo - 0.2.3 Update default imaage values to Wallaby - 0.2.4 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.5 Added OCI registry authentication ... diff --git a/releasenotes/notes/neutron.yaml b/releasenotes/notes/neutron.yaml index 81619d9b06..014e457685 100644 --- a/releasenotes/notes/neutron.yaml +++ b/releasenotes/notes/neutron.yaml @@ -37,4 +37,5 @@ neutron: - 0.2.21 Fix for qdhcp NS host validation for deleting wrong namespaces. - 0.2.22 Fix /run/xtables.lock may be a directory - 0.2.23 Add neutron_netns_cleanup_cron release image override, so that the respective release image is used + - 0.2.24 Added OCI registry authentication ... diff --git a/releasenotes/notes/nova.yaml b/releasenotes/notes/nova.yaml index 74b2d59a83..fd757889a8 100644 --- a/releasenotes/notes/nova.yaml +++ b/releasenotes/notes/nova.yaml @@ -63,4 +63,5 @@ nova: - 0.2.40 Updated naming for subchart compatibility - 0.2.41 Add Xena and Yoga values overrides - 0.2.42 Add missing configuration ``[vnc]/novncproxy_host`` + - 0.2.43 Added OCI registry authentication ... diff --git a/releasenotes/notes/octavia.yaml b/releasenotes/notes/octavia.yaml index 87d44b88e7..c8c5669eeb 100644 --- a/releasenotes/notes/octavia.yaml +++ b/releasenotes/notes/octavia.yaml @@ -9,4 +9,5 @@ octavia: - 0.2.3 Allow using log_config_append=null - 0.2.4 Fix transport_url - 0.2.5 Migrated PodDisruptionBudget resource to policy/v1 API version + - 0.2.6 Added OCI registry authentication ... diff --git a/releasenotes/notes/placement.yaml b/releasenotes/notes/placement.yaml index 500bceb399..b02a2fb46a 100644 --- a/releasenotes/notes/placement.yaml +++ b/releasenotes/notes/placement.yaml @@ -18,4 +18,5 @@ placement: - 0.2.7 Add helm hook annotations for db-sync job - 0.2.8 Migrated PodDisruptionBudget resource to policy/v1 API version - 0.2.9 Add Xena and Yoga values overrides + - 0.2.10 Added OCI registry authentication ... diff --git a/releasenotes/notes/rally.yaml b/releasenotes/notes/rally.yaml index 276d4b7d63..d779a8c05d 100644 --- a/releasenotes/notes/rally.yaml +++ b/releasenotes/notes/rally.yaml @@ -8,4 +8,5 @@ rally: - 0.2.3 Update default image values to Wallaby - 0.2.4 Migrated PodDisruptionBudget resource to policy/v1 API version - 0.2.5 Add helm hook for jobs + - 0.2.6 Added OCI registry authentication ... diff --git a/releasenotes/notes/senlin.yaml b/releasenotes/notes/senlin.yaml index 50472a45e9..83a63cae4f 100644 --- a/releasenotes/notes/senlin.yaml +++ b/releasenotes/notes/senlin.yaml @@ -9,4 +9,5 @@ senlin: - 0.2.4 Update default image release - 0.2.5 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1 - 0.2.6 Add helm.sh/hook annotations for Jobs + - 0.2.7 Added OCI registry authentication ... diff --git a/releasenotes/notes/tempest.yaml b/releasenotes/notes/tempest.yaml index 1bb9ad2a01..714064fd26 100644 --- a/releasenotes/notes/tempest.yaml +++ b/releasenotes/notes/tempest.yaml @@ -7,4 +7,5 @@ tempest: - 0.2.2 Add helm hook for ks job - 0.2.3 Fix logging config - 0.2.4 Update default image values to Wallaby + - 0.2.5 Added OCI registry authentication ... diff --git a/senlin/Chart.yaml b/senlin/Chart.yaml index 2ef42fc85a..a7a71e0aad 100644 --- a/senlin/Chart.yaml +++ b/senlin/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Senlin name: senlin -version: 0.2.6 +version: 0.2.7 home: https://docs.openstack.org/senlin/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Senlin/OpenStack_Project_Senlin_vertical.png sources: diff --git a/senlin/templates/secret-registry.yaml b/senlin/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/senlin/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/senlin/values.yaml b/senlin/values.yaml index b245bd32a2..a0fcb54587 100644 --- a/senlin/values.yaml +++ b/senlin/values.yaml @@ -389,6 +389,8 @@ secrets: oslo_messaging: admin: senlin-rabbitmq-admin senlin: senlin-rabbitmq-user + oci_image_registry: + senlin: senlin-oci-image-registry # typically overridden by environmental # values, but should include all endpoints @@ -407,6 +409,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + senlin: + username: senlin + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -744,6 +761,7 @@ manifests: secret_db: true secret_keystone: true secret_rabbitmq: true + secret_registry: true service_ingress_api: true service_api: true ... diff --git a/tempest/Chart.yaml b/tempest/Chart.yaml index 8e2ecdc601..b1dde92c1b 100644 --- a/tempest/Chart.yaml +++ b/tempest/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Tempest name: tempest -version: 0.2.4 +version: 0.2.5 home: https://docs.openstack.org/tempest/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/tempest/OpenStack_Project_tempest_vertical.png sources: diff --git a/tempest/templates/secret-registry.yaml b/tempest/templates/secret-registry.yaml new file mode 100644 index 0000000000..da979b3223 --- /dev/null +++ b/tempest/templates/secret-registry.yaml @@ -0,0 +1,17 @@ +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }} +{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }} +{{- end }} diff --git a/tempest/values.yaml b/tempest/values.yaml index e36fb99595..5a6a2e5de2 100644 --- a/tempest/values.yaml +++ b/tempest/values.yaml @@ -267,6 +267,8 @@ secrets: identity: admin: tempest-keystone-admin tempest: tempest-keystone-user + oci_image_registry: + tempest: tempest-oci-image-registry endpoints: cluster_domain_suffix: cluster.local @@ -282,6 +284,21 @@ endpoints: port: registry: node: 5000 + oci_image_registry: + name: oci-image-registry + namespace: oci-image-registry + auth: + enabled: false + tempest: + username: tempest + password: password + hosts: + default: localhost + host_fqdn_override: + default: null + port: + registry: + default: null identity: name: keystone auth: @@ -342,4 +359,5 @@ manifests: job_ks_user: true job_run_tests: true secret_keystone: true + secret_registry: true ...