Skip to content

Commit

Permalink
after so much tries it finally happened
Browse files Browse the repository at this point in the history
  • Loading branch information
Verdict-as-a-Service Team committed Jun 18, 2024
1 parent 2955891 commit 7616424
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 19 deletions.
30 changes: 14 additions & 16 deletions charts/vaas/templates/gdscan/update.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,44 +60,43 @@ spec:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- include "gdscan.imagePullSecrets" . | nindent 10 }}
{{- if (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets}}
{{- if (gt (len (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets) 0) }}
volumes:
- name: docker
emptyDir: {}
{{- range (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets }}
- name: {{ .name }}
secret:
secretName: {{ .name }}
secretName: {{ .name }}
items:
- key: .dockerconfigjson
path: {{ .name }}.json
{{- end }}
{{- end }}
{{- end }}
containers:
- name: kubectl
- name: updater
image: "{{ .Values.gdscan.autoUpdate.image.registry }}/{{ .Values.gdscan.autoUpdate.image.repository }}:{{ .Values.gdscan.autoUpdate.image.tag }}"
{{- if .Values.gdscan.autoUpdate.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.gdscan.autoUpdate.containerSecurityContext "enabled" | toYaml | nindent 16 }}
{{- end }}

command: ["sh", "-c"]
args:
- |
set -xe
{{- if and (.Values.gdscan.persistence.enabled) (eq .Values.gdscan.persistence.accessMode "ReadWriteOnce" ) }}
RESOURCE="statefulset/{{ include "gdscan.fullname" . }}"
{{- else }}
RESOURCE="deployment/{{ include "gdscan.fullname" . }}"
{{- end }}
LATEST=$(/app/get-latest-docker-tag {{ .Values.gdscan.client.image.repository }} {{ .Values.gdscan.autoUpdate.image.registry }} {{ .Values.gdscan.autoUpdate.image.tag }})
IMAGE="{{ .Values.gdscan.autoUpdate.image.registry }}/{{ .Values.gdscan.autoUpdate.image.repository }}:$LATEST"
LATEST=$(/app/get-latest-docker-tag {{ .Values.gdscan.client.image.repository }} {{ .Values.gdscan.client.image.tag }})
IMAGE="{{ .Values.gdscan.client.image.repository }}:$LATEST"
echo "Setting image of $RESOURCE to $IMAGE"
#kubectl set-image -n {{ .Release.Namespace }} $RESOURCE $IMAGE
{{- if (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets}}
{{- if (gt (len (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets) 0) }}
kubectl set image -n {{ .Release.Namespace }} $RESOURCE client=$IMAGE
volumeMounts:
- name: docker
mountPath: /home/appuser/.docker
{{- range (include "gdscan.imagePullSecrets" . | fromYaml ).imagePullSecrets }}
- name: {{ .name }}
mountPath: "/home/appuser/.image_pull_secrets/{{ .name }}"
mountPath: "/home/appuser/.image_pull_secrets/"
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gdscan.autoUpdate.networkPolicy.enabled }}
---
apiVersion: networking.k8s.io/v1
Expand All @@ -118,4 +117,3 @@ spec:
- port: 443
{{- end }}
{{- end}}
---
6 changes: 3 additions & 3 deletions charts/vaas/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,9 +225,9 @@ gdscan:

autoUpdate:
image:
registry: docker.io
repository: bitnami/kubectl
tag: "1.30"
registry: ghcr.io/gdatasoftwareag
repository: vaas/scanner-updater
tag: "0.4.1"
containerSecurityContext:
enabled: true
readOnlyRootFilesystem: true
Expand Down

0 comments on commit 7616424

Please sign in to comment.