83ec889f06
Charts bumped:
- bp-keycloak 1.2.0 -> 1.2.1 (subchart stub; per-component image.registry knobs documented)
- bp-crossplane 1.1.3 -> 1.1.4 (subchart stub)
- bp-crossplane-claims 1.1.0 -> 1.1.1 (global.kubectlImage added; kubectl Job image templated; Hetzner ubuntu-24.04 server images intentionally untouched)
- bp-velero 1.2.0 -> 1.2.1 (subchart stub)
- bp-kyverno 1.0.0 -> 1.0.1 (subchart stub; per-controller image.registry knobs documented)
- bp-trivy 1.0.0 -> 1.0.1 (subchart stub; both operator + scanner image.registry knobs documented)
- bp-grafana 1.0.0 -> 1.0.1 (subchart stub)
- bp-flux 1.1.3 -> 1.1.4 (subchart stub; per-controller image.repository knobs documented)
- bp-catalyst-platform 1.1.13 -> 1.1.14 (global.imageRegistry + images.{catalystApi,catalystUi,marketplaceApi,console,smeTag} added; all 14 Catalyst-authored image refs templated: catalyst-api, catalyst-ui, marketplace-api, console + 10 SME services)
Post-handover per-Sovereign overlays set global.imageRegistry to harbor.<sovereign-fqdn> so every container image pull routes through the Sovereign's own Harbor proxy_cache.
Closes (partial): issue #560 — all 23 bp-* charts now carry global.imageRegistry
Co-authored-by: alierenbaysal <alierenbaysal@openova.io>
42 lines
2.0 KiB
YAML
42 lines
2.0 KiB
YAML
# Catalyst Blueprint umbrella metadata — the upstream chart is now resolved
|
|
# as a Helm subchart via Chart.yaml `dependencies:`. This values.yaml carries
|
|
# both:
|
|
# 1. The catalystBlueprint metadata block (provenance + version) so
|
|
# observability/audit pipelines can inspect the artifact and report
|
|
# which upstream chart + version is bundled.
|
|
# 2. The upstream subchart values overlay under the `crossplane:` key
|
|
# (umbrella-chart convention — the dependency name from Chart.yaml is
|
|
# the values namespace).
|
|
|
|
global:
|
|
# When set, ALL image pulls in this chart route through this registry.
|
|
# Used post-handover when the Sovereign's own Harbor takes over the
|
|
# proxy_cache role from contabo's central Harbor. Empty = no rewrite
|
|
# (image references use upstream defaults). The upstream crossplane chart
|
|
# exposes `crossplane.image.registry` for override. Per-Sovereign overlays
|
|
# wire that alongside this value. Tracked under #560.
|
|
imageRegistry: ""
|
|
|
|
catalystBlueprint:
|
|
upstream: { chart: crossplane, version: "1.18.0", repo: "https://charts.crossplane.io/stable" }
|
|
|
|
# ─── Upstream chart values (subchart key: crossplane) ─────────────────────
|
|
# Generated by docs/PROVISIONING-PLAN.md tickets [F] chart Pass 105+.
|
|
crossplane:
|
|
resourcesCrossplane:
|
|
requests: { cpu: 100m, memory: 256Mi }
|
|
limits: { memory: 1Gi }
|
|
# Prometheus metrics annotations — DEFAULT OFF.
|
|
#
|
|
# Per docs/INVIOLABLE-PRINCIPLES.md #4 and docs/BLUEPRINT-AUTHORING.md
|
|
# §11.2 (Observability toggles must default false). The upstream
|
|
# crossplane chart's `metrics.enabled` only adds prometheus.io/scrape
|
|
# annotations and a 8080/metrics port — it does NOT render
|
|
# ServiceMonitor or any monitoring.coreos.com/v1 resource — so defaulting
|
|
# `true` here would not break install. We default it `false` anyway to
|
|
# keep the rule uniform across every Blueprint: every observability
|
|
# toggle is operator-tunable and ships off. Operator opts in via
|
|
# per-cluster overlay (issue #182).
|
|
metrics:
|
|
enabled: false
|