openova/openova
1
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
83ec889f06
openova/platform/kyverno/chart/Chart.yaml
e3mrah 83ec889f06
feat(platform): add global.imageRegistry to remaining bp-* charts + bp-catalyst-platform (PR 3/3, #560) (#580) 
Charts bumped:
- bp-keycloak 1.2.0 -> 1.2.1 (subchart stub; per-component image.registry knobs documented)
- bp-crossplane 1.1.3 -> 1.1.4 (subchart stub)
- bp-crossplane-claims 1.1.0 -> 1.1.1 (global.kubectlImage added; kubectl Job image templated; Hetzner ubuntu-24.04 server images intentionally untouched)
- bp-velero 1.2.0 -> 1.2.1 (subchart stub)
- bp-kyverno 1.0.0 -> 1.0.1 (subchart stub; per-controller image.registry knobs documented)
- bp-trivy 1.0.0 -> 1.0.1 (subchart stub; both operator + scanner image.registry knobs documented)
- bp-grafana 1.0.0 -> 1.0.1 (subchart stub)
- bp-flux 1.1.3 -> 1.1.4 (subchart stub; per-controller image.repository knobs documented)
- bp-catalyst-platform 1.1.13 -> 1.1.14 (global.imageRegistry + images.{catalystApi,catalystUi,marketplaceApi,console,smeTag} added; all 14 Catalyst-authored image refs templated: catalyst-api, catalyst-ui, marketplace-api, console + 10 SME services)

Post-handover per-Sovereign overlays set global.imageRegistry to harbor.<sovereign-fqdn> so every container image pull routes through the Sovereign's own Harbor proxy_cache.

Closes (partial): issue #560 — all 23 bp-* charts now carry global.imageRegistry

Co-authored-by: alierenbaysal <alierenbaysal@openova.io>
2026-05-02 13:21:53 +04:00

29 lines
1.1 KiB
YAML
Raw Blame History

apiVersion: v2
name: bp-kyverno
description: |
Catalyst Blueprint umbrella chart for Kyverno. Depends on the upstream
`kyverno` chart (kyverno/kyverno) as a Helm subchart so
`helm dependency build` pulls the upstream payload into this artifact.
Catalyst-curated values flow into the upstream subchart under the
`kyverno:` key in values.yaml.
Kyverno is the admission policy engine for Catalyst Sovereigns —
validating, mutating, and generating Kubernetes resources via webhook.
HA mode runs four controllers (admission, background, cleanup, reports);
solo-Sovereign default is replicas=1 each.
type: application
version: 1.0.1
appVersion: "v1.18.0"
keywords: [catalyst, blueprint, kyverno, policy, admission, security]
maintainers:
- name: OpenOva Catalyst
email: catalyst@openova.io
# Pinned to kyverno/kyverno 3.8.0 (appVersion v1.18.0) — current stable on
# 2026-04-29. Per docs/INVIOLABLE-PRINCIPLES.md #4 (never hardcode) the
# version is operator-bumpable via PR + Blueprint release.
dependencies:
- name: kyverno
version: "3.8.0"
repository: "https://kyverno.github.io/kyverno/"
Reference in New Issue View Git Blame Copy Permalink