diff --git a/charts/trusted-artifact-signer/Chart.yaml b/charts/trusted-artifact-signer/Chart.yaml index bfc61011..d3d3e2d6 100644 --- a/charts/trusted-artifact-signer/Chart.yaml +++ b/charts/trusted-artifact-signer/Chart.yaml @@ -17,7 +17,7 @@ description: A Helm chart for deploying Sigstore scaffold chart that is opiniona type: application dependencies: - name: scaffold - version: 0.6.32 + version: 0.6.41 repository: https://sigstore.github.io/helm-charts alias: scaffold keywords: @@ -33,4 +33,4 @@ sources: # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.39 +version: 0.1.40 diff --git a/charts/trusted-artifact-signer/README.md b/charts/trusted-artifact-signer/README.md index 338e9866..53614733 100644 --- a/charts/trusted-artifact-signer/README.md +++ b/charts/trusted-artifact-signer/README.md @@ -3,7 +3,7 @@ A Helm chart for deploying Sigstore scaffold chart that is opinionated for OpenShift -![Version: 0.1.38](https://img.shields.io/badge/Version-0.1.38-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.1.40](https://img.shields.io/badge/Version-0.1.40-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ## Overview @@ -78,7 +78,7 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| https://sigstore.github.io/helm-charts | scaffold(scaffold) | 0.6.32 | +| https://sigstore.github.io/helm-charts | scaffold(scaffold) | 0.6.41 | ## Values @@ -86,15 +86,15 @@ Kubernetes: `>= 1.19.0-0` |-----|-------------|------|---------| | configs.clientserver.consoleDownload | This can only be enabled if the OpenShift CRD is registered. | bool | `true` | | configs.clientserver.image.pullPolicy | | string | `"IfNotPresent"` | -| configs.clientserver.image.registry | | string | `"registry.redhat.io"` | -| configs.clientserver.image.repository | | string | `"rhtas-tech-preview/client-server-rhel9"` | -| configs.clientserver.image.version | | string | `"sha256:91caede7f666f380bd3e437444386a3818d89d50f28bb468c79294450c6bca9e"` | +| configs.clientserver.image.registry | | string | `"quay.io"` | +| configs.clientserver.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/access-1-0-gamma/client-server-1-0-gamma"` | +| configs.clientserver.image.version | | string | `"sha256:60cdd00990d5372889a33cb93258b8dc026a9aa27c6f757bce25a500414d03b6"` | | configs.clientserver.name | | string | `"tas-clients"` | | configs.clientserver.namespace | | string | `"trusted-artifact-signer-clientserver"` | | configs.clientserver.namespace_create | | bool | `true` | | configs.clientserver.route | Whether to create the OpenShift route resource | bool | `true` | | configs.cosign_deploy.enabled | | bool | `false` | -| configs.cosign_deploy.image | Image containing the cosign binary as well as environment variables with the base domain injected. | object | `{"pullPolicy":"IfNotPresent","registry":"registry.redhat.io","repository":"rhtas-tech-preview/cosign-rhel9","version":"sha256:151f4a1e721b644bafe47bf5bfb8844ff27b95ca098cc37f3f6cbedcda79a897"}` | +| configs.cosign_deploy.image | Image containing the cosign binary as well as environment variables with the base domain injected. | object | `{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"redhat-user-workloads/rhtas-tenant/cli-1-0-gamma/cosign-cli-2-2","version":"sha256:83e03294d6dfe8443762a735b2abb1171043cbfb93694a459e4432e520acf9a2"}` | | configs.cosign_deploy.name | Name of deployment | string | `"cosign"` | | configs.cosign_deploy.namespace | | string | `"cosign"` | | configs.cosign_deploy.namespace_create | | bool | `true` | @@ -130,9 +130,9 @@ Kubernetes: `>= 1.19.0-0` | configs.rekor.signer.secret.private_key_file | File containing a private encrypted signing key | string | `""` | | configs.rekorui.enabled | | bool | `true` | | configs.rekorui.image.imagePullPolicy | | string | `"Always"` | -| configs.rekorui.image.registry | | string | `"registry.redhat.io"` | -| configs.rekorui.image.repository | | string | `"rhtas-tech-preview/rekor-search-ui-rhel9"` | -| configs.rekorui.image.version | | string | `"sha256:ea4344bc762809ca46ea0708de378d8592b97194a9c1e08eb9396294276818bf"` | +| configs.rekorui.image.registry | | string | `"quay.io"` | +| configs.rekorui.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/rekor-search-ui-1-0-gamma"` | +| configs.rekorui.image.version | | string | `"sha256:dfccdb7fefc305f5b825b02da37ccc1e660b80b9d88388803530c4cdad918dcf"` | | configs.rekorui.name | | string | `"rekor-ui"` | | configs.rekorui.namespace | | string | `"rekor-ui"` | | configs.rekorui.namespace_create | | bool | `true` | @@ -140,9 +140,9 @@ Kubernetes: `>= 1.19.0-0` | configs.rekorui.subdomain | | string | `"rekorui.appsSubdomain"` | | configs.segment_backup_job.enabled | | bool | `false` | | configs.segment_backup_job.image.pullPolicy | | string | `"IfNotPresent"` | -| configs.segment_backup_job.image.registry | | string | `"registry.redhat.io"` | -| configs.segment_backup_job.image.repository | | string | `"rhtas-tech-preview/segment-backup-job-rhel9"` | -| configs.segment_backup_job.image.version | | string | `"sha256:73f12e684395048bb1cd7f3f0ae4fdf97703e0012257e57152b4f7f8426644f5"` | +| configs.segment_backup_job.image.registry | | string | `"quay.io"` | +| configs.segment_backup_job.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/access-1-0-gamma/segment-backup-job-1-0-gamma"` | +| configs.segment_backup_job.image.version | | string | `"sha256:24019bfe598d79774135398e8b186e56969e7f6e3dfdeb4a965ca40bd21cb6fb"` | | configs.segment_backup_job.name | | string | `"segment-backup-job"` | | configs.segment_backup_job.namespace | | string | `"trusted-artifact-signer-monitoring"` | | configs.segment_backup_job.namespace_create | | bool | `false` | @@ -167,9 +167,9 @@ Kubernetes: `>= 1.19.0-0` | scaffold.ctlog.createctconfig.backoffLimit | | int | `30` | | scaffold.ctlog.createctconfig.enabled | | bool | `true` | | scaffold.ctlog.createctconfig.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.ctlog.createctconfig.image.registry | | string | `"registry.redhat.io"` | -| scaffold.ctlog.createctconfig.image.repository | | string | `"rhtas-tech-preview/createctconfig-rhel9"` | -| scaffold.ctlog.createctconfig.image.version | | string | `"sha256:2c96132697025f91dfdfd6b4d2376b9d6fb3231192647e9abcbf8239e8121c0d"` | +| scaffold.ctlog.createctconfig.image.registry | | string | `"quay.io"` | +| scaffold.ctlog.createctconfig.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/createctconfig-0-6"` | +| scaffold.ctlog.createctconfig.image.version | | string | `"sha256:1320a72c59aaac8aadf895f03af1829248f2093bc753f2145fee3ce3028f8922"` | | scaffold.ctlog.createctconfig.initContainerImage.curl.imagePullPolicy | | string | `"IfNotPresent"` | | scaffold.ctlog.createctconfig.initContainerImage.curl.registry | | string | `"registry.access.redhat.com"` | | scaffold.ctlog.createctconfig.initContainerImage.curl.repository | | string | `"ubi9/ubi-minimal"` | @@ -177,23 +177,23 @@ Kubernetes: `>= 1.19.0-0` | scaffold.ctlog.createtree.displayName | | string | `"ctlog-tree"` | | scaffold.ctlog.createtree.fullnameOverride | | string | `"ctlog-createtree"` | | scaffold.ctlog.createtree.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.ctlog.createtree.image.registry | | string | `"registry.redhat.io"` | -| scaffold.ctlog.createtree.image.repository | | string | `"rhtas-tech-preview/createtree-rhel9"` | -| scaffold.ctlog.createtree.image.version | | string | `"sha256:95d1fdd16443ce06cf1f50fec952063fc57637a6ec4076a80184fb1555fa7bfc"` | +| scaffold.ctlog.createtree.image.registry | | string | `"quay.io"` | +| scaffold.ctlog.createtree.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createtree-0-6"` | +| scaffold.ctlog.createtree.image.version | | string | `"sha256:6615261d8ac4cf6da1441c69b52df02a8ebdf423e5cbe11de9a0d0e62f5c001e"` | | scaffold.ctlog.enabled | | bool | `true` | | scaffold.ctlog.forceNamespace | | string | `"ctlog-system"` | | scaffold.ctlog.fullnameOverride | | string | `"ctlog"` | | scaffold.ctlog.namespace.create | | bool | `false` | | scaffold.ctlog.namespace.name | | string | `"ctlog-system"` | | scaffold.ctlog.server.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.ctlog.server.image.registry | | string | `"registry.redhat.io"` | -| scaffold.ctlog.server.image.repository | | string | `"rhtas-tech-preview/ct-server-rhel9"` | -| scaffold.ctlog.server.image.version | | string | `"sha256:17eafff9bc34610d0295654df5adcf6e090bca6581cfc0eb0bb4896405953ac2"` | +| scaffold.ctlog.server.image.registry | | string | `"quay.io"` | +| scaffold.ctlog.server.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/ct-server-0-6"` | +| scaffold.ctlog.server.image.version | | string | `"sha256:44c8c0632a3fe797325062bc482018dfb1e44ae592054cba06269cee8356a45e"` | | scaffold.fulcio.createcerts.enabled | | bool | `false` | | scaffold.fulcio.createcerts.fullnameOverride | | string | `"fulcio-createcerts"` | | scaffold.fulcio.createcerts.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.fulcio.createcerts.image.registry | | string | `"registry.redhat.io"` | -| scaffold.fulcio.createcerts.image.repository | | string | `"rhtas-tech-preview/createcerts-rhel9"` | +| scaffold.fulcio.createcerts.image.registry | | string | `"quay.io"` | +| scaffold.fulcio.createcerts.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/fulcio-1-0-gamma/createcerts-1-0-gamma"` | | scaffold.fulcio.createcerts.image.version | | string | `"sha256:424bb53e999f96fae237c22a3d863b11deec5481fd404b15c4f806c495de256b"` | | scaffold.fulcio.ctlog.createctconfig.logPrefix | | string | `"sigstorescaffolding"` | | scaffold.fulcio.ctlog.enabled | | bool | `false` | @@ -203,9 +203,9 @@ Kubernetes: `>= 1.19.0-0` | scaffold.fulcio.namespace.name | | string | `"fulcio-system"` | | scaffold.fulcio.server.fullnameOverride | | string | `"fulcio-server"` | | scaffold.fulcio.server.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.fulcio.server.image.registry | | string | `"registry.redhat.io"` | -| scaffold.fulcio.server.image.repository | | string | `"rhtas-tech-preview/fulcio-rhel9"` | -| scaffold.fulcio.server.image.version | | string | `"sha256:12fac8e6d83056a7e5108cf92d6c622ef800ea0f2361e5b5d428a9a94811dd10"` | +| scaffold.fulcio.server.image.registry | | string | `"quay.io"` | +| scaffold.fulcio.server.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/fulcio-1-0-gamma/fulcio-1-0-gamma"` | +| scaffold.fulcio.server.image.version | | string | `"sha256:8e80fa6fba6df4cc3065636a7fd926b57327a5ed36f67caf56f162ea7ae0480b"` | | scaffold.fulcio.server.ingress.http.annotations."route.openshift.io/termination" | | string | `"edge"` | | scaffold.fulcio.server.ingress.http.className | | string | `""` | | scaffold.fulcio.server.ingress.http.enabled | | bool | `true` | @@ -213,24 +213,37 @@ Kubernetes: `>= 1.19.0-0` | scaffold.fulcio.server.ingress.http.hosts[0].path | | string | `"/"` | | scaffold.fulcio.server.secret | | string | `"fulcio-secret-rh"` | | scaffold.rekor.backfillredis.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.rekor.backfillredis.image.registry | | string | `"registry.redhat.io"` | -| scaffold.rekor.backfillredis.image.repository | | string | `"rhtas-tech-preview/backfill-redis-rhel9"` | -| scaffold.rekor.backfillredis.image.version | | string | `"sha256:9a8ab70162a2aac1e8335fc1d82c84cd177a95c4ab820fa00dc915c07a25eb76"` | +| scaffold.rekor.backfillredis.image.registry | | string | `"quay.io"` | +| scaffold.rekor.backfillredis.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/backfill-redis-1-0-gamma"` | +| scaffold.rekor.backfillredis.image.version | | string | `"sha256:64f1e2b0964ab3d405fd08707fe21f9879d193437a51766a9b645e01a1b7a422"` | | scaffold.rekor.createtree.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.rekor.createtree.image.registry | | string | `"registry.redhat.io"` | -| scaffold.rekor.createtree.image.repository | | string | `"rhtas-tech-preview/createtree-rhel9"` | -| scaffold.rekor.createtree.image.version | | string | `"sha256:95d1fdd16443ce06cf1f50fec952063fc57637a6ec4076a80184fb1555fa7bfc"` | +| scaffold.rekor.createtree.image.registry | | string | `"quay.io"` | +| scaffold.rekor.createtree.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createtree-0-6"` | +| scaffold.rekor.createtree.image.version | | string | `"sha256:6615261d8ac4cf6da1441c69b52df02a8ebdf423e5cbe11de9a0d0e62f5c001e"` | | scaffold.rekor.enabled | | bool | `true` | | scaffold.rekor.forceNamespace | | string | `"rekor-system"` | | scaffold.rekor.fullnameOverride | | string | `"rekor"` | +| scaffold.rekor.initContainerImage.curl.imagePullPolicy | | string | `"IfNotPresent"` | +| scaffold.rekor.initContainerImage.curl.registry | | string | `"registry.access.redhat.com"` | +| scaffold.rekor.initContainerImage.curl.repository | | string | `"ubi9/ubi-minimal"` | +| scaffold.rekor.initContainerImage.curl.version | | string | `"sha256:06d06f15f7b641a78f2512c8817cbecaa1bf549488e273f5ac27ff1654ed33f0"` | | scaffold.rekor.namespace.create | | bool | `false` | | scaffold.rekor.namespace.name | | string | `"rekor-system"` | +| scaffold.rekor.redis.args[0] | | string | `"/usr/bin/run-redis"` | +| scaffold.rekor.redis.args[1] | | string | `"--bind"` | +| scaffold.rekor.redis.args[2] | | string | `"0.0.0.0"` | +| scaffold.rekor.redis.args[3] | | string | `"--appendonly"` | +| scaffold.rekor.redis.args[4] | | string | `"yes"` | | scaffold.rekor.redis.fullnameOverride | | string | `"rekor-redis"` | +| scaffold.rekor.redis.image.pullPolicy | | string | `"IfNotPresent"` | +| scaffold.rekor.redis.image.registry | | string | `"quay.io"` | +| scaffold.rekor.redis.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/redis-0-6"` | +| scaffold.rekor.redis.image.version | | string | `"sha256:acf920baf6ee1715c0c9d7ddf69867d331c589d3afa680048c508943078d9585"` | | scaffold.rekor.server.fullnameOverride | | string | `"rekor-server"` | | scaffold.rekor.server.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.rekor.server.image.registry | | string | `"registry.redhat.io"` | -| scaffold.rekor.server.image.repository | | string | `"rhtas-tech-preview/rekor-server-rhel9"` | -| scaffold.rekor.server.image.version | | string | `"sha256:53b650ad487dce78025d1dbddc5f25116c132f4e78b7d6f8c1dd0638574f6db3"` | +| scaffold.rekor.server.image.registry | | string | `"quay.io"` | +| scaffold.rekor.server.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/rekor-server-1-0-gamma"` | +| scaffold.rekor.server.image.version | | string | `"sha256:8772a59796c39f6f8bbe74a628652777e4b187d3c1292ec893797ee87b259497"` | | scaffold.rekor.server.ingress.annotations."route.openshift.io/termination" | | string | `"edge"` | | scaffold.rekor.server.ingress.className | | string | `""` | | scaffold.rekor.server.ingress.hosts[0].host | | string | `"rekor.appsSubdomain"` | @@ -242,9 +255,9 @@ Kubernetes: `>= 1.19.0-0` | scaffold.rekor.server.signerFileSecretOptions.secretName | | string | `"rekor-private-key"` | | scaffold.rekor.trillian.enabled | | bool | `false` | | scaffold.trillian.createdb.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.trillian.createdb.image.registry | | string | `"registry.redhat.io"` | -| scaffold.trillian.createdb.image.repository | | string | `"rhtas-tech-preview/createdb-rhel9"` | -| scaffold.trillian.createdb.image.version | | string | `"sha256:cb9f0c8c9459c591eb1aa3192acaa75ccb7264db1e8306b9f4562025e2a04e87"` | +| scaffold.trillian.createdb.image.registry | | string | `"quay.io"` | +| scaffold.trillian.createdb.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createdb-0-6"` | +| scaffold.trillian.createdb.image.version | | string | `"sha256:ab1333f9507cd2bed77ff2815b93c81371fbf855f50a561ee17dc5461f06c37c"` | | scaffold.trillian.enabled | | bool | `true` | | scaffold.trillian.forceNamespace | | string | `"trillian-system"` | | scaffold.trillian.fullnameOverride | | string | `"trillian"` | @@ -252,22 +265,22 @@ Kubernetes: `>= 1.19.0-0` | scaffold.trillian.initContainerImage.curl.registry | | string | `"registry.access.redhat.com"` | | scaffold.trillian.initContainerImage.curl.repository | | string | `"ubi9/ubi-minimal"` | | scaffold.trillian.initContainerImage.curl.version | | string | `"latest"` | -| scaffold.trillian.initContainerImage.netcat.registry | | string | `"registry.redhat.io"` | -| scaffold.trillian.initContainerImage.netcat.repository | | string | `"rhtas-tech-preview/trillian-netcat-rhel9"` | -| scaffold.trillian.initContainerImage.netcat.version | | string | `"sha256:a43e9a384050d398a73e90d51c9c0f9f1af426117fa9bf6725674de7a95f0873"` | +| scaffold.trillian.initContainerImage.netcat.registry | | string | `"quay.io"` | +| scaffold.trillian.initContainerImage.netcat.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-netcat-1-5"` | +| scaffold.trillian.initContainerImage.netcat.version | | string | `"sha256:c876c793f3fb23958e6b381c302b86133ebf2ea49a6153c8a2014ab8a24a4929"` | | scaffold.trillian.logServer.fullnameOverride | | string | `"trillian-logserver"` | | scaffold.trillian.logServer.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.trillian.logServer.image.registry | | string | `"registry.redhat.io"` | -| scaffold.trillian.logServer.image.repository | | string | `"rhtas-tech-preview/trillian-logserver-rhel9"` | -| scaffold.trillian.logServer.image.version | | string | `"sha256:0c175c41e093412450e80ba5e7be0ed47a85f166ee80003e74cbcb602ae190d1"` | +| scaffold.trillian.logServer.image.registry | | string | `"quay.io"` | +| scaffold.trillian.logServer.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-logserver-1-5"` | +| scaffold.trillian.logServer.image.version | | string | `"sha256:56a3a063e5e0729a0bb72eb3f4233b00cb0f4fee22c1df3f01e406b52824ed41"` | | scaffold.trillian.logServer.name | | string | `"trillian-logserver"` | | scaffold.trillian.logServer.portHTTP | | int | `8090` | | scaffold.trillian.logServer.portRPC | | int | `8091` | | scaffold.trillian.logSigner.fullnameOverride | | string | `"trillian-logsigner"` | | scaffold.trillian.logSigner.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.trillian.logSigner.image.registry | | string | `"registry.redhat.io"` | -| scaffold.trillian.logSigner.image.repository | | string | `"rhtas-tech-preview/trillian-logsigner-rhel9"` | -| scaffold.trillian.logSigner.image.version | | string | `"sha256:0fa31246a6a1953043ce92d1b69a02096d6a9362851fe3ca603f19d8f60c34c5"` | +| scaffold.trillian.logSigner.image.registry | | string | `"quay.io"` | +| scaffold.trillian.logSigner.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-logsigner-1-5"` | +| scaffold.trillian.logSigner.image.version | | string | `"sha256:04bf51328a940965a4cf3ca7c4b188bf2861c91f639a77b4691733881b82dd35"` | | scaffold.trillian.logSigner.name | | string | `"trillian-logsigner"` | | scaffold.trillian.mysql.args | | list | `[]` | | scaffold.trillian.mysql.fullnameOverride | | string | `"trillian-mysql"` | @@ -275,9 +288,9 @@ Kubernetes: `>= 1.19.0-0` | scaffold.trillian.mysql.gcp.scaffoldSQLProxy.repository | | string | `"rhtas-tech-preview/cloudsqlproxy-rhel9"` | | scaffold.trillian.mysql.gcp.scaffoldSQLProxy.version | | string | `"sha256:f6879364d41b2adbe339c6de1dae5d17be575ea274786895448ee4277831cb7f"` | | scaffold.trillian.mysql.image.pullPolicy | | string | `"IfNotPresent"` | -| scaffold.trillian.mysql.image.registry | | string | `"registry.redhat.io"` | -| scaffold.trillian.mysql.image.repository | | string | `"rhtas-tech-preview/trillian-database-rhel9"` | -| scaffold.trillian.mysql.image.version | | string | `"sha256:e8e038bf1ca79f44a12b63b460f60148c9a230c2e551d13783626f03ce2573a1"` | +| scaffold.trillian.mysql.image.registry | | string | `"quay.io"` | +| scaffold.trillian.mysql.image.repository | | string | `"redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-database-1-5"` | +| scaffold.trillian.mysql.image.version | | string | `"sha256:cfb2eb3e5cb2071790c3932991bd6931c2f6eac5626907f928bdc677a70b55e8"` | | scaffold.trillian.mysql.livenessProbe.exec.command[0] | | string | `"mysqladmin"` | | scaffold.trillian.mysql.livenessProbe.exec.command[1] | | string | `"ping"` | | scaffold.trillian.mysql.livenessProbe.exec.command[2] | | string | `"-h"` | @@ -295,11 +308,7 @@ Kubernetes: `>= 1.19.0-0` | scaffold.trillian.mysql.securityContext.fsGroup | | int | `0` | | scaffold.trillian.namespace.create | | bool | `false` | | scaffold.trillian.namespace.name | | string | `"trillian-system"` | -| scaffold.trillian.redis.args[0] | | string | `"/usr/bin/run-redis"` | -| scaffold.trillian.redis.args[1] | | string | `"--bind"` | -| scaffold.trillian.redis.args[2] | | string | `"0.0.0.0"` | -| scaffold.trillian.redis.args[3] | | string | `"--appendonly"` | -| scaffold.trillian.redis.args[4] | | string | `"yes"` | +| scaffold.trillian.redis.args | | list | `[]` | | scaffold.trillian.redis.image.pullPolicy | | string | `"IfNotPresent"` | | scaffold.trillian.redis.image.registry | | string | `"registry.redhat.io"` | | scaffold.trillian.redis.image.repository | | string | `"rhtas-tech-preview/redis-trillian-rhel9"` | @@ -309,8 +318,8 @@ Kubernetes: `>= 1.19.0-0` | scaffold.tsa.namespace.create | | bool | `false` | | scaffold.tsa.namespace.name | | string | `"tsa-system"` | | scaffold.tsa.server.fullnameOverride | | string | `"tsa-server"` | -| scaffold.tuf.deployment.registry | | string | `"registry.redhat.io"` | -| scaffold.tuf.deployment.repository | | string | `"rhtas-tech-preview/tuf-server-rhel9"` | +| scaffold.tuf.deployment.registry | | string | `"quay.io"` | +| scaffold.tuf.deployment.repository | | string | `"redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/tuf-server-0-6"` | | scaffold.tuf.deployment.version | | string | `"sha256:e61ca335380ccb857cc66ecbb922ac741247956b62abba795fc29da648b91e26"` | | scaffold.tuf.enabled | | bool | `true` | | scaffold.tuf.forceNamespace | | string | `"tuf-system"` | diff --git a/charts/trusted-artifact-signer/charts/scaffold-0.6.28.tgz b/charts/trusted-artifact-signer/charts/scaffold-0.6.28.tgz deleted file mode 100644 index 74578cbf..00000000 Binary files a/charts/trusted-artifact-signer/charts/scaffold-0.6.28.tgz and /dev/null differ diff --git a/charts/trusted-artifact-signer/charts/scaffold-0.6.41.tgz b/charts/trusted-artifact-signer/charts/scaffold-0.6.41.tgz new file mode 100644 index 00000000..d1204b30 Binary files /dev/null and b/charts/trusted-artifact-signer/charts/scaffold-0.6.41.tgz differ diff --git a/charts/trusted-artifact-signer/values.schema.json b/charts/trusted-artifact-signer/values.schema.json index a4e48b39..80ff214c 100644 --- a/charts/trusted-artifact-signer/values.schema.json +++ b/charts/trusted-artifact-signer/values.schema.json @@ -1345,15 +1345,15 @@ "secrets": { "ctlog": { "name": "ctlog-public-key", - "path": "ctlog-pubkey" + "path": "ctfe.pub" }, "fulcio": { "name": "fulcio-server-secret", - "path": "fulcio-cert" + "path": "fulcio_v1.crt.pem" }, "rekor": { "name": "rekor-public-key", - "path": "rekor-pubkey" + "path": "rekor.pub" } } } diff --git a/charts/trusted-artifact-signer/values.yaml b/charts/trusted-artifact-signer/values.yaml index 2749de28..aa182f23 100644 --- a/charts/trusted-artifact-signer/values.yaml +++ b/charts/trusted-artifact-signer/values.yaml @@ -9,9 +9,9 @@ configs: enabled: false namespace_create: false image: - registry: registry.redhat.io - repository: rhtas-tech-preview/segment-backup-job-rhel9 - version: "sha256:73f12e684395048bb1cd7f3f0ae4fdf97703e0012257e57152b4f7f8426644f5" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/access-1-0-gamma/segment-backup-job-1-0-gamma + version: "sha256:24019bfe598d79774135398e8b186e56969e7f6e3dfdeb4a965ca40bd21cb6fb" pullPolicy: IfNotPresent rolebindings: - segment-backup-job @@ -27,9 +27,9 @@ configs: namespace_create: true namespace: trusted-artifact-signer-clientserver image: - registry: registry.redhat.io - repository: rhtas-tech-preview/client-server-rhel9 - version: "sha256:91caede7f666f380bd3e437444386a3818d89d50f28bb468c79294450c6bca9e" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/access-1-0-gamma/client-server-1-0-gamma + version: "sha256:60cdd00990d5372889a33cb93258b8dc026a9aa27c6f757bce25a500414d03b6" pullPolicy: IfNotPresent rekorui: @@ -39,9 +39,9 @@ configs: namespace_create: true namespace: rekor-ui image: - registry: registry.redhat.io - repository: rhtas-tech-preview/rekor-search-ui-rhel9 - version: "sha256:ea4344bc762809ca46ea0708de378d8592b97194a9c1e08eb9396294276818bf" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/rekor-search-ui-1-0-gamma + version: "sha256:dfccdb7fefc305f5b825b02da37ccc1e660b80b9d88388803530c4cdad918dcf" imagePullPolicy: Always subdomain: rekorui.appsSubdomain ctlog: @@ -153,9 +153,9 @@ configs: name: cosign # -- Image containing the cosign binary as well as environment variables with the base domain injected. image: - registry: registry.redhat.io - repository: rhtas-tech-preview/cosign-rhel9 - version: sha256:151f4a1e721b644bafe47bf5bfb8844ff27b95ca098cc37f3f6cbedcda79a897 + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/cli-1-0-gamma/cosign-cli-2-2 + version: sha256:83e03294d6dfe8443762a735b2abb1171043cbfb93694a459e4432e520acf9a2 pullPolicy: IfNotPresent rbac: @@ -173,9 +173,9 @@ scaffold: name: ctlog-system server: image: - registry: registry.redhat.io - repository: rhtas-tech-preview/ct-server-rhel9 - version: "sha256:17eafff9bc34610d0295654df5adcf6e090bca6581cfc0eb0bb4896405953ac2" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/ct-server-0-6 + version: "sha256:44c8c0632a3fe797325062bc482018dfb1e44ae592054cba06269cee8356a45e" pullPolicy: IfNotPresent createctconfig: backoffLimit: 30 @@ -187,9 +187,9 @@ scaffold: version: latest imagePullPolicy: IfNotPresent image: - registry: registry.redhat.io - repository: rhtas-tech-preview/createctconfig-rhel9 - version: "sha256:2c96132697025f91dfdfd6b4d2376b9d6fb3231192647e9abcbf8239e8121c0d" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/createctconfig-0-6 + version: "sha256:1320a72c59aaac8aadf895f03af1829248f2093bc753f2145fee3ce3028f8922" pullPolicy: IfNotPresent createcerts: fullnameOverride: ctlog-createcerts @@ -197,9 +197,9 @@ scaffold: fullnameOverride: ctlog-createtree displayName: ctlog-tree image: - registry: registry.redhat.io - repository: rhtas-tech-preview/createtree-rhel9 - version: "sha256:95d1fdd16443ce06cf1f50fec952063fc57637a6ec4076a80184fb1555fa7bfc" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createtree-0-6 + version: "sha256:6615261d8ac4cf6da1441c69b52df02a8ebdf423e5cbe11de9a0d0e62f5c001e" pullPolicy: IfNotPresent fulcio: enabled: true @@ -215,16 +215,16 @@ scaffold: enabled: false fullnameOverride: fulcio-createcerts image: - registry: registry.redhat.io - repository: rhtas-tech-preview/createcerts-rhel9 + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/fulcio-1-0-gamma/createcerts-1-0-gamma version: "sha256:424bb53e999f96fae237c22a3d863b11deec5481fd404b15c4f806c495de256b" pullPolicy: IfNotPresent server: fullnameOverride: fulcio-server image: - registry: registry.redhat.io - repository: rhtas-tech-preview/fulcio-rhel9 - version: "sha256:12fac8e6d83056a7e5108cf92d6c622ef800ea0f2361e5b5d428a9a94811dd10" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/fulcio-1-0-gamma/fulcio-1-0-gamma + version: "sha256:8e80fa6fba6df4cc3065636a7fd926b57327a5ed36f67caf56f162ea7ae0480b" pullPolicy: IfNotPresent # If content and/or files not provided in configs.fulcio.secret # then this secret must exist in fulcio-system ns. See ../quickstart-with-keycloak.md @@ -264,16 +264,16 @@ scaffold: - --appendonly - "yes" image: - registry: registry.redhat.io - repository: rhtas-tech-preview/redis-trillian-rhel9 + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/redis-0-6 version: sha256:acf920baf6ee1715c0c9d7ddf69867d331c589d3afa680048c508943078d9585 pullPolicy: IfNotPresent server: fullnameOverride: rekor-server image: - registry: registry.redhat.io - repository: rhtas-tech-preview/rekor-server-rhel9 - version: "sha256:53b650ad487dce78025d1dbddc5f25116c132f4e78b7d6f8c1dd0638574f6db3" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/rekor-server-1-0-gamma + version: "sha256:8772a59796c39f6f8bbe74a628652777e4b187d3c1292ec893797ee87b259497" pullPolicy: IfNotPresent # when providing contents of secret with configs.rekor.signer # the signer sections must also be provided here @@ -293,15 +293,15 @@ scaffold: createtree: image: - registry: registry.redhat.io - repository: rhtas-tech-preview/createtree-rhel9 - version: "sha256:95d1fdd16443ce06cf1f50fec952063fc57637a6ec4076a80184fb1555fa7bfc" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createtree-0-6 + version: "sha256:6615261d8ac4cf6da1441c69b52df02a8ebdf423e5cbe11de9a0d0e62f5c001e" pullPolicy: IfNotPresent backfillredis: image: - registry: registry.redhat.io - repository: rhtas-tech-preview/backfill-redis-rhel9 - version: "sha256:9a8ab70162a2aac1e8335fc1d82c84cd177a95c4ab820fa00dc915c07a25eb76" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/rekor-1-0-gamma/backfill-redis-1-0-gamma + version: "sha256:64f1e2b0964ab3d405fd08707fe21f9879d193437a51766a9b645e01a1b7a422" pullPolicy: IfNotPresent trillian: enabled: true @@ -312,15 +312,15 @@ scaffold: name: trillian-system createdb: image: - registry: registry.redhat.io - repository: rhtas-tech-preview/createdb-rhel9 - version: "sha256:cb9f0c8c9459c591eb1aa3192acaa75ccb7264db1e8306b9f4562025e2a04e87" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/createdb-0-6 + version: "sha256:ab1333f9507cd2bed77ff2815b93c81371fbf855f50a561ee17dc5461f06c37c" pullPolicy: IfNotPresent initContainerImage: netcat: - registry: registry.redhat.io - repository: rhtas-tech-preview/trillian-netcat-rhel9 - version: "sha256:a43e9a384050d398a73e90d51c9c0f9f1af426117fa9bf6725674de7a95f0873" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-netcat-1-5 + version: "sha256:c876c793f3fb23958e6b381c302b86133ebf2ea49a6153c8a2014ab8a24a4929" curl: registry: registry.access.redhat.com repository: ubi9/ubi-minimal @@ -338,9 +338,9 @@ scaffold: name: trillian-logsigner fullnameOverride: trillian-logsigner image: - registry: registry.redhat.io - repository: rhtas-tech-preview/trillian-logsigner-rhel9 - version: "sha256:0fa31246a6a1953043ce92d1b69a02096d6a9362851fe3ca603f19d8f60c34c5" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-logsigner-1-5 + version: "sha256:04bf51328a940965a4cf3ca7c4b188bf2861c91f639a77b4691733881b82dd35" pullPolicy: IfNotPresent logServer: name: trillian-logserver @@ -348,9 +348,9 @@ scaffold: portHTTP: 8090 portRPC: 8091 image: - registry: registry.redhat.io - repository: rhtas-tech-preview/trillian-logserver-rhel9 - version: "sha256:0c175c41e093412450e80ba5e7be0ed47a85f166ee80003e74cbcb602ae190d1" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-logserver-1-5 + version: "sha256:56a3a063e5e0729a0bb72eb3f4233b00cb0f4fee22c1df3f01e406b52824ed41" pullPolicy: IfNotPresent mysql: fullnameOverride: trillian-mysql @@ -360,9 +360,9 @@ scaffold: repository: rhtas-tech-preview/cloudsqlproxy-rhel9 version: sha256:f6879364d41b2adbe339c6de1dae5d17be575ea274786895448ee4277831cb7f image: - registry: registry.redhat.io - repository: rhtas-tech-preview/trillian-database-rhel9 - version: "sha256:e8e038bf1ca79f44a12b63b460f60148c9a230c2e551d13783626f03ce2573a1" + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/trillian-1-0-gamma/trillian-database-1-5 + version: "sha256:cfb2eb3e5cb2071790c3932991bd6931c2f6eac5626907f928bdc677a70b55e8" pullPolicy: IfNotPresent args: [] securityContext: @@ -414,8 +414,8 @@ scaffold: - host: tuf.appsSubdomain path: / deployment: - registry: registry.redhat.io - repository: rhtas-tech-preview/tuf-server-rhel9 + registry: quay.io + repository: redhat-user-workloads/rhtas-tenant/scaffold-1-0-gamma/tuf-server-0-6 version: "sha256:e61ca335380ccb857cc66ecbb922ac741247956b62abba795fc29da648b91e26" copySecretJob: