From a6463ecc8762c9ee3af685fa6c8c08526114ca3d Mon Sep 17 00:00:00 2001 From: Michele Sciabarra <“msciabarra@apache.org”> Date: Fri, 12 Dec 2025 09:46:11 +0100 Subject: [PATCH 1/2] always use IfNotPresent --- deploy/acme-openshift/acme-setup.yaml | 2 +- deploy/mongodb-operator/mongodb-operator.yaml | 2 +- deploy/openwhisk-standalone/standalone-conf.yaml | 2 +- deploy/quota/quota_checker.yaml | 6 +++--- nuvolaris/templates/couchdb-init.yaml | 2 +- nuvolaris/templates/couchdb-set-tpl.yaml | 8 ++++---- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/deploy/acme-openshift/acme-setup.yaml b/deploy/acme-openshift/acme-setup.yaml index b4c7e475..3620d138 100644 --- a/deploy/acme-openshift/acme-setup.yaml +++ b/deploy/acme-openshift/acme-setup.yaml @@ -52,7 +52,7 @@ spec: containers: - name: openshift-acme image: quay.io/tnozicka/openshift-acme:controller - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: - --exposer-image=quay.io/tnozicka/openshift-acme:exposer - --loglevel=4 \ No newline at end of file diff --git a/deploy/mongodb-operator/mongodb-operator.yaml b/deploy/mongodb-operator/mongodb-operator.yaml index 4ec4df5c..11812100 100644 --- a/deploy/mongodb-operator/mongodb-operator.yaml +++ b/deploy/mongodb-operator/mongodb-operator.yaml @@ -73,7 +73,7 @@ spec: - name: MONGODB_REPO_URL value: docker.io image: quay.io/mongodb/mongodb-kubernetes-operator:0.7.8 - imagePullPolicy: Always + imagePullPolicy: IfNotPresent name: mongodb-kubernetes-operator resources: limits: diff --git a/deploy/openwhisk-standalone/standalone-conf.yaml b/deploy/openwhisk-standalone/standalone-conf.yaml index c846a746..d8d98c2f 100644 --- a/deploy/openwhisk-standalone/standalone-conf.yaml +++ b/deploy/openwhisk-standalone/standalone-conf.yaml @@ -26,7 +26,7 @@ data: apiVersion: v1 kind: Pod spec: - imagePullPolicy: Always + imagePullPolicy: IfNotPresent imagePullSecrets: - name: registry-pull-secret diff --git a/deploy/quota/quota_checker.yaml b/deploy/quota/quota_checker.yaml index 146e22ae..fc2582d7 100644 --- a/deploy/quota/quota_checker.yaml +++ b/deploy/quota/quota_checker.yaml @@ -32,7 +32,7 @@ spec: containers: - name: quota-checker image: registry.hub.docker.com/nuvolaris/nuvolaris-operator:1.3.0-mastrogpt.2405142002 - imagePullPolicy: Always + imagePullPolicy: IfNotPresent command: - /bin/sh - -c @@ -48,6 +48,6 @@ spec: - name: DATABASE_DB_HOST_NAME value: nuvolaris-postgres - name: REDIS_PASSWORD - value: RedisS0meP@ass3 - restartPolicy: OnFailure + value: RedisS0meP@ass3 + restartPolicy: OnFailure diff --git a/nuvolaris/templates/couchdb-init.yaml b/nuvolaris/templates/couchdb-init.yaml index 16961e71..8db586c2 100644 --- a/nuvolaris/templates/couchdb-init.yaml +++ b/nuvolaris/templates/couchdb-init.yaml @@ -41,7 +41,7 @@ spec: containers: - name: init-couchdb image: "{{image}}" - #imagePullPolicy: "Always" + imagePullPolicy: "IfNotPresent" command: ["./dbinit.sh"] env: - name: "NUVOLARIS_CONFIG" diff --git a/nuvolaris/templates/couchdb-set-tpl.yaml b/nuvolaris/templates/couchdb-set-tpl.yaml index dc0e243c..c37d50c5 100644 --- a/nuvolaris/templates/couchdb-set-tpl.yaml +++ b/nuvolaris/templates/couchdb-set-tpl.yaml @@ -22,7 +22,7 @@ metadata: namespace: nuvolaris name: {{name}} labels: - name: {{name}} + name: {{name}} app: {{appName}} index: "{{index}}" replicationRole: "{{replicationRole}}" @@ -39,10 +39,10 @@ spec: labels: name: {{name}} app: {{appName}} - index: "{{index}}" + index: "{{index}}" replicationRole: primary annotations: - whisks.nuvolaris.org/annotate-version: "true" + whisks.nuvolaris.org/annotate-version: "true" spec: restartPolicy: Always containers: @@ -53,7 +53,7 @@ spec: capabilities: drop: - ALL - imagePullPolicy: "Always" + imagePullPolicy: "IfNotPresent" {% else %} imagePullPolicy: "IfNotPresent" {% endif %} From 250ed6e489df50d40f0995be38fc9fc53e70cd59 Mon Sep 17 00:00:00 2001 From: Michele Sciabarra Date: Sun, 14 Dec 2025 09:55:45 +0000 Subject: [PATCH 2/2] using stable images --- deploy/kafka/kafka-001-sts.yaml | 10 +++++----- deploy/redis/redis-set.yaml | 6 +++--- nuvolaris/templates/kafka-001-sts.yaml | 12 ++++++------ nuvolaris/templates/redis-set.yaml | 8 ++++---- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/deploy/kafka/kafka-001-sts.yaml b/deploy/kafka/kafka-001-sts.yaml index f97b59e7..820b56af 100644 --- a/deploy/kafka/kafka-001-sts.yaml +++ b/deploy/kafka/kafka-001-sts.yaml @@ -44,10 +44,10 @@ spec: claimName: "kafka-pvc-data" initContainers: - name: "wait-for-zookeeper" - image: "busybox:latest" + image: "busybox:1.36.1" imagePullPolicy: "IfNotPresent" command: ["sh", "-c", 'result=1; until [ $result -eq 0 ]; do OK=$(echo ruok | nc -w 1 zookeeper-0.zookeeper 2181); if [ "$OK" == "imok" ]; then result=0; echo "zookeeper returned imok!"; else echo waiting for zookeeper to be ready; sleep 1; fi; done; echo "Success: zookeeper is up"'] - + containers: - name: kafka image: "ghcr.io/nuvolaris/kafka:2.3.1.2311011621" @@ -67,9 +67,9 @@ spec: - name: "KAFKA_ADVERTISED_LISTENERS" value: "EXTERNAL://_{HOSTNAME_COMMAND}:9092" - name: "KAFKA_INTER_BROKER_LISTENER_NAME" - value: "EXTERNAL" + value: "EXTERNAL" - name: "KAFKA_ZOOKEEPER_CONNECT" - value: "zookeeper-0.zookeeper:2181" + value: "zookeeper-0.zookeeper:2181" volumeMounts: - mountPath: /kafka name: "kafka-pvc" @@ -104,4 +104,4 @@ spec: volumeMounts: - mountPath: /kafka name: kafka-pvc - readOnly: true \ No newline at end of file + readOnly: true \ No newline at end of file diff --git a/deploy/redis/redis-set.yaml b/deploy/redis/redis-set.yaml index a73b88ef..6b1575d2 100644 --- a/deploy/redis/redis-set.yaml +++ b/deploy/redis/redis-set.yaml @@ -32,12 +32,12 @@ spec: name: redis app: redis annotations: - whisks.nuvolaris.org/annotate-version: "true" + whisks.nuvolaris.org/annotate-version: "true" spec: - restartPolicy: Always + restartPolicy: Always containers: - name: redis - image: bitnamisecure/valkey:latest + image: docker.io/bitnamilegacy/redis:8.2.1 command: ["/bin/sh","-c","redis-server /redis-master/redis.conf"] env: - name: MASTER diff --git a/nuvolaris/templates/kafka-001-sts.yaml b/nuvolaris/templates/kafka-001-sts.yaml index 079c666a..a91d501a 100644 --- a/nuvolaris/templates/kafka-001-sts.yaml +++ b/nuvolaris/templates/kafka-001-sts.yaml @@ -36,7 +36,7 @@ spec: name: kafka app: kafka annotations: - whisks.nuvolaris.org/annotate-version: "true" + whisks.nuvolaris.org/annotate-version: "true" spec: restartPolicy: Always volumes: @@ -46,10 +46,10 @@ spec: initContainers: - name: "wait-for-zookeeper" - image: "busybox:latest" + image: "busybox:1.36.1" imagePullPolicy: "IfNotPresent" command: ["sh", "-c", 'result=1; until [ $result -eq 0 ]; do OK=$(echo ruok | nc -w 1 {{zookeeper_host}} {{zookeeper_port}}); if [ "$OK" == "imok" ]; then result=0; echo "zookeeper returned imok!"; else echo waiting for zookeeper to be ready; sleep 1; fi; done; echo "Success: zookeeper is up"'] - + containers: - name: kafka image: "ghcr.io/nuvolaris/kafka:2.3.1.2311011621" @@ -69,9 +69,9 @@ spec: - name: "KAFKA_ADVERTISED_LISTENERS" value: "EXTERNAL://_{HOSTNAME_COMMAND}:9092" - name: "KAFKA_INTER_BROKER_LISTENER_NAME" - value: "EXTERNAL" + value: "EXTERNAL" - name: "KAFKA_ZOOKEEPER_CONNECT" - value: "{{zookeeper_url}}" + value: "{{zookeeper_url}}" volumeMounts: - mountPath: /kafka name: "kafka-pvc" @@ -106,4 +106,4 @@ spec: volumeMounts: - mountPath: /kafka name: "kafka-pvc" - readOnly: true + readOnly: true diff --git a/nuvolaris/templates/redis-set.yaml b/nuvolaris/templates/redis-set.yaml index 731b4be6..d4bf217f 100644 --- a/nuvolaris/templates/redis-set.yaml +++ b/nuvolaris/templates/redis-set.yaml @@ -32,17 +32,17 @@ spec: name: redis app: redis annotations: - whisks.nuvolaris.org/annotate-version: "true" + whisks.nuvolaris.org/annotate-version: "true" spec: restartPolicy: Always {% if applypodsecurity %} securityContext: - fsGroup: 1001 - runAsUser: 1001 #default BITNAMI user + fsGroup: 1001 + runAsUser: 1001 #default BITNAMI user {% endif %} containers: - name: redis - image: bitnamisecure/valkey:latest + image: docker.io/bitnamilegacy/redis:8.2.1 command: ["/bin/sh","-c","redis-server /redis-master/redis.conf"] env: - name: MASTER