From 8dd9e1a98dbb438332d795b96448a4feba001654 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 1 Jun 2024 12:04:18 +0000 Subject: [PATCH 01/11] chore(deps): update postgresql docker tag to v15.5.0 --- apps/mlflow/kustomization.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/mlflow/kustomization.yaml b/apps/mlflow/kustomization.yaml index 4401792..8779cff 100644 --- a/apps/mlflow/kustomization.yaml +++ b/apps/mlflow/kustomization.yaml @@ -18,7 +18,7 @@ generators: helmCharts: - name: postgresql releaseName: postgresql - version: 15.4.2 + version: 15.5.0 repo: oci://registry-1.docker.io/bitnamicharts namespace: mlflow valuesInline: From a50e76e82eefe809a70ae2e8c58d9e473cf2ba93 Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:06:19 +0000 Subject: [PATCH 02/11] Add digests to gitea restic containers --- apps/gitea/restic/cronjob.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/gitea/restic/cronjob.yaml b/apps/gitea/restic/cronjob.yaml index 7ab102c..7a688ee 100644 --- a/apps/gitea/restic/cronjob.yaml +++ b/apps/gitea/restic/cronjob.yaml @@ -26,7 +26,7 @@ spec: initContainers: - name: postgres-dump-init - image: bitnami/postgresql:15.3.0-debian-11-r24 + image: bitnami/postgresql:15.3.0-debian-11-r24@sha256:fff6086d557d962422c6d751b6723877642170bbcc25d6f23e5c2c2f079987d5 command: ["/bin/sh", "-c"] args: ["pg_dump -h gitea-postgresql -p 5432 -U gitea gitea -Fc > /backup/postgres_backup.dump"] env: @@ -41,7 +41,7 @@ spec: containers: - name: restic-container - image: git.namesny.com/cluster/restic:latest + image: git.namesny.com/cluster/restic:latest@sha256:8efb9776d9b3250012d17bbfff865420e5ffa0688010d006448c4ff358b0ee32 imagePullPolicy: Always command: ["/bin/sh", "/app/backup.sh"] envFrom: From b183b3e6d5c13d5ffdb360affb11dd1430ab7f31 Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:07:34 +0000 Subject: [PATCH 03/11] Specify digest for website container --- apps/namesny-com/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/namesny-com/deployment.yaml b/apps/namesny-com/deployment.yaml index 52b442e..8f83264 100755 --- a/apps/namesny-com/deployment.yaml +++ b/apps/namesny-com/deployment.yaml @@ -19,6 +19,6 @@ spec: - name: gitea-regcred containers: - name: namesny-com - image: git.namesny.com/mathis/namesny-com:2024-04-22 + image: git.namesny.com/mathis/namesny-com:2024-04-22@sha256:df51fff0dcc4e252b13f3c61debf2b3e2335e4c8e2d7441174457d9e7709a6ea ports: - containerPort: 80 From 896ca8ba8dbf435a1e90ec5d6c7b519b13259f5b Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:09:35 +0000 Subject: [PATCH 04/11] Pin minio docker container --- apps/mlflow/minio-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/mlflow/minio-deployment.yaml b/apps/mlflow/minio-deployment.yaml index 1e076c2..b03c0b0 100644 --- a/apps/mlflow/minio-deployment.yaml +++ b/apps/mlflow/minio-deployment.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: minio - image: quay.io/minio/minio:RELEASE.2023-12-09T18-17-51Z + image: quay.io/minio/minio:RELEASE.2023-12-09T18-17-51Z@sha256:a9cec9ed5bda5b4e1b2153823e01b309965b9de7ed6eb7f098d45592eecdfc78 command: - /bin/bash - -c From 7e9124599bfa3136d346f6b2cc462a276eea730f Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:11:41 +0000 Subject: [PATCH 05/11] Pin mlflow docker image --- apps/mlflow/mlflow-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/mlflow/mlflow-deployment.yaml b/apps/mlflow/mlflow-deployment.yaml index 368c5e2..aa2ced5 100644 --- a/apps/mlflow/mlflow-deployment.yaml +++ b/apps/mlflow/mlflow-deployment.yaml @@ -31,7 +31,7 @@ spec: - secretRef: name: minio-user-secret - name: init-db-upgrade - image: git.namesny.com/cluster/mlflow:latest + image: git.namesny.com/cluster/mlflow:latest@sha256:9d935268bc318d6cadbfe8d480744ce898cdfb906be5ba7125ab87c555894798 envFrom: - secretRef: name: mlflow-secret @@ -41,7 +41,7 @@ spec: exit 0; containers: - name: mlflow - image: git.namesny.com/cluster/mlflow:latest + image: git.namesny.com/cluster/mlflow:latest@sha256:9d935268bc318d6cadbfe8d480744ce898cdfb906be5ba7125ab87c555894798 imagePullPolicy: Always args: - --host=0.0.0.0 From de3bfb97d2585d3b8f1c73375ae2892effe2a279 Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:15:40 +0000 Subject: [PATCH 06/11] Pin dev container --- apps/dev-container/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/dev-container/deployment.yaml b/apps/dev-container/deployment.yaml index 5d52985..45397c3 100755 --- a/apps/dev-container/deployment.yaml +++ b/apps/dev-container/deployment.yaml @@ -19,7 +19,7 @@ spec: fsGroup: 1000 containers: - name: dev-container - image: git.namesny.com/mathis/dev-container:2024-04-25 + image: git.namesny.com/mathis/dev-container:2024-04-25@sha256:54e0a338fec52e4f124bb8b9030892bbb85b61717f237107377a2ad1d1db567c imagePullPolicy: Always ports: - containerPort: 7681 From 6edf5aab7938df3f8940c4b7aab5ba885736930e Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:18:24 +0000 Subject: [PATCH 07/11] Pin k9s --- infra/k9s/deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/k9s/deployment.yaml b/infra/k9s/deployment.yaml index 6987d25..9e73606 100755 --- a/infra/k9s/deployment.yaml +++ b/infra/k9s/deployment.yaml @@ -18,6 +18,6 @@ spec: serviceAccountName: k9s-sa containers: - name: k9s - image: ghcr.io/lordmathis/k9s-web:latest + image: ghcr.io/lordmathis/k9s-web:latest@sha256:d3dbde4715750509bbad451a2b4dbe40d1d91fefc25e3bc3fc9b48a5d5f733e5 ports: - containerPort: 7681 From a1a60b80255a4a2806871ceca94f8d217b2f4aff Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:21:25 +0000 Subject: [PATCH 08/11] Add kubernetes dependecies to renovate --- renovate.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/renovate.json b/renovate.json index 9778c8e..919738f 100644 --- a/renovate.json +++ b/renovate.json @@ -14,5 +14,8 @@ }, "digest": { "automerge": true + }, + "kubernetes": { + "fileMatch": ["\\.yaml$"] } } \ No newline at end of file From 8cccb33a3bf40862187e463b4bda8d32f625e740 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 3 Jun 2024 13:22:34 +0000 Subject: [PATCH 09/11] chore(deps): update busybox docker tag to v1.36 --- apps/gitea/runner-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/gitea/runner-deployment.yaml b/apps/gitea/runner-deployment.yaml index 63abeb0..4ed4146 100755 --- a/apps/gitea/runner-deployment.yaml +++ b/apps/gitea/runner-deployment.yaml @@ -26,7 +26,7 @@ spec: fsGroup: 1001 initContainers: - name: wait-for-gitea - image: busybox:1.28 + image: busybox:1.36@sha256:5eef5ed34e1e1ff0a4ae850395cbf665c4de6b4b83a32a0bc7bcb998e24e7bbb command: ['sh', '-c', "until wget https://git.namesny.com 2>/dev/null; do echo waiting for gitea; sleep 2; done"] containers: - name: runner From f276565224e9a9a805fd85daaa8e94a0ffad19d3 Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:34:16 +0000 Subject: [PATCH 10/11] Pin code server --- apps/code-server/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/code-server/deployment.yaml b/apps/code-server/deployment.yaml index b71c554..af822c0 100644 --- a/apps/code-server/deployment.yaml +++ b/apps/code-server/deployment.yaml @@ -17,7 +17,7 @@ spec: spec: initContainers: - name: init-chmod-data - image: busybox:1.36 + image: busybox:1.36@sha256:5eef5ed34e1e1ff0a4ae850395cbf665c4de6b4b83a32a0bc7bcb998e24e7bbb imagePullPolicy: IfNotPresent command: - sh @@ -30,7 +30,7 @@ spec: - name: data mountPath: /home/coder containers: - - image: codercom/code-server:4.20.0 + - image: codercom/code-server:4.89.1-ubuntu@sha256:d7faf97bc59933b398d5df5c5aec786637a9e40ae8c842bb8d23ca20e0946739 imagePullPolicy: IfNotPresent name: code-server args: From 669d69aa2e63d99b27debd798f032bfce37cabd0 Mon Sep 17 00:00:00 2001 From: Mathis Date: Mon, 3 Jun 2024 13:48:24 +0000 Subject: [PATCH 11/11] Pin gitea postgres dependecy --- apps/gitea/gitea-values.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/apps/gitea/gitea-values.yaml b/apps/gitea/gitea-values.yaml index f91d7f3..6d9faa8 100755 --- a/apps/gitea/gitea-values.yaml +++ b/apps/gitea/gitea-values.yaml @@ -5,7 +5,10 @@ postgresql-ha: postgresql: enabled: true image: - tag: 15.3.0-debian-11-r24 + registry: docker.io + repository: bitnami/postgresql + tag: 15.3.0-debian-11-r24 + digest: sha256:fff6086d557d962422c6d751b6723877642170bbcc25d6f23e5c2c2f079987d5 primary: persistence: storageClass: retain-local-path