From 4df11ead1e03cb6142cb7adbc620a96fe4f7d400 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Laurent=20Gourv=C3=A9nec?= Date: Fri, 13 Dec 2024 14:06:56 +0100 Subject: [PATCH] feat(pods): change image pull policy from Always to IfNotPresent Otherwise, we have a SPOF with the image registry used --- components/hydra-oidc/resources/hydra-oidc-deployment.yaml | 4 ++-- components/hydra-sql/resources/hydra-sql-deployment.yaml | 4 ++-- .../resources/hydra-dispatcher-deployment.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml index 022806e..61e85c6 100644 --- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml +++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml @@ -19,7 +19,7 @@ spec: containers: - name: hydra-oidc-php-fpm image: reg.cadoles.com/cadoles/hydra-oidc-base:2024.4.2-develop.1349.c4711f6 - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: exec: @@ -53,7 +53,7 @@ spec: - name: hydra-oidc-caddy image: reg.cadoles.com/cadoles/hydra-oidc-base:2024.4.2-develop.1349.c4711f6 - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: [ "/usr/sbin/caddy", diff --git a/components/hydra-sql/resources/hydra-sql-deployment.yaml b/components/hydra-sql/resources/hydra-sql-deployment.yaml index bf688de..c661298 100644 --- a/components/hydra-sql/resources/hydra-sql-deployment.yaml +++ b/components/hydra-sql/resources/hydra-sql-deployment.yaml @@ -22,7 +22,7 @@ spec: containers: - name: hydra-sql-fpm image: reg.cadoles.com/cadoles/hydra-sql-base:2024.11.6-develop.1113.075be9b - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: ["/usr/sbin/php-fpm81", "-F", "-e"] readinessProbe: exec: @@ -69,7 +69,7 @@ spec: - name: hydra-sql-caddy image: reg.cadoles.com/cadoles/hydra-sql-base:2024.11.6-develop.1113.075be9b - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: ["/usr/sbin/caddy", "run", "--adapter", "caddyfile", "--config", "/etc/caddy/Caddyfile"] readinessProbe: httpGet: diff --git a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml index 5006247..c730f23 100644 --- a/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml +++ b/resources/hydra-dispatcher/resources/hydra-dispatcher-deployment.yaml @@ -61,7 +61,7 @@ spec: runAsUser: 1000 - name: hydra-dispatcher-caddy image: reg.cadoles.com/cadoles/hydra-dispatcher-base:2024.9.24-develop.1122.f88a5eb - imagePullPolicy: Always + imagePullPolicy: IfNotPresent args: [ "/usr/sbin/caddy",