From 21f25580bbb3a36269b8fa077b6019afc31e8e24 Mon Sep 17 00:00:00 2001 From: nicktrn <55853254+nicktrn@users.noreply.github.com> Date: Tue, 30 Sep 2025 12:31:56 +0100 Subject: [PATCH 1/5] chore(docker): use bitnami legacy repo --- docker/dev-compose.yml | 2 +- docker/docker-compose.yml | 2 +- hosting/docker/webapp/docker-compose.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docker/dev-compose.yml b/docker/dev-compose.yml index ff3a7d9b24..dd39ae7d8a 100644 --- a/docker/dev-compose.yml +++ b/docker/dev-compose.yml @@ -48,7 +48,7 @@ services: - db clickhouse: - image: bitnami/clickhouse:latest + image: bitnamilegacy/clickhouse:latest container_name: clickhouse-dev environment: CLICKHOUSE_ADMIN_USER: default diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 9a0b97569c..7d5a81e30f 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -76,7 +76,7 @@ services: - database clickhouse: - image: bitnami/clickhouse:latest + image: bitnamilegacy/clickhouse:latest restart: always container_name: clickhouse environment: diff --git a/hosting/docker/webapp/docker-compose.yml b/hosting/docker/webapp/docker-compose.yml index 03aec05a6c..74331bbc9d 100644 --- a/hosting/docker/webapp/docker-compose.yml +++ b/hosting/docker/webapp/docker-compose.yml @@ -139,7 +139,7 @@ services: start_period: 10s clickhouse: - image: bitnami/clickhouse:${CLICKHOUSE_IMAGE_TAG:-latest} + image: bitnamilegacy/clickhouse:${CLICKHOUSE_IMAGE_TAG:-latest} restart: ${RESTART_POLICY:-unless-stopped} logging: *logging-config ports: @@ -183,7 +183,7 @@ services: start_period: 10s minio: - image: bitnami/minio:${MINIO_IMAGE_TAG:-latest} + image: bitnamilegacy/minio:${MINIO_IMAGE_TAG:-latest} restart: ${RESTART_POLICY:-unless-stopped} logging: *logging-config ports: From c588f7ee033a415ebb07145cd404463c5bd1699b Mon Sep 17 00:00:00 2001 From: nicktrn <55853254+nicktrn@users.noreply.github.com> Date: Tue, 30 Sep 2025 14:01:15 +0100 Subject: [PATCH 2/5] chore(helm): use bitnami legacy repo --- hosting/k8s/helm/templates/webapp.yaml | 2 +- hosting/k8s/helm/values.yaml | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/hosting/k8s/helm/templates/webapp.yaml b/hosting/k8s/helm/templates/webapp.yaml index f9f59c363f..f9e52f6599 100644 --- a/hosting/k8s/helm/templates/webapp.yaml +++ b/hosting/k8s/helm/templates/webapp.yaml @@ -77,7 +77,7 @@ spec: mountPath: /home/node/shared containers: - name: token-syncer - image: bitnami/kubectl:1.28 + image: bitnamilegacy/kubectl:1.28 securityContext: runAsUser: 1000 runAsNonRoot: true diff --git a/hosting/k8s/helm/values.yaml b/hosting/k8s/helm/values.yaml index 5f8fdaf046..a7cf434330 100644 --- a/hosting/k8s/helm/values.yaml +++ b/hosting/k8s/helm/values.yaml @@ -2,6 +2,9 @@ global: imageRegistry: "" imagePullSecrets: [] storageClass: "" + security: + # Required when using bitnami legacy images + allowInsecureImages: true nameOverride: "" fullnameOverride: "" @@ -359,6 +362,11 @@ supervisor: postgres: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/postgresql + # image: docker.io/bitnamilegacy/postgresql:17.5.0-debian-12-r12 + # Bitnami PostgreSQL chart configuration (when deploy: true) auth: enablePostgresUser: true @@ -409,6 +417,11 @@ postgres: redis: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/redis + # image: docker.io/bitnamilegacy/redis:8.0.2-debian-12-r4 + # Bitnami Redis chart configuration (when deploy: true) auth: enabled: false @@ -499,6 +512,11 @@ electric: clickhouse: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/clickhouse + # image: docker.io/bitnamilegacy/clickhouse:25.6.1-debian-12-r0 + # TLS/Secure connection configuration secure: false # Set to true to use HTTPS and secure connections @@ -561,6 +579,11 @@ s3: # Set to true to deploy internal MinIO (default) deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/minio + # image: docker.io/bitnamilegacy/minio:2025.6.13-debian-12-r0 + # Bitnami MinIO chart configuration (when deploy: true) # MinIO provides S3-compatible storage when deployed internally auth: From c3789e1eaef1b8eff7554db8213330688c816413 Mon Sep 17 00:00:00 2001 From: LeoKaynan Date: Tue, 30 Sep 2025 09:24:43 -0300 Subject: [PATCH 3/5] Make Helm webapp chart images configurable Adds configurability for init and token syncer container images through new values in the Helm chart configuration --- hosting/k8s/helm/Chart.yaml | 2 +- hosting/k8s/helm/templates/webapp.yaml | 6 ++++-- hosting/k8s/helm/values.yaml | 14 ++++++++++++++ 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/hosting/k8s/helm/Chart.yaml b/hosting/k8s/helm/Chart.yaml index 42d962130f..f88378829b 100644 --- a/hosting/k8s/helm/Chart.yaml +++ b/hosting/k8s/helm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: trigger description: The official Trigger.dev Helm chart type: application -version: 4.0.1 +version: 4.0.2 appVersion: v4.0.4 home: https://trigger.dev sources: diff --git a/hosting/k8s/helm/templates/webapp.yaml b/hosting/k8s/helm/templates/webapp.yaml index f9e52f6599..974da80a82 100644 --- a/hosting/k8s/helm/templates/webapp.yaml +++ b/hosting/k8s/helm/templates/webapp.yaml @@ -68,7 +68,8 @@ spec: {{- end }} initContainers: - name: init-shared - image: busybox:1.35 + image: "{{ .Values.webapp.initImage.registry }}/{{ .Values.webapp.initImage.repository }}:{{ .Values.webapp.initImage.tag }}" + imagePullPolicy: {{ .Values.webapp.initImage.pullPolicy }} command: ['sh', '-c', 'mkdir -p /home/node/shared'] securityContext: runAsUser: 1000 @@ -77,7 +78,8 @@ spec: mountPath: /home/node/shared containers: - name: token-syncer - image: bitnamilegacy/kubectl:1.28 + image: "{{ .Values.webapp.tokenSyncerImage.registry }}/{{ .Values.webapp.tokenSyncerImage.repository }}:{{ .Values.webapp.tokenSyncerImage.tag }}" + imagePullPolicy: {{ .Values.webapp.tokenSyncerImage.pullPolicy }} securityContext: runAsUser: 1000 runAsNonRoot: true diff --git a/hosting/k8s/helm/values.yaml b/hosting/k8s/helm/values.yaml index a7cf434330..81ab0309bd 100644 --- a/hosting/k8s/helm/values.yaml +++ b/hosting/k8s/helm/values.yaml @@ -48,6 +48,20 @@ webapp: tag: "" # Defaults to Chart.appVersion when empty pullPolicy: IfNotPresent + # Init container image configuration + initImage: + registry: docker.io + repository: busybox + tag: "1.35" + pullPolicy: IfNotPresent + + # Token syncer image configuration + tokenSyncerImage: + registry: docker.io + repository: bitnamilegacy/kubectl + tag: "1.28" + pullPolicy: IfNotPresent + # Origin configuration appOrigin: "http://localhost:3040" loginOrigin: "http://localhost:3040" From 0be49faaff01385dfe4929fce3fb03a68be242a1 Mon Sep 17 00:00:00 2001 From: nicktrn <55853254+nicktrn@users.noreply.github.com> Date: Tue, 30 Sep 2025 15:33:20 +0100 Subject: [PATCH 4/5] chore(helm): refactor utility image config --- hosting/k8s/helm/templates/_helpers.tpl | 28 +++++++++++++++++++++++++ hosting/k8s/helm/templates/webapp.yaml | 10 ++++----- hosting/k8s/helm/values.yaml | 28 +++++++++++++------------ 3 files changed, 48 insertions(+), 18 deletions(-) diff --git a/hosting/k8s/helm/templates/_helpers.tpl b/hosting/k8s/helm/templates/_helpers.tpl index 6d2f5fdb57..cb148678c9 100644 --- a/hosting/k8s/helm/templates/_helpers.tpl +++ b/hosting/k8s/helm/templates/_helpers.tpl @@ -95,6 +95,34 @@ Get the full image name for supervisor {{- end }} {{- end }} +{{/* +Get the full image name for webapp volumePermissions init container +*/}} +{{- define "trigger-v4.webapp.volumePermissions.image" -}} +{{- $registry := .Values.global.imageRegistry | default .Values.webapp.volumePermissions.image.registry -}} +{{- $repository := .Values.webapp.volumePermissions.image.repository -}} +{{- $tag := .Values.webapp.volumePermissions.image.tag -}} +{{- if $registry }} +{{- printf "%s/%s:%s" $registry $repository $tag }} +{{- else }} +{{- printf "%s:%s" $repository $tag }} +{{- end }} +{{- end }} + +{{/* +Get the full image name for webapp tokenSyncer sidecar +*/}} +{{- define "trigger-v4.webapp.tokenSyncer.image" -}} +{{- $registry := .Values.global.imageRegistry | default .Values.webapp.tokenSyncer.image.registry -}} +{{- $repository := .Values.webapp.tokenSyncer.image.repository -}} +{{- $tag := .Values.webapp.tokenSyncer.image.tag -}} +{{- if $registry }} +{{- printf "%s/%s:%s" $registry $repository $tag }} +{{- else }} +{{- printf "%s:%s" $repository $tag }} +{{- end }} +{{- end }} + {{/* PostgreSQL hostname (deprecated - used only for legacy DATABASE_HOST env var) */}} diff --git a/hosting/k8s/helm/templates/webapp.yaml b/hosting/k8s/helm/templates/webapp.yaml index 974da80a82..49746e030c 100644 --- a/hosting/k8s/helm/templates/webapp.yaml +++ b/hosting/k8s/helm/templates/webapp.yaml @@ -67,9 +67,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} initContainers: - - name: init-shared - image: "{{ .Values.webapp.initImage.registry }}/{{ .Values.webapp.initImage.repository }}:{{ .Values.webapp.initImage.tag }}" - imagePullPolicy: {{ .Values.webapp.initImage.pullPolicy }} + - name: volume-permissions + image: {{ include "trigger-v4.webapp.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.webapp.volumePermissions.image.pullPolicy }} command: ['sh', '-c', 'mkdir -p /home/node/shared'] securityContext: runAsUser: 1000 @@ -78,8 +78,8 @@ spec: mountPath: /home/node/shared containers: - name: token-syncer - image: "{{ .Values.webapp.tokenSyncerImage.registry }}/{{ .Values.webapp.tokenSyncerImage.repository }}:{{ .Values.webapp.tokenSyncerImage.tag }}" - imagePullPolicy: {{ .Values.webapp.tokenSyncerImage.pullPolicy }} + image: {{ include "trigger-v4.webapp.tokenSyncer.image" . }} + imagePullPolicy: {{ .Values.webapp.tokenSyncer.image.pullPolicy }} securityContext: runAsUser: 1000 runAsNonRoot: true diff --git a/hosting/k8s/helm/values.yaml b/hosting/k8s/helm/values.yaml index 81ab0309bd..4cfb530dbd 100644 --- a/hosting/k8s/helm/values.yaml +++ b/hosting/k8s/helm/values.yaml @@ -48,19 +48,21 @@ webapp: tag: "" # Defaults to Chart.appVersion when empty pullPolicy: IfNotPresent - # Init container image configuration - initImage: - registry: docker.io - repository: busybox - tag: "1.35" - pullPolicy: IfNotPresent - - # Token syncer image configuration - tokenSyncerImage: - registry: docker.io - repository: bitnamilegacy/kubectl - tag: "1.28" - pullPolicy: IfNotPresent + # Init container for shared directory setup + volumePermissions: + image: + registry: docker.io + repository: busybox + tag: "1.35" + pullPolicy: IfNotPresent + + # Sidecar for token syncing + tokenSyncer: + image: + registry: docker.io + repository: bitnamilegacy/kubectl + tag: "1.28" + pullPolicy: IfNotPresent # Origin configuration appOrigin: "http://localhost:3040" From deef45a80ae74dd6fc3d1daa7a4565f3ee3ebc32 Mon Sep 17 00:00:00 2001 From: nicktrn <55853254+nicktrn@users.noreply.github.com> Date: Tue, 30 Sep 2025 15:36:33 +0100 Subject: [PATCH 5/5] chore(helm): bump chart version to 4.0.3 --- hosting/k8s/helm/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosting/k8s/helm/Chart.yaml b/hosting/k8s/helm/Chart.yaml index f88378829b..e74648bbff 100644 --- a/hosting/k8s/helm/Chart.yaml +++ b/hosting/k8s/helm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: trigger description: The official Trigger.dev Helm chart type: application -version: 4.0.2 +version: 4.0.3 appVersion: v4.0.4 home: https://trigger.dev sources: