Standardize imagePullPolicy and imagePullSecrets behavior
What does this MR do?
This MR is based on !2129 (merged) and should be merged after it.
This MR ensures that the following GitLab-maintained charts use the same logic to determine imagePullPolicy
and imagePullSecrets
:
charts/gitlab/*
charts/minio
charts/registry
NOTE: nginx-ingress
is excluded.
Based on this logic:
- the chart-local
imagePullPolicy
is used first; - if the chart-local value is missing then the global
imagePullPolicy
is used; - and if that one is missing as well then the
imagePullPolicy
attribute is omitted (not rendered in the template).
Since different values are used for different images and containers, the definition of "local" vs. "global" needs clarification. For most images the X.image
is the local and global.image
is the global image config. But there are some exceptions. The following table explains them:
Case | Global | Local |
---|---|---|
busybox image, e.g. for configure initContainer
|
global.busybox.image |
X.init.image |
dependencies initContainer (generally uses default container image) |
same as default container image: global.image
|
same as default container image X.image
|
certificates initContainer
|
global.image |
global.certificates.image |
kubectl image for Jobs |
global.image |
global.kubectl.image |
self-signed certificate Job | global.image |
global.selfsign.image |
any other container | global.image |
X.image |
This MR lays the ground work for introducing standardized image name which will be done as a follow-up.
Known limitation: imagePullPolicy
ignores the configuration of initContainers
.
Related issues
Related to #1617 (closed)
Closes #2796 (closed)
Closes #2673 (closed)
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion.
Required
-
Merge Request Title and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA -
Equivalent MR/issue for omnibus-gitlab opened