Skip to content

Standardize imagePullPolicy and imagePullSecrets behavior

Hossein Pursultani requested to merge 1617-standardized-image-pull into master

What does this MR do?

This MR is based on !2129 (merged) and should be merged after it.

This MR ensures that the following GitLab-maintained charts use the same logic to determine imagePullPolicy and imagePullSecrets:

  • charts/gitlab/*
  • charts/minio
  • charts/registry

NOTE: nginx-ingress is excluded.

Based on this logic:

  1. the chart-local imagePullPolicy is used first;
  2. if the chart-local value is missing then the global imagePullPolicy is used;
  3. and if that one is missing as well then the imagePullPolicy attribute is omitted (not rendered in the template).

Since different values are used for different images and containers, the definition of "local" vs. "global" needs clarification. For most images the X.image is the local and global.image is the global image config. But there are some exceptions. The following table explains them:

Case Global Local
busybox image, e.g. for configure initContainer global.busybox.image X.init.image
dependencies initContainer (generally uses default container image) same as default container image: global.image same as default container image X.image
certificates initContainer global.image global.certificates.image
kubectl image for Jobs global.image global.kubectl.image
self-signed certificate Job global.image global.selfsign.image
any other container global.image X.image

This MR lays the ground work for introducing standardized image name which will be done as a follow-up.

Known limitation: imagePullPolicy ignores the configuration of initContainers.

Related issues

Related to #1617 (closed)

Closes #2796 (closed)

Closes #2673 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

  • Merge Request Title and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Tests added
  • Integration tests added to GitLab QA
  • Equivalent MR/issue for omnibus-gitlab opened
Edited by Hossein Pursultani

Merge request reports