diff --git a/docker/dev-compose.yml b/docker/dev-compose.yml index ff3a7d9b24..dd39ae7d8a 100644 --- a/docker/dev-compose.yml +++ b/docker/dev-compose.yml @@ -48,7 +48,7 @@ services: - db clickhouse: - image: bitnami/clickhouse:latest + image: bitnamilegacy/clickhouse:latest container_name: clickhouse-dev environment: CLICKHOUSE_ADMIN_USER: default diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 9a0b97569c..7d5a81e30f 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -76,7 +76,7 @@ services: - database clickhouse: - image: bitnami/clickhouse:latest + image: bitnamilegacy/clickhouse:latest restart: always container_name: clickhouse environment: diff --git a/hosting/docker/webapp/docker-compose.yml b/hosting/docker/webapp/docker-compose.yml index 03aec05a6c..74331bbc9d 100644 --- a/hosting/docker/webapp/docker-compose.yml +++ b/hosting/docker/webapp/docker-compose.yml @@ -139,7 +139,7 @@ services: start_period: 10s clickhouse: - image: bitnami/clickhouse:${CLICKHOUSE_IMAGE_TAG:-latest} + image: bitnamilegacy/clickhouse:${CLICKHOUSE_IMAGE_TAG:-latest} restart: ${RESTART_POLICY:-unless-stopped} logging: *logging-config ports: @@ -183,7 +183,7 @@ services: start_period: 10s minio: - image: bitnami/minio:${MINIO_IMAGE_TAG:-latest} + image: bitnamilegacy/minio:${MINIO_IMAGE_TAG:-latest} restart: ${RESTART_POLICY:-unless-stopped} logging: *logging-config ports: diff --git a/hosting/k8s/helm/Chart.yaml b/hosting/k8s/helm/Chart.yaml index f88378829b..e74648bbff 100644 --- a/hosting/k8s/helm/Chart.yaml +++ b/hosting/k8s/helm/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: trigger description: The official Trigger.dev Helm chart type: application -version: 4.0.2 +version: 4.0.3 appVersion: v4.0.4 home: https://trigger.dev sources: diff --git a/hosting/k8s/helm/templates/_helpers.tpl b/hosting/k8s/helm/templates/_helpers.tpl index 6d2f5fdb57..cb148678c9 100644 --- a/hosting/k8s/helm/templates/_helpers.tpl +++ b/hosting/k8s/helm/templates/_helpers.tpl @@ -95,6 +95,34 @@ Get the full image name for supervisor {{- end }} {{- end }} +{{/* +Get the full image name for webapp volumePermissions init container +*/}} +{{- define "trigger-v4.webapp.volumePermissions.image" -}} +{{- $registry := .Values.global.imageRegistry | default .Values.webapp.volumePermissions.image.registry -}} +{{- $repository := .Values.webapp.volumePermissions.image.repository -}} +{{- $tag := .Values.webapp.volumePermissions.image.tag -}} +{{- if $registry }} +{{- printf "%s/%s:%s" $registry $repository $tag }} +{{- else }} +{{- printf "%s:%s" $repository $tag }} +{{- end }} +{{- end }} + +{{/* +Get the full image name for webapp tokenSyncer sidecar +*/}} +{{- define "trigger-v4.webapp.tokenSyncer.image" -}} +{{- $registry := .Values.global.imageRegistry | default .Values.webapp.tokenSyncer.image.registry -}} +{{- $repository := .Values.webapp.tokenSyncer.image.repository -}} +{{- $tag := .Values.webapp.tokenSyncer.image.tag -}} +{{- if $registry }} +{{- printf "%s/%s:%s" $registry $repository $tag }} +{{- else }} +{{- printf "%s:%s" $repository $tag }} +{{- end }} +{{- end }} + {{/* PostgreSQL hostname (deprecated - used only for legacy DATABASE_HOST env var) */}} diff --git a/hosting/k8s/helm/templates/webapp.yaml b/hosting/k8s/helm/templates/webapp.yaml index 77bb915af8..779aeaa4d2 100644 --- a/hosting/k8s/helm/templates/webapp.yaml +++ b/hosting/k8s/helm/templates/webapp.yaml @@ -67,8 +67,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} initContainers: - - name: init-shared - image: busybox:1.35 + - name: volume-permissions + image: {{ include "trigger-v4.webapp.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.webapp.volumePermissions.image.pullPolicy }} command: ['sh', '-c', 'mkdir -p /home/node/shared'] securityContext: runAsUser: 1000 @@ -77,7 +78,8 @@ spec: mountPath: /home/node/shared containers: - name: token-syncer - image: bitnami/kubectl:1.28 + image: {{ include "trigger-v4.webapp.tokenSyncer.image" . }} + imagePullPolicy: {{ .Values.webapp.tokenSyncer.image.pullPolicy }} securityContext: runAsUser: 1000 runAsNonRoot: true diff --git a/hosting/k8s/helm/values.yaml b/hosting/k8s/helm/values.yaml index 257d199967..1a577e8ef4 100644 --- a/hosting/k8s/helm/values.yaml +++ b/hosting/k8s/helm/values.yaml @@ -2,6 +2,9 @@ global: imageRegistry: "" imagePullSecrets: [] storageClass: "" + security: + # Required when using bitnami legacy images + allowInsecureImages: true nameOverride: "" fullnameOverride: "" @@ -45,6 +48,22 @@ webapp: tag: "" # Defaults to Chart.appVersion when empty pullPolicy: IfNotPresent + # Init container for shared directory setup + volumePermissions: + image: + registry: docker.io + repository: busybox + tag: "1.35" + pullPolicy: IfNotPresent + + # Sidecar for token syncing + tokenSyncer: + image: + registry: docker.io + repository: bitnamilegacy/kubectl + tag: "1.28" + pullPolicy: IfNotPresent + # Origin configuration appOrigin: "http://localhost:3040" loginOrigin: "http://localhost:3040" @@ -361,6 +380,11 @@ supervisor: postgres: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/postgresql + # image: docker.io/bitnamilegacy/postgresql:17.5.0-debian-12-r12 + # Bitnami PostgreSQL chart configuration (when deploy: true) auth: enablePostgresUser: true @@ -411,6 +435,11 @@ postgres: redis: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/redis + # image: docker.io/bitnamilegacy/redis:8.0.2-debian-12-r4 + # Bitnami Redis chart configuration (when deploy: true) auth: enabled: false @@ -501,6 +530,11 @@ electric: clickhouse: deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/clickhouse + # image: docker.io/bitnamilegacy/clickhouse:25.6.1-debian-12-r0 + # TLS/Secure connection configuration secure: false # Set to true to use HTTPS and secure connections @@ -563,6 +597,11 @@ s3: # Set to true to deploy internal MinIO (default) deploy: true + image: + # Use bitnami legacy repo + repository: bitnamilegacy/minio + # image: docker.io/bitnamilegacy/minio:2025.6.13-debian-12-r0 + # Bitnami MinIO chart configuration (when deploy: true) # MinIO provides S3-compatible storage when deployed internally auth: