chore(deps): update docker/build-push-action digest to 9e436ba

Update authentik-server.ts
remove istio and cert manager auto install
2026-02-08 01:36:28 +01:00 · 2025-12-31 14:07:31 +00:00 · 2025-12-22 21:10:49 +01:00 · 2025-12-22 20:56:22 +01:00 · 2025-10-13 21:33:24 +00:00 · 2025-10-13 21:15:10 +00:00
13 changed files with 51 additions and 40 deletions
--- a/.github/workflows/publish-backup-tag.yml
+++ b/.github/workflows/publish-backup-tag.yml
@@ -50,7 +50,7 @@ jobs:

      - name: Build and push Docker image
        id: push
-        uses: docker/build-push-action@cb8fc7586f9ad9441b20c33e0f6e8b1b58d8b4c6
+        uses: docker/build-push-action@9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d
        with:
          context: ./images/backup
          push: true
--- a/.github/workflows/publish-tag.yml
+++ b/.github/workflows/publish-tag.yml
@@ -50,7 +50,7 @@ jobs:

      - name: Build and push Docker image
        id: push
-        uses: docker/build-push-action@cb8fc7586f9ad9441b20c33e0f6e8b1b58d8b4c6
+        uses: docker/build-push-action@9e436ba9f2d7bcd1d038c8e55d039d37896ddc5d
        with:
          context: ./images/operator
          push: true
--- a/charts/operator/templates/clusterrolebinding.yaml
+++ b/charts/operator/templates/clusterrolebinding.yaml
@@ -1,12 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: {{ include "homelab-operator.fullname" . }}
+  name: '{{ include "homelab-operator.fullname" . }}'
 subjects:
  - kind: ServiceAccount
-  name: {{ include "homelab-operator.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
+    name: '{{ include "homelab-operator.serviceAccountName" . }}'
+    namespace: "{{ .Release.Namespace }}"
 roleRef:
  kind: ClusterRole
-  name: {{ include "homelab-operator.fullname" . }}
+  name: '{{ include "homelab-operator.fullname" . }}'
  apiGroup: rbac.authorization.k8s.io
--- a/charts/operator/templates/deployment.yaml
+++ b/charts/operator/templates/deployment.yaml
@@ -2,6 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "homelab-operator.fullname" . }}
+  namespace: "{{ .Release.Namespace }}"
  labels:
    {{- include "homelab-operator.labels" . | nindent 4 }}
 spec:
--- a/charts/operator/templates/serviceaccount.yaml
+++ b/charts/operator/templates/serviceaccount.yaml
@@ -3,6 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "homelab-operator.serviceAccountName" . }}
+  namespace: "{{ .Release.Namespace }}"
  labels:
    {{- include "homelab-operator.labels" . | nindent 4 }}
  {{- with .Values.serviceAccount.annotations }}
--- a/images/operator/Dockerfile
+++ b/images/operator/Dockerfile
@@ -1,6 +1,8 @@
 FROM node:23-slim@sha256:86191b94d2a163be41f3dc7fe5e5fcaca8ba2f1be7275d98a06343483c17414a
 RUN corepack enable
+WORKDIR /app
 COPY package.json pnpm-lock.yaml ./
+COPY patches ./patches
 RUN pnpm install --frozen-lockfile --prod
 COPY . .
 CMD ["node", "src/index.ts"]
--- a/images/operator/package.json
+++ b/images/operator/package.json
@@ -49,7 +49,7 @@
      "sqlite3"
    ],
    "patchedDependencies": {
-      "@kubernetes/client-node": "patches/@kubernetes__client-node.patch"
+      "@kubernetes/client-node": "./patches/@kubernetes__client-node.patch"
    }
  },
  "scripts": {
--- a/images/operator/src/bootstrap/bootstrap.ts
+++ b/images/operator/src/bootstrap/bootstrap.ts
@@ -32,7 +32,7 @@ class BootstrapService {
  public ensure = async () => {
    await this.namespaces.ensure();
    await this.repos.ensure();
-    await this.releases.ensure();
+    // await this.releases.ensure();
    await this.cloudflareTunnel.ensure({
      spec: {},
    });
--- a/images/operator/src/resources/homelab/authentik-server/authentik-server.ts
+++ b/images/operator/src/resources/homelab/authentik-server/authentik-server.ts
@@ -168,7 +168,7 @@ class AuthentikServer extends CustomResource<typeof specSchema> {
        chart: {
          spec: {
            chart: 'authentik',
-            version: '2025.6.4',
+            version: '2025.10.3',
            sourceRef: {
              apiVersion: 'source.toolkit.fluxcd.io/v1',
              kind: 'HelmRepository',
--- a/images/operator/src/resources/homelab/oidc-client/oidc-client.ts
+++ b/images/operator/src/resources/homelab/oidc-client/oidc-client.ts
@@ -79,7 +79,7 @@ class OIDCClient extends CustomResource<typeof specSchema> {
      clientId: this.name,
      configuration: new URL(`/application/o/${this.appName}/.well-known/openid-configuration`, url).toString(),
      configurationIssuer: new URL(`/application/o/${this.appName}/`, url).toString(),
-      authorization: new URL(`/application/o/${this.appName}/authorize/`, url).toString(),
+      authorization: new URL(`/application/o/authorize/`, url).toString(),
      token: new URL(`/application/o/${this.appName}/token/`, url).toString(),
      userinfo: new URL(`/application/o/${this.appName}/userinfo/`, url).toString(),
      endSession: new URL(`/application/o/${this.appName}/end-session/`, url).toString(),
--- a/images/operator/src/resources/homelab/postgres-cluster/postgres-cluster.ts
+++ b/images/operator/src/resources/homelab/postgres-cluster/postgres-cluster.ts
@@ -108,7 +108,7 @@ class PostgresCluster extends CustomResource<typeof specSchema> {
            containers: [
              {
                name: this.name,
-                image: 'postgres:17',
+                image: 'pgvector/pgvector:pg17-trixie',
                ports: [{ containerPort: 5432, name: 'postgres' }],
                env: [
                  { name: 'POSTGRES_PASSWORD', valueFrom: { secretKeyRef: { name: secretName, key: 'password' } } },
--- a/renovate.json5
+++ b/renovate.json5
@@ -1,28 +1,35 @@
 {
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": [
-    "config:base"
+  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
+  extends: [
+    'config:recommended',
  ],
-  "packageRules": [
+  packageRules: [
    {
-      "groupName": "Docker images",
-      "groupSlug": "dockerimages",
-      "matchDatasources": ["docker"],
-      "pinDigests": true
-    }
+      groupName: 'Docker images',
+      groupSlug: 'dockerimages',
+      matchDatasources: [
+        'docker',
      ],
-  "helm-values": {
-    "fileMatch": ["^charts/.*/values\\.yaml$"]
+      pinDigests: true,
+    },
+  ],
+  'helm-values': {
+    managerFilePatterns: [
+      '/^charts/.*/values\\.yaml$/',
+    ],
+  },
+  customManagers: [
+    {
+      customType: 'regex',
+      managerFilePatterns: [
+        '/^charts/.*/values\\.yaml$/',
+      ],
+      matchStrings: [
+        "repository:s*'(?<depName>.*?)'\ns*tag:s*'(?<currentValue>.*?)'",
+        'repository:s*"(?<depName>.*?)"\ns*tag:s*"(?<currentValue>.*?)"',
+        'repository:s*(?<depName>.*?)\ns*tag:s*(?<currentValue>.*)',
+      ],
+      datasourceTemplate: 'docker',
    },
-  "regexManagers": [
-    {
-      "fileMatch": ["^charts/.*/values\\.yaml$"],
-      "matchStrings": [
-        "repository:\s*'(?<depName>.*?)'\n\s*tag:\s*'(?<currentValue>.*?)'",
-        "repository:\s*\"(?<depName>.*?)\"\n\s*tag:\s*\"(?<currentValue>.*?)\"",
-        "repository:\s*(?<depName>.*?)\n\s*tag:\s*(?<currentValue>.*)"
  ],
-      "datasourceTemplate": "docker"
-    }
-  ]
 }
--- a/skaffold.yaml
+++ b/skaffold.yaml
@@ -4,10 +4,9 @@ metadata:
  name: homelab-operator

 build:
-  cluster: {}
  artifacts:
-    - image: homelaboperator
-      context: .
+    - image: zot.olsen.cloud/homelaboperator
+      context: ./images/operator
      docker:
        dockerfile: Dockerfile

@@ -16,9 +15,10 @@ manifests:
    releases:
      - name: homelab-operator
        chartPath: charts/operator
+        namespace: homelab
        setValueTemplates:
-          image.repository: '{{.IMAGE_REPO_homelaboperator}}'
-          image.tag: '{{.IMAGE_TAG_homelaboperator}}'
+          image.repository: "zot.local/homelaboperator"
+          image.tag: "{{.IMAGE_TAG_zot_olsen_cloud_homelaboperator}}"

 deploy:
  # Use kubectl to apply the manifests.
Author	SHA1	Message	Date
renovate[bot]	7d430ffd25	chore(deps): update docker/build-push-action digest to 9e436ba	2025-12-31 14:07:31 +00:00
Morten Olsen	0793d30222	Update authentik-server.ts	2025-12-22 21:10:49 +01:00
Morten Olsen	c7f309cd23	remove istio and cert manager auto install	2025-12-22 20:56:22 +01:00
Morten Olsen	dc7d46d53c	fix: oidc auth url (#63 )	2025-10-13 21:33:24 +00:00
Morten Olsen	3ae89e81bd	fix: pgvector image name (#62 )	2025-10-13 21:15:10 +00:00
Morten Olsen	bc67429cd2	move to pgvector (#61 )	2025-10-13 23:00:54 +02:00
Morten Olsen	af2aae493e	Fix/docker (#60 )	2025-10-13 22:35:40 +02:00
Morten Olsen	2af701b518	chore(config): migrate renovate config (#51 ) The Renovate config in this repository needs migrating. Typically this is because one or more configuration options you are using have been renamed. You don't need to merge this PR right away, because Renovate will continue to migrate these fields internally each time it runs. But later some of these fields may be fully deprecated and the migrations removed. So it's a good idea to merge this migration PR soon. #### [PLEASE NOTE](https://docs.renovatebot.com/configuration-options#configmigration): JSON5 config file migrated! All comments & trailing commas were removed. 🔕 Ignore: Close this PR and you won't be reminded about config migration again, but one day your current config may no longer be valid. ❓ Got questions? Does something look wrong to you? Please don't hesitate to [request help here](https://redirect.github.com/renovatebot/renovate/discussions). --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>	2025-09-25 21:32:40 +02:00