helmule/examples/giantswarm/patches/regexp/values-patches.yaml

---
name: Replace image repository in values
targets:
  - values.yaml
before: |-
  image:
    repository: ghcr.io/project-zot/zot-linux-amd64
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: "v2.0.0"
after: |-
  image:
    repository: gsoci/dummy/zot-linux
    pullPolicy: Always
    tag: ""
---
name: Fix security policies in the deployment
targets:
  - templates/deployment.yaml
before: |-
          \{\{- toYaml .Values.podSecurityContext .*
after: |-
            fsGroup: 1337
                    {{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}
                    {{- with .Values.podSeccompProfile }}
                    seccompProfile:
                      {{- . | toYaml | nindent 10 }}
                    {{- end }}
                    {{- end }}
---
name: Fix security policies in container
targets:
  - templates/deployment.yaml
before: |-
  \{\{- toYaml .Values.securityContext .*
after: |-
            {{- with .Values.containerSecurityContext }}
                        {{- . | toYaml | nindent 12 }}
                        {{- end }}
                        readOnlyRootFilesystem: true
                        runAsUser: 100
                        {{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}
                        {{- with .Values.seccompProfile }}
                        seccompProfile:
                          {{- . | toYaml | nindent 14 }}
                        {{- end }}
                        {{- end }}
---
name: Fix security policies in test jobs
targets:
  - templates/tests/test-connection-fails.yaml
  - templates/tests/test-connection.yaml
before: |-
  spec:
    containers:
after: |-
  spec:
    securityContext:
      fsGroup: 1337
      {{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}
      {{- with .Values.podSeccompProfile }}
      seccompProfile:
        {{- . | toYaml | nindent 10 }}
      {{- end }}
      {{- end }}
    containers:
---
name: Fix security policies in test jobs containers
targets:
  - templates/tests/test-connection-fails.yaml
  - templates/tests/test-connection.yaml
before: |-
    containers:
        - name: wget
after: |-
    containers:
        - name: wget
          securityContext:
            {{- with .Values.containerSecurityContext }}
            {{- . | toYaml | nindent 12 }}
            {{- end }}
            readOnlyRootFilesystem: true
            runAsUser: 100
            {{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}
            {{- with .Values.seccompProfile }}
            seccompProfile:
              {{- . | toYaml | nindent 14 }}
            {{- end }}
            {{- end }}
Start writing README 2024-01-16 18:12:03 +00:00			`---`
			`name: Replace image repository in values`
			`targets:`
			`- values.yaml`
			`before: \|-`
			`image:`
			`repository: ghcr.io/project-zot/zot-linux-amd64`
			`pullPolicy: IfNotPresent`
			`# Overrides the image tag whose default is the chart appVersion.`
			`tag: "v2.0.0"`
			`after: \|-`
			`image:`
			`repository: gsoci/dummy/zot-linux`
			`pullPolicy: Always`
			`tag: ""`
			`---`
			`name: Fix security policies in the deployment`
			`targets:`
			`- templates/deployment.yaml`
			`before: \|-`
			`\{\{- toYaml .Values.podSecurityContext .*`
			`after: \|-`
			`fsGroup: 1337`
			`{{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}`
			`{{- with .Values.podSeccompProfile }}`
			`seccompProfile:`
			`{{- . \| toYaml \| nindent 10 }}`
			`{{- end }}`
			`{{- end }}`
			`---`
			`name: Fix security policies in container`
			`targets:`
			`- templates/deployment.yaml`
			`before: \|-`
			`\{\{- toYaml .Values.securityContext .*`
			`after: \|-`
			`{{- with .Values.containerSecurityContext }}`
			`{{- . \| toYaml \| nindent 12 }}`
			`{{- end }}`
			`readOnlyRootFilesystem: true`
			`runAsUser: 100`
			`{{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}`
			`{{- with .Values.seccompProfile }}`
			`seccompProfile:`
			`{{- . \| toYaml \| nindent 14 }}`
			`{{- end }}`
			`{{- end }}`
			`---`
			`name: Fix security policies in test jobs`
			`targets:`
			`- templates/tests/test-connection-fails.yaml`
			`- templates/tests/test-connection.yaml`
			`before: \|-`
			`spec:`
			`containers:`
			`after: \|-`
			`spec:`
			`securityContext:`
			`fsGroup: 1337`
			`{{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}`
			`{{- with .Values.podSeccompProfile }}`
			`seccompProfile:`
			`{{- . \| toYaml \| nindent 10 }}`
			`{{- end }}`
			`{{- end }}`
			`containers:`
			`---`
			`name: Fix security policies in test jobs containers`
			`targets:`
			`- templates/tests/test-connection-fails.yaml`
			`- templates/tests/test-connection.yaml`
			`before: \|-`
			`containers:`
			`- name: wget`
			`after: \|-`
			`containers:`
			`- name: wget`
			`securityContext:`
			`{{- with .Values.containerSecurityContext }}`
			`{{- . \| toYaml \| nindent 12 }}`
			`{{- end }}`
			`readOnlyRootFilesystem: true`
			`runAsUser: 100`
			`{{- if ge (int .Capabilities.KubeVersion.Minor) 19 }}`
			`{{- with .Values.seccompProfile }}`
			`seccompProfile:`
			`{{- . \| toYaml \| nindent 14 }}`
			`{{- end }}`
			`{{- end }}`