|
|
cd1b9b57b0
|
harbor: add helm remediation and timeouts
|
2025-12-17 01:39:49 -03:00 |
|
|
|
5e6f9c6c83
|
chore: stop tracking NOTES.md
|
2025-12-17 01:29:48 -03:00 |
|
|
|
f512e0fa29
|
jenkins: harden oidc and timeouts
|
2025-12-17 01:11:07 -03:00 |
|
|
|
4e479147ec
|
jenkins: run jcasc cleanup initcontainer as jenkins user
|
2025-12-17 00:43:55 -03:00 |
|
|
|
1f98a5be12
|
jenkins: clean stale JCasC files on startup
|
2025-12-17 00:37:37 -03:00 |
|
|
|
30048a9ae5
|
jenkins: drop invalid JCasC OIDC realm (use init script)
|
2025-12-17 00:28:52 -03:00 |
|
|
|
60a8192f61
|
jenkins: enforce OIDC via JCasC (no node move)
|
2025-12-17 00:23:15 -03:00 |
|
|
|
ce7631f896
|
jenkins: enforce OIDC via JCasC and pin to arm64
|
2025-12-16 23:38:08 -03:00 |
|
|
|
f3335028b1
|
jenkins: disable scm trigger for harbor arm build
|
2025-12-16 23:12:27 -03:00 |
|
|
|
0385a653af
|
fix: use FullControlOnceLoggedIn auth strategy
|
2025-12-16 20:33:03 -03:00 |
|
|
|
6759871b43
|
fix: add casc support plugin
|
2025-12-16 20:27:41 -03:00 |
|
|
|
3e4a49e7fb
|
fix: add job-dsl plugin for JCasC jobs
|
2025-12-16 20:21:33 -03:00 |
|
|
|
b951058dc6
|
fix: enforce Jenkins OIDC via init groovy only
|
2025-12-16 20:16:18 -03:00 |
|
|
|
cfa7bd8198
|
fix: jenkins casc OIDC using explicit endpoints
|
2025-12-16 20:13:52 -03:00 |
|
|
|
162fe3339f
|
fix: pin Jenkins OIDC realm via JCasC
|
2025-12-16 20:04:21 -03:00 |
|
|
|
fc858fc8df
|
ci: seed harbor-arm-build pipeline in Jenkins
|
2025-12-16 19:26:46 -03:00 |
|
|
|
8b9fc8ff1c
|
chore: remove zot stack
|
2025-12-16 14:10:04 -03:00 |
|
|
|
3066db793d
|
harbor: bootstrap arm64 images on titan-05
|
2025-12-16 11:16:34 -03:00 |
|
|
|
759a77c745
|
harbor: run arm64 images on rpi workers
|
2025-12-16 03:22:01 -03:00 |
|
|
|
c661658a12
|
Add AC Infinity ingestion plan
|
2025-12-16 01:45:04 -03:00 |
|
|
|
144a860a88
|
harbor: use project paths for crypto/pegasus images
|
2025-12-16 00:15:22 -03:00 |
|
|
|
bd64a36165
|
registry: point workloads to harbor
|
2025-12-16 00:08:11 -03:00 |
|
|
|
22b611f8ea
|
harbor: set redis affinity to amd64 titan-22 first
|
2025-12-15 23:14:26 -03:00 |
|
|
|
a8bde2edc7
|
harbor: pin to amd64, prefer titan-22
|
2025-12-15 23:02:58 -03:00 |
|
|
|
d51a19cab9
|
harbor: prefer rpi nodes
|
2025-12-15 23:00:11 -03:00 |
|
|
|
3e3cab6845
|
harbor: increase helm timeout
|
2025-12-15 22:32:29 -03:00 |
|
|
|
9cda32c0bf
|
harbor: use astreae storageclass for pvc
|
2025-12-15 22:22:48 -03:00 |
|
|
|
0f49849761
|
Regenerate dashboards after availability thresholds tweak
|
2025-12-15 22:14:26 -03:00 |
|
|
|
252743e416
|
harbor: use existing secrets and correct admin key
|
2025-12-15 22:08:52 -03:00 |
|
|
|
dba7cf00a4
|
harbor: deploy chart via flux
|
2025-12-15 22:05:40 -03:00 |
|
|
|
aa0df1f62b
|
harbor: add helm repo and deploy via helmrelease
|
2025-12-15 22:05:32 -03:00 |
|
|
|
aa2bb09873
|
zot: allow upstream basic auth from oauth2-proxy
|
2025-12-15 14:22:48 -03:00 |
|
|
|
54406661f2
|
zot: forward authorization header to ui
|
2025-12-15 14:14:49 -03:00 |
|
|
|
caef505677
|
zot ui: send basic creds from oauth2-proxy, remove traefik header
|
2025-12-15 14:08:18 -03:00 |
|
|
|
54eb9e1ac5
|
zot: restore UI basic header middleware
|
2025-12-15 14:01:18 -03:00 |
|
|
|
1899bb7677
|
zot: move basic auth to oauth2-proxy upstream
|
2025-12-15 13:53:53 -03:00 |
|
|
|
0416493f49
|
zot: fix htpasswd volume to avoid type conflict
|
2025-12-15 13:00:51 -03:00 |
|
|
|
b87f06f6ff
|
zot: add oauth proxy and user sync scripts
|
2025-12-15 12:57:02 -03:00 |
|
|
|
828f66d18c
|
gitea: enable OIDC auto-registration
|
2025-12-14 23:08:38 -03:00 |
|
|
|
7a1f3bfc3f
|
gitea: add proxy/session headers for OIDC
|
2025-12-14 22:25:46 -03:00 |
|
|
|
294542e718
|
gitea: reference secret via env; remove secret file
|
2025-12-14 22:16:49 -03:00 |
|
|
|
c3a8c7ddae
|
gitea: remove committed secret and env refs
|
2025-12-14 22:10:13 -03:00 |
|
|
|
29da4be557
|
gitea: pin secret/internal token and include secret manifest
|
2025-12-14 22:06:25 -03:00 |
|
|
|
fc5b0cccf8
|
gitea: drop required claim constraint on keycloak auth
|
2025-12-14 21:58:36 -03:00 |
|
|
|
c8b89c3120
|
gitea: enforce keycloak auth source via init container
|
2025-12-14 21:54:18 -03:00 |
|
|
|
9b994111cb
|
gitea: remove bootstrap job (immutable error)
|
2025-12-14 21:49:07 -03:00 |
|
|
|
a174e451d9
|
gitea: fix bootstrap job immutability
|
2025-12-14 21:47:50 -03:00 |
|
|
|
d8dab08cd8
|
gitea: set trace logging for oidc
|
2025-12-14 21:44:43 -03:00 |
|
|
|
0d93929e3d
|
gitea: relax required signin, set admin group+skip 2fa
|
2025-12-14 21:42:08 -03:00 |
|
|
|
2ffc906487
|
gitea: enable debug logging for oauth
|
2025-12-14 21:38:32 -03:00 |
|
