|
|
79c18bd1ce
|
harbor: add helm remediation and timeouts
|
2025-12-17 01:39:49 -03:00 |
|
|
|
93d8de338c
|
chore: stop tracking NOTES.md
|
2025-12-17 01:29:48 -03:00 |
|
|
|
59c7d97d7a
|
jenkins: harden oidc and timeouts
|
2025-12-17 01:11:07 -03:00 |
|
|
|
6a79e815ee
|
jenkins: run jcasc cleanup initcontainer as jenkins user
|
2025-12-17 00:43:55 -03:00 |
|
|
|
6eaa655d69
|
jenkins: clean stale JCasC files on startup
|
2025-12-17 00:37:37 -03:00 |
|
|
|
189df99622
|
jenkins: drop invalid JCasC OIDC realm (use init script)
|
2025-12-17 00:28:52 -03:00 |
|
|
|
e261dd8d4d
|
jenkins: enforce OIDC via JCasC (no node move)
|
2025-12-17 00:23:15 -03:00 |
|
|
|
c7829a1743
|
jenkins: enforce OIDC via JCasC and pin to arm64
|
2025-12-16 23:38:08 -03:00 |
|
|
|
8f88dc3471
|
jenkins: disable scm trigger for harbor arm build
|
2025-12-16 23:12:27 -03:00 |
|
|
|
0f52c8b952
|
fix: use FullControlOnceLoggedIn auth strategy
|
2025-12-16 20:33:03 -03:00 |
|
|
|
b52cd0148e
|
fix: add casc support plugin
|
2025-12-16 20:27:41 -03:00 |
|
|
|
7af3a152d8
|
fix: add job-dsl plugin for JCasC jobs
|
2025-12-16 20:21:33 -03:00 |
|
|
|
c9d78972ee
|
fix: enforce Jenkins OIDC via init groovy only
|
2025-12-16 20:16:18 -03:00 |
|
|
|
b8cb91d39a
|
fix: jenkins casc OIDC using explicit endpoints
|
2025-12-16 20:13:52 -03:00 |
|
|
|
94144591b2
|
fix: pin Jenkins OIDC realm via JCasC
|
2025-12-16 20:04:21 -03:00 |
|
|
|
8edf83711c
|
ci: seed harbor-arm-build pipeline in Jenkins
|
2025-12-16 19:26:46 -03:00 |
|
|
|
3870a8259d
|
chore: remove zot stack
|
2025-12-16 14:10:04 -03:00 |
|
|
|
41a39b20e6
|
harbor: bootstrap arm64 images on titan-05
|
2025-12-16 11:16:34 -03:00 |
|
|
|
f8b13bec7a
|
harbor: run arm64 images on rpi workers
|
2025-12-16 03:22:01 -03:00 |
|
|
|
6b1e145689
|
Add AC Infinity ingestion plan
|
2025-12-16 01:45:04 -03:00 |
|
|
|
5652fb4ccd
|
harbor: use project paths for crypto/pegasus images
|
2025-12-16 00:15:22 -03:00 |
|
|
|
a32ed7a2a6
|
registry: point workloads to harbor
|
2025-12-16 00:08:11 -03:00 |
|
|
|
a2bdbfdde2
|
harbor: set redis affinity to amd64 titan-22 first
|
2025-12-15 23:14:26 -03:00 |
|
|
|
c130822f71
|
harbor: pin to amd64, prefer titan-22
|
2025-12-15 23:02:58 -03:00 |
|
|
|
a164ee906e
|
harbor: prefer rpi nodes
|
2025-12-15 23:00:11 -03:00 |
|
|
|
be5da057be
|
harbor: increase helm timeout
|
2025-12-15 22:32:29 -03:00 |
|
|
|
0a96aaed11
|
harbor: use astreae storageclass for pvc
|
2025-12-15 22:22:48 -03:00 |
|
|
|
c85961e1fe
|
Regenerate dashboards after availability thresholds tweak
|
2025-12-15 22:14:26 -03:00 |
|
|
|
43305aa1c4
|
harbor: use existing secrets and correct admin key
|
2025-12-15 22:08:52 -03:00 |
|
|
|
669a7cc69a
|
harbor: deploy chart via flux
|
2025-12-15 22:05:40 -03:00 |
|
|
|
be0c321648
|
harbor: add helm repo and deploy via helmrelease
|
2025-12-15 22:05:32 -03:00 |
|
|
|
d8f4eaac46
|
zot: allow upstream basic auth from oauth2-proxy
|
2025-12-15 14:22:48 -03:00 |
|
|
|
38a1f38074
|
zot: forward authorization header to ui
|
2025-12-15 14:14:49 -03:00 |
|
|
|
6ed036511c
|
zot ui: send basic creds from oauth2-proxy, remove traefik header
|
2025-12-15 14:08:18 -03:00 |
|
|
|
cbbd95cc54
|
zot: restore UI basic header middleware
|
2025-12-15 14:01:18 -03:00 |
|
|
|
f6650c2c21
|
zot: move basic auth to oauth2-proxy upstream
|
2025-12-15 13:53:53 -03:00 |
|
|
|
c261aba74b
|
zot: fix htpasswd volume to avoid type conflict
|
2025-12-15 13:00:51 -03:00 |
|
|
|
bc0c85a9ca
|
zot: add oauth proxy and user sync scripts
|
2025-12-15 12:57:02 -03:00 |
|
|
|
43f5b4ae08
|
gitea: enable OIDC auto-registration
|
2025-12-14 23:08:38 -03:00 |
|
|
|
d76d04dbc1
|
gitea: add proxy/session headers for OIDC
|
2025-12-14 22:25:46 -03:00 |
|
|
|
6656f01d8f
|
gitea: reference secret via env; remove secret file
|
2025-12-14 22:16:49 -03:00 |
|
|
|
b9a20eac55
|
gitea: remove committed secret and env refs
|
2025-12-14 22:10:13 -03:00 |
|
|
|
0db9ad6f41
|
gitea: pin secret/internal token and include secret manifest
|
2025-12-14 22:06:25 -03:00 |
|
|
|
555878cf06
|
gitea: drop required claim constraint on keycloak auth
|
2025-12-14 21:58:36 -03:00 |
|
|
|
d44d9d2307
|
gitea: enforce keycloak auth source via init container
|
2025-12-14 21:54:18 -03:00 |
|
|
|
ba7fe0603d
|
gitea: remove bootstrap job (immutable error)
|
2025-12-14 21:49:07 -03:00 |
|
|
|
52c273efd6
|
gitea: fix bootstrap job immutability
|
2025-12-14 21:47:50 -03:00 |
|
|
|
d86ba7b412
|
gitea: set trace logging for oidc
|
2025-12-14 21:44:43 -03:00 |
|
|
|
d5b08479e7
|
gitea: relax required signin, set admin group+skip 2fa
|
2025-12-14 21:42:08 -03:00 |
|
|
|
ae3d9b2bf9
|
gitea: enable debug logging for oauth
|
2025-12-14 21:38:32 -03:00 |
|
