fix: enable glance with cinder
diff --git a/roles/openstack_helm_glance/tasks/main.yml b/roles/openstack_helm_glance/tasks/main.yml
index 9d35a14..7493534 100644
--- a/roles/openstack_helm_glance/tasks/main.yml
+++ b/roles/openstack_helm_glance/tasks/main.yml
@@ -25,13 +25,28 @@
     state: present
     definition:
       - apiVersion: source.toolkit.fluxcd.io/v1beta2
-        kind: HelmRepository
+        kind: GitRepository
+        metadata:
+          name: openstack-helm-infra
+          namespace: openstack
+        spec:
+          interval: 60s
+          url: https://opendev.org/openstack/openstack-helm-infra
+
+      - apiVersion: source.toolkit.fluxcd.io/v1beta2
+        kind: GitRepository
         metadata:
           name: openstack-helm
           namespace: openstack
         spec:
           interval: 60s
-          url: https://tarballs.opendev.org/openstack/openstack-helm/
+          url: https://github.com/vexxhost/openstack-helm
+          ref:
+            commit: 8348cb0d995b2c52a5bd3d3d3e1d9b7ffb517ee9
+          include:
+            - repository:
+                name: openstack-helm-infra
+              toPath: ../openstack-helm-infra
 
       - apiVersion: v1
         kind: Secret
@@ -50,10 +65,9 @@
           interval: 60s
           chart:
             spec:
-              chart: glance
-              version: 0.2.10
+              chart: ./glance
               sourceRef:
-                kind: HelmRepository
+                kind: GitRepository
                 name: openstack-helm
           install:
             disableWait: true
diff --git a/roles/openstack_helm_glance/vars/main.yml b/roles/openstack_helm_glance/vars/main.yml
index 40ee6d2..d0d586f 100644
--- a/roles/openstack_helm_glance/vars/main.yml
+++ b/roles/openstack_helm_glance/vars/main.yml
@@ -16,6 +16,7 @@
   endpoints: "{{ openstack_helm_endpoints }}"
   storage: rbd
   images:
+    pull_policy: Always
     tags:
       bootstrap: "{{ openstack_helm_glance_image_repository }}/heat:{{ openstack_helm_glance_heat_image_tag }}"
       db_drop: "{{ openstack_helm_glance_image_repository }}/heat:{{ openstack_helm_glance_heat_image_tag }}"
@@ -33,6 +34,17 @@
   bootstrap:
     enabled: false
   pod:
+    security_context:
+      glance:
+        container:
+          glance_api:
+            allowPrivilegeEscalation: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+            readOnlyRootFilesystem: "{{ ('cinder' not in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+            privileged: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+            capabilities:
+              add: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | ternary(['SYS_ADMIN'], []) }}"
+    useHostNetwork:
+      api: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
     replicas:
       api: 3
   conf:
@@ -44,8 +56,6 @@
         enable_import_methods: "[]"
       cors:
         allowed_origins: "*"
-      glance_store:
-        cinder_catalog_info: volumev3::internalURL
       image_formats:
         disk_formats: "qcow2,raw"
       oslo_messaging_notifications: