chore(images): add kubectl image
diff --git a/build/pin-images.py b/build/pin-images.py
index 0f113ae..dc42ef4 100755
--- a/build/pin-images.py
+++ b/build/pin-images.py
@@ -25,6 +25,22 @@
r.raise_for_status()
digest = r.json()["tags"][0]["manifest_digest"]
+ if image_ref.domain() == "docker.io":
+ # Get token for docker.io
+ r = requests.get(
+ "https://auth.docker.io/token",
+ params={"service": "registry.docker.io", "scope": f"repository:{image_ref.path()}:pull"},
+ )
+ r.raise_for_status()
+ token = r.json()["token"]
+
+ r = requests.get(
+ f"https://registry-1.docker.io/v2/{image_ref.path()}/manifests/{image_ref['tag']}",
+ headers={"Accept": "application/vnd.docker.distribution.manifest.v2+json", "Authorization": f"Bearer {token}"},
+ )
+ r.raise_for_status()
+ digest = r.headers["Docker-Content-Digest"]
+
return f"{image_ref.domain()}/{image_ref.path()}@{digest}"
diff --git a/roles/defaults/vars/main.yml b/roles/defaults/vars/main.yml
index e48633b..d1319ec 100644
--- a/roles/defaults/vars/main.yml
+++ b/roles/defaults/vars/main.yml
@@ -85,6 +85,7 @@
ks_endpoints: quay.io/vexxhost/heat@sha256:755225f9a63c0968f1ceeda3a2f06c66dd8d247ff00308f549e66496aa8f59d0 # image-source: quay.io/vexxhost/heat:zed
ks_service: quay.io/vexxhost/heat@sha256:755225f9a63c0968f1ceeda3a2f06c66dd8d247ff00308f549e66496aa8f59d0 # image-source: quay.io/vexxhost/heat:zed
ks_user: quay.io/vexxhost/heat@sha256:755225f9a63c0968f1ceeda3a2f06c66dd8d247ff00308f549e66496aa8f59d0 # image-source: quay.io/vexxhost/heat:zed
+ kubectl: docker.io/bitnami/kubectl@sha256:f59ccdfedf272a89983abe62ca277b86c8b0b3fcf913c4b7f637db08f4b21682 # image-source: docker.io/bitnami/kubectl:latest
kube_apiserver: registry.k8s.io/kube-apiserver:v1.22.17
kube_controller_manager: registry.k8s.io/kube-controller-manager:v1.22.17
kube_coredns: registry.k8s.io/coredns/coredns:v1.8.4