Skip to content

Feature request: Update the `helm/files/helm/flowfuse/templates/deployment.yaml' #3811

New issue
New issue
Closed as duplicate
Feature
Closed as duplicate
Feature request: Update the `helm/files/helm/flowfuse/templates/deployment.yaml'#3811
Feature
Labels
feature-requestNew feature or request that needs to be turned into Epic/Story detailstaskA piece of work that isn't necessarily tied to a specific Epic or Story.
@Esmewieringa

Description

@Esmewieringa
Esmewieringa
opened on Sep 18, 2025

Description

Please add support for Values.forge.registry prefix for initContainer images in deployment.yaml

Request:
Update the helm/files/helm/flowfuse/templates/deployment.yaml template so that the images for the initContainers config and wait-for-local-db can be prefixed with Values.forge.registry, similar to how the main forge container image is handled.

Current Situation:

  • The main container (forge) image is configurable via Helm values: it uses either Values.forge.image or constructs the image name using Values.forge.registry and flowfuse/forge-k8s:{{ .Chart.AppVersion }}.
  • The initContainers config (image: "ruby:2.7-slim") and wait-for-local-db (image: "postgres:14") are hardcoded, with no conditional logic or registry prefix support.

Problem:

  • Our organization is blocked by internal Kubernetes policies (image sourcing restrictions / Kerveno policies) that require all container images to be pulled from our own registry. This means we cannot deploy unless all images—including initContainers—support a configurable registry prefix.

Proposed Solution:

  • Update the chart template so that both initContainers construct their image names using Values.forge.registry (and optionally expose a values field for their image/repo/tag), e.g.: 
    image: {{ .Values.forge.registry }}{{- if .Values.forge.registry -}}/{{- end -}}ruby:2.7-slim
image: {{ .Values.forge.registry }}{{- if .Values.forge.registry -}}/{{- end -}}postgres:14
  • Ideally, allow image/tag for these initContainers to be overridden by values as well (e.g., Values.forge.configInitContainerImage and Values.forge.waitForLocalDbInitContainerImage).
  • This will make all images configurable and allow compliance with internal security policies.

References:

  • File: helm/files/helm/flowfuse/templates/deployment.yaml
  • Example of main container image logic: 
    {{- if .Values.forge.image }}
image: {{ .Values.forge.image }}
{{ else }}
image: {{ .Values.forge.registry }}{{- if .Values.forge.registry -}}/{{- end -}}flowfuse/forge-k8s:{{ .Chart.AppVersion }}
{{ end -}}

Impact:

  • This change will unblock organizations that require full image registry control for all containers, not just the main app container.

Requested by : customer request

Epic/Story

No response

Have you provided an initial effort estimate for this issue?

I have provided an initial effort estimate

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature-requestNew feature or request that needs to be turned into Epic/Story detailstaskA piece of work that isn't necessarily tied to a specific Epic or Story.

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions