diff --git a/.github/workflows/llm-proxy-test.yml b/.github/workflows/llm-proxy-test.yml index 0017bdc6..d06a5398 100644 --- a/.github/workflows/llm-proxy-test.yml +++ b/.github/workflows/llm-proxy-test.yml @@ -22,7 +22,15 @@ jobs: - name: Build operator images run: | + # Login to Red Hat registry BEFORE switching to minikube context (for pushing to ttl.sh) + echo "${{ secrets.RH_REGISTRY_PASS }}" | docker login -u ${{ secrets.RH_REGISTRY_USER }} --password-stdin registry.redhat.io + + # Switch to minikube's docker daemon eval $(minikube docker-env) + + # Login to Red Hat registry again in minikube's context (for pulling images in cluster) + echo "${{ secrets.RH_REGISTRY_PASS }}" | docker login -u ${{ secrets.RH_REGISTRY_USER }} --password-stdin registry.redhat.io + IMG=ttl.sh/konveyor-tackle-operator-${{ github.run_id }}:2h make docker-build docker-push BUNDLE_IMG=ttl.sh/konveyor-tackle-operator-bundle-${{ github.run_id }}:2h make bundle bundle-build bundle-push @@ -30,7 +38,15 @@ jobs: run: | # Create namespace kubectl create namespace konveyor-tackle || true - + + # Create image pull secret for Red Hat registry + kubectl create secret docker-registry redhat-pull-secret \ + --docker-server=registry.redhat.io \ + --docker-username="${{ secrets.RH_REGISTRY_USER }}" \ + --docker-password="${{ secrets.RH_REGISTRY_PASS }}" \ + -n konveyor-tackle \ + --dry-run=client -o yaml | kubectl apply -f - + # Create API key secret for LLM proxy kubectl create secret generic kai-api-keys \ --from-literal=OPENAI_API_KEY=dummy-key-for-llemulator \ diff --git a/helm/values.yaml b/helm/values.yaml index 804ed150..801378e6 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -26,4 +26,4 @@ images: provider_c_sharp: quay.io/konveyor/c-sharp-provider:latest kantra: quay.io/konveyor/kantra:latest kai: quay.io/konveyor/kai-solution-server:latest - llama_stack: docker.io/llamastack/distribution-starter:latest + llama_stack: registry.redhat.io/lightspeed-core/lightspeed-stack-rhel9:latest diff --git a/roles/tackle/defaults/main.yml b/roles/tackle/defaults/main.yml index fa7b4a3c..9954e026 100644 --- a/roles/tackle/defaults/main.yml +++ b/roles/tackle/defaults/main.yml @@ -329,7 +329,7 @@ kai_database_address: kai-db.{{ app_namespace }}.svc # LLM Proxy configuration kai_llm_proxy_enabled: false -kai_llm_proxy_image_fqin: "{{ lookup('env', 'RELATED_IMAGE_LLAMA_STACK') | default('docker.io/llamastack/distribution-starter:latest', true) }}" +kai_llm_proxy_image_fqin: "registry.redhat.io/lightspeed-core/lightspeed-stack-rhel9:latest" # Internal URL for the LLM proxy service (used by UI reverse proxy) kai_llm_proxy_url: "http://llm-proxy.{{ app_namespace }}.svc.cluster.local:8321" diff --git a/roles/tackle/templates/kai/llm-proxy-deployment.yaml.j2 b/roles/tackle/templates/kai/llm-proxy-deployment.yaml.j2 index 498a98d8..561eac51 100644 --- a/roles/tackle/templates/kai/llm-proxy-deployment.yaml.j2 +++ b/roles/tackle/templates/kai/llm-proxy-deployment.yaml.j2 @@ -25,6 +25,8 @@ spec: # Force pod restart when ConfigMap changes checksum/config: "{{ lookup('template', 'kai/llm-proxy-configmap.yaml.j2') | hash('sha256') }}" spec: + imagePullSecrets: + - name: redhat-pull-secret containers: - name: llm-proxy image: "{{ kai_llm_proxy_image_fqin }}"