Chartsynced charts and images for vendoring

[rossops]

Description

Vendoring dependent bitnami charts and images. Chart-syncer was used to translate and push the charts into defectdojo's public repo.

[mtesauro]

Approved

[kiblik]

Can charts, which are pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo, be stored in this repo? E.g., in helm/postgres and helm/redis.
Core can be stored here, and then it can be pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo.
Yes, anybody can pull oci://us-docker.pkg.dev/os-public-container-registry/defectdojo and check it.
But it would be nicer to have a bit of transparency.

[rossops]

@kiblik

Can charts, which are pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo, be stored in this repo? E.g., in helm/postgres and helm/redis.
Core can be stored here, and then it can be pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo.

Just so i'm clear, you want the charts stored in the git repo under helm/(postgres|redis), built with a ci job on change, and then pushed to the oci registry? If so, i'm in full agreement, exactly for reasons of transparency. That's where I was going with a prior PR, but I ran into all sorts of weird issues during test and it was turning into a time toilet. I decided that this was the next best approach.

Given the limited time, let me pick up that work in a separate PR. I just want to be sure we're nice and clear of bitnami deprecation for this upcoming release.

[kiblik]

@kiblik

Can charts, which are pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo, be stored in this repo? E.g., in helm/postgres and helm/redis.
Core can be stored here, and then it can be pushed to oci://us-docker.pkg.dev/os-public-container-registry/defectdojo.

Just so i'm clear, you want the charts stored in the git repo under helm/(postgres|redis), built with a ci job on change, and then pushed to the oci registry? If so, i'm in full agreement, exactly for reasons of transparency. That's where I was going with a prior PR, but I ran into all sorts of weird issues during test and it was turning into a time toilet. I decided that this was the next best approach.

Given the limited time, let me pick up that work in a separate PR. I just want to be sure we're nice and clear of bitnami deprecation for this upcoming release.

Yes, you understood me perfectly. We are on the same page, and I understand we are under some time pressure here, so let's solve it in a separate PR.

TBH, I would add 2 more changes to it:

• from what I saw, HELM charts are usually under charts/ not helm/ subdir - so I would move there also
• I would also move the DD chart to OCI. So start pushing them also to OCI and in one moment mark the GitHub repo chart (in helm-charts branch) with deprecated: true.