We use Linkerd in our GKE cluster, and prefer to use GCP’s binary authorization product to control which software runs there. Right now, we’ve added an image path pattern to the Binary authorization exemption list, because we can’t figure out how to to change the helm chart’s values.yml file to use an image digest rather than a tag. For example, we want to use image.url/some/path/image@sha256: 3d056213495816b57e58df9cdfec0302d289cecb29d8747fab38ee6afa143162, and not image.url/some/path/image:v1.0.
It looks like most components do actually allow specifying the version in values.yml, eg here, we haven’t figured out whether there’s a supported path for setting the version for
controllerImage. It seems to be configured slightly differently in the helm chart (here).
Does anyone know how to achieve what I’m describing?