From 303be90644d7a16090058d713b966f24b799c3c1 Mon Sep 17 00:00:00 2001
From: Mark Rossetti <marosset@microsoft.com>
Date: Mon, 6 Jun 2022 09:30:52 -0700
Subject: [PATCH] Using registry.k8s.io instead of k8s.gcr.io

Signed-off-by: Mark Rossetti <marosset@microsoft.com>
---
 RELEASE.md                                       |   4 ++--
 admission-webhook/deploy/deploy-gmsa-webhook.sh  |   2 +-
 .../templates/several-containers-with-gmsa.yml   |   6 +++---
 .../simple-with-container-level-gmsa.yml         |   2 +-
 .../templates/simple-with-gmsa.yml               |   2 +-
 .../simple-with-pre-set-matching-contents.yml    |   2 +-
 .../simple-with-pre-set-unmatching-contents.yml  |   2 +-
 ...with-preset-gmsa-container-level-contents.yml |   2 +-
 ...imple-with-preset-gmsa-pod-level-contents.yml |   2 +-
 .../templates/simple-with-unknown-gmsa.yml       |   2 +-
 .../single-pod-with-container-level-gmsa.yml     |   2 +-
 .../templates/single-pod-with-gmsa.yml           |   2 +-
 charts/README.md                                 |  12 ++++++++----
 charts/gmsa-0.4.3.tgz                            | Bin 0 -> 3830 bytes
 charts/gmsa/Chart.yaml                           |   2 +-
 charts/gmsa/values.yaml                          |   2 +-
 16 files changed, 25 insertions(+), 21 deletions(-)
 create mode 100644 charts/gmsa-0.4.3.tgz

diff --git a/RELEASE.md b/RELEASE.md
index 60654fe1..c161c3da 100644
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -28,9 +28,9 @@ The Kubernetes Windows GMSA project is released on an as-needed basis. The proce
         ```bash
         K8S_GMSA_DEPLOY_DOWNLOAD_REV='$VERSION' \
             ./deploy-gmsa-webhook.sh --file ./gmsa-manifests \
-            --image k8s.gcr.io/gmsa-webhook/k8s-gmsa-webhook:$VERSION
+            --image registry.k8s.io/gmsa-webhook/k8s-gmsa-webhook:$VERSION
         ```
-        
+
     1. Clicking on `Publish Release`
 1. The release issue is closed
 1. An announcement email is sent to `kubernetes-sig-windows@googlegroups.com` with the subject `[ANNOUNCE] Kubernetes SIG-Windows GMSA Webhook $VERSION is Released`
diff --git a/admission-webhook/deploy/deploy-gmsa-webhook.sh b/admission-webhook/deploy/deploy-gmsa-webhook.sh
index 757f60e1..d85db334 100755
--- a/admission-webhook/deploy/deploy-gmsa-webhook.sh
+++ b/admission-webhook/deploy/deploy-gmsa-webhook.sh
@@ -74,7 +74,7 @@ write_manifests_file() {
         ENVS=`env | grep -E 'NAME|NAMESPACE|TLS|RBAC|TOLERATIONS|IMAGE|CA' | sed -n '/^[^\t]/s/=.*//p' | sed '/^$/d' | sed 's/^/-e /g' | tr '\n' ' '`
 
         # envsubst is installed in the nginx images which we already maintain
-        docker run --rm -v "$TEMPLATE_PATH:$TEMPLATE_PATH" $ENVS k8s.gcr.io/e2e-test-images/nginx:1.15-1 sh -c "cat $TEMPLATE_PATH | envsubst" > $MANIFESTS_FILE
+        docker run --rm -v "$TEMPLATE_PATH:$TEMPLATE_PATH" $ENVS registry.k8s.io/e2e-test-images/nginx:1.15-1 sh -c "cat $TEMPLATE_PATH | envsubst" > $MANIFESTS_FILE
     else
         fatal_error "Unable to run envsubst"
     fi
diff --git a/admission-webhook/integration_tests/templates/several-containers-with-gmsa.yml b/admission-webhook/integration_tests/templates/several-containers-with-gmsa.yml
index c0245340..6d330f97 100644
--- a/admission-webhook/integration_tests/templates/several-containers-with-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/several-containers-with-gmsa.yml
@@ -22,14 +22,14 @@ spec:
         windowsOptions:
           gmsaCredentialSpecName: {{ index .CredSpecNames 1 }}
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx0
         securityContext:
           windowsOptions:
             gmsaCredentialSpecName: {{ index .CredSpecNames 0 }}
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx1
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx2
         securityContext:
           windowsOptions:
diff --git a/admission-webhook/integration_tests/templates/simple-with-container-level-gmsa.yml b/admission-webhook/integration_tests/templates/simple-with-container-level-gmsa.yml
index ca6a435e..a46825b2 100644
--- a/admission-webhook/integration_tests/templates/simple-with-container-level-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-container-level-gmsa.yml
@@ -19,7 +19,7 @@ spec:
     spec:
       serviceAccountName: {{ .ServiceAccountName }}
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
         securityContext:
           windowsOptions:
diff --git a/admission-webhook/integration_tests/templates/simple-with-gmsa.yml b/admission-webhook/integration_tests/templates/simple-with-gmsa.yml
index 8f71e5cb..66f5a1db 100644
--- a/admission-webhook/integration_tests/templates/simple-with-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-gmsa.yml
@@ -22,7 +22,7 @@ spec:
         windowsOptions:
           gmsaCredentialSpecName: {{ index .CredSpecNames 0 }}
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
 {{- range $line := .ExtraSpecLines }}
       {{ $line }}
diff --git a/admission-webhook/integration_tests/templates/simple-with-pre-set-matching-contents.yml b/admission-webhook/integration_tests/templates/simple-with-pre-set-matching-contents.yml
index ada4215f..9a3dae72 100644
--- a/admission-webhook/integration_tests/templates/simple-with-pre-set-matching-contents.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-pre-set-matching-contents.yml
@@ -23,7 +23,7 @@ spec:
           gmsaCredentialSpecName: {{ index .CredSpecNames 0 }}
           gmsaCredentialSpec: '{"CmsPlugins":["ActiveDirectory"],  "ActiveDirectoryConfig":{"GroupManagedServiceAccounts":[{"Name":"WebApplication0","Scope":"CONTOSO"},{"Name":"WebApplication0","Scope":"contoso.com"}]},"DomainJoinConfig":{"Sid":"S-1-5-21-2126729477-2524075714-3094792973",  "DnsName":"contoso.com","DnsTreeName":"contoso.com","Guid":"244818ae-87ca-4fcd-92ec-e79e5252348a","MachineAccountName":"WebApplication0","NetBiosName":"CONTOSO"}}'
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
 {{- range $line := .ExtraSpecLines }}
       {{ $line }}
diff --git a/admission-webhook/integration_tests/templates/simple-with-pre-set-unmatching-contents.yml b/admission-webhook/integration_tests/templates/simple-with-pre-set-unmatching-contents.yml
index 79a75d18..d712f32c 100644
--- a/admission-webhook/integration_tests/templates/simple-with-pre-set-unmatching-contents.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-pre-set-unmatching-contents.yml
@@ -24,7 +24,7 @@ spec:
           gmsaCredentialSpecName: {{ index .CredSpecNames 0 }}
           gmsaCredentialSpec: '{"ActiveDirectoryConfig":{"GroupManagedServiceAccounts":[{"Name":"WebApplication1","Scope":"CONTOSO"},{"Name":"WebApplication1","Scope":"contoso.com"}]},"CmsPlugins":["ActiveDirectory"],"DomainJoinConfig":{"DnsName":"contoso.com","DnsTreeName":"contoso.com","Guid":"244818ae-87ca-4fcd-92ec-e79e5252348a","MachineAccountName":"WebApplication1","NetBiosName":"CONTOSO","Sid":"S-1-5-21-2126729477-2524175714-3194792973"}}'
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
 {{- range $line := .ExtraSpecLines }}
       {{ $line }}
diff --git a/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-container-level-contents.yml b/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-container-level-contents.yml
index b93565ad..6edd821f 100644
--- a/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-container-level-contents.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-container-level-contents.yml
@@ -19,7 +19,7 @@ spec:
     spec:
       serviceAccountName: {{ .ServiceAccountName }}
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
         securityContext:
           windowsOptions:
diff --git a/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-pod-level-contents.yml b/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-pod-level-contents.yml
index e27f127b..cfdae882 100644
--- a/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-pod-level-contents.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-preset-gmsa-pod-level-contents.yml
@@ -22,7 +22,7 @@ spec:
         windowsOptions:
           gmsaCredentialSpec: '{"ActiveDirectoryConfig":{"GroupManagedServiceAccounts":[{"Name":"WebApplication0","Scope":"CONTOSO"},{"Name":"WebApplication0","Scope":"contoso.com"}]},"CmsPlugins":["ActiveDirectory"],"DomainJoinConfig":{"DnsName":"contoso.com","DnsTreeName":"contoso.com","Guid":"244818ae-87ca-4fcd-92ec-e79e5252348a","MachineAccountName":"WebApplication0","NetBiosName":"CONTOSO","Sid":"S-1-5-21-2126729477-2524075714-3094792973"}}'
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
 {{- range $line := .ExtraSpecLines }}
       {{ $line }}
diff --git a/admission-webhook/integration_tests/templates/simple-with-unknown-gmsa.yml b/admission-webhook/integration_tests/templates/simple-with-unknown-gmsa.yml
index db54232e..2e92d25b 100644
--- a/admission-webhook/integration_tests/templates/simple-with-unknown-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/simple-with-unknown-gmsa.yml
@@ -22,7 +22,7 @@ spec:
         windowsOptions:
           gmsaCredentialSpecName: i-sure-dont-exist
       containers:
-      - image: k8s.gcr.io/pause
+      - image: registry.k8s.io/pause
         name: nginx
 {{- range $line := .ExtraSpecLines }}
       {{ $line }}
diff --git a/admission-webhook/integration_tests/templates/single-pod-with-container-level-gmsa.yml b/admission-webhook/integration_tests/templates/single-pod-with-container-level-gmsa.yml
index 6b0137b3..7ed1bb8f 100644
--- a/admission-webhook/integration_tests/templates/single-pod-with-container-level-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/single-pod-with-container-level-gmsa.yml
@@ -11,7 +11,7 @@ spec:
   serviceAccountName: {{ .ServiceAccountName }}
   containers:
   - name: {{ .TestName }}
-    image: k8s.gcr.io/pause
+    image: registry.k8s.io/pause
     securityContext:
       windowsOptions:
         gmsaCredentialSpecName: {{ index .CredSpecNames 0 }}
diff --git a/admission-webhook/integration_tests/templates/single-pod-with-gmsa.yml b/admission-webhook/integration_tests/templates/single-pod-with-gmsa.yml
index 530790a1..c8e0ed0e 100644
--- a/admission-webhook/integration_tests/templates/single-pod-with-gmsa.yml
+++ b/admission-webhook/integration_tests/templates/single-pod-with-gmsa.yml
@@ -20,7 +20,7 @@ spec:
 {{- if .Image }}
     image: {{ .Image }}
 {{- else }}
-    image: k8s.gcr.io/pause
+    image: registry.k8s.io/pause
 {{- end }}
   dnsPolicy: ClusterFirst
   restartPolicy: Never
diff --git a/charts/README.md b/charts/README.md
index 6dc9946e..c5c8a0e2 100644
--- a/charts/README.md
+++ b/charts/README.md
@@ -1,23 +1,26 @@
 # Install Windows GMSA with Helm 3
 
 ## Prerequisites
+
 - [install Helm](https://helm.sh/docs/intro/quickstart/#install-helm)
 
 ### Tips
 
-
 ### install a specific version
+
 ```console
 helm repo add windows-gmsa https://raw.githubusercontent.com/kubernetes-sigs/windows-gmsa/master/charts/repo
 helm install windows-gmsa/gmsa --namespace kube-system --version v0.4.2
 ```
 
 ### search for all available chart versions
+
 ```console
 helm search repo -l gmsa
 ```
 
 ## uninstall Windows GMSA
+
 ```console
 helm uninstall gmsa -n kube-system
 ```
@@ -32,19 +35,20 @@ The following table lists the configurable parameters of the latest GMSA chart a
 | `certificates.certManager.version`                    | version of cert manager                                           |                                                       |
 | `certificates.caBundle`                               | cert-manager disabled, add self-signed ca.crt in base64 format    |                                                       |
 | `certificates.secretName`                             | cert-manager disabled, upload certs data as k8s secretName        | `gmsa-server-cert`                                    |
-| `credential.enabled `                                 | enable creation of GMSA Credential                                | `true`                                                |
+| `credential.enabled`                                  | enable creation of GMSA Credential                                | `true`                                                |
 | `credential.domainJoinConfig.dnsName`                 | DNS Domain Name                                                   |                                                       |
 | `credential.domainJoinConfig.dnsTreeName`             | DNS Domain Name Root                                              |                                                       |
 | `credential.domainJoinConfig.guid`                    | GUID                                                              |                                                       |
 | `credential.domainJoinConfig.machineAccountName`      | username of the GMSA account                                      |                                                       |
 | `credential.domainJoinConfig.netBiosName`             | NETBIOS Domain Name                                               |                                                       |
 | `credential.domainJoinConfig.sid`                     | SID                                                               |                                                       |
-| `image.repository`                                    | image repository                                                  | `k8s.gcr.io/gmsa-webhook/k8s-gmsa-webhook`                    |
+| `image.repository`                                    | image repository                                                  | `registry.k8s.io/gmsa-webhook/k8s-gmsa-webhook`       |
 | `image.tag`                                           | image tag                                                         | `v0.4.0`                                              |
 | `image.imagePullPolicy`                               | image pull policy                                                 | `IfNotPresent`                                        |
-| `global.systemDefaultRegistry `                       | container registry                                                |                                                       |
+| `global.systemDefaultRegistry`                        | container registry                                                |                                                       |
 | `tolerations`                                         | tolerations                                                       | []                                                    |
 
 ## troubleshooting
+
 - Add `--wait -v=5 --debug` in `helm install` command to get detailed error
 - Use `kubectl describe` to acquire more info
diff --git a/charts/gmsa-0.4.3.tgz b/charts/gmsa-0.4.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..f264f94d4e019e3495f3c5ba0d27f4d0802781c6
GIT binary patch
literal 3830
zcmV<S4hiueiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH+#bK5qy`OIH&hTcx>ZbUt8=jzV=;K*+3+l}k7-0bXhIv$8T
zlCY)#E&$5W_4>cx0YFkDMLn#@ZrauPkXQt8@H`Kk2SyV~>b)@$%A1i%_~s>`(P%VI
zIvw+WqtPh;-)J8nziD<_ozqV1_@v!<(`dGu?baJ;yvS%u5KBeGo5ol7Ri4}*1V}_b
zqmY!dE=*eviK6Uh!|QkrCqU^78Y%PX@011nLBhvR{WIusHl(9i5MAcn<LrTpKz5y4
zT5bN9Y2eh-|IU0xrwHd%ps%=?IgCuO3;HZNlE=bFgJ!H$B)j$ch^lcs@O(b0-^T+K
z3>C_nq$62>u=s1HshUOD1rkLe_3fah`MI>6-+QsYK``_`C1H&6#TdXE`fr|e+GYB0
zpEmdO{~F+<P;{v2MbjLB{{4wCGD4w$0vx~vBZCl42~2DeP^NHXDc^%$zC@0B90o8z
zAfZ4K%z!efNEl)OM1dM3+`pILhp|*BOc!W62)dv|jOI&5x9+s*oqA2z(F3_0nnBbm
z1_4w;K&8R+4oDDy#Biv21j7J);`u@WWiTKTPdYH<VnURjF8L6%AjB@X&+H?PLQVox
zSwcV*fkWHPJ5ZrC{Sg+JzwdE&1Voy7OY{Y*D>6Yn9K9Nv_sNL(dgk*|%MEK1#S}$N
z_u@FdzyO(|B-C4zt=f=;Qa29xgi!XsoHEOq?fwN!T70exaBzOrhjUX8^w+e;tw79b
zl`Fvw=gQO^#WY9|ef;I}+<co5e@q#k`96=Cnj`r|qR>+VJ~Y!bB7@jkrXfT1f%5#|
zt}bprT>iW`K$-M<(7!y_=!_I`e9jc148=7UstazX({>$)PRI!L%mqeVQY~G&AaF#b
z5;O1qz4R!ro27lg!I<;=`u%$=KGF{kfFh$VOs)I_FetC%Fudj=^=DnU9A0sCEl?s;
zjx!4R!0w2gNrjVh9FjOxH%Xu7WH}KJ`sl}ks#%XSg<n(`9-kap@lEj%?SYeB`1LpE
zWu=zk{|YBjs5wCWZj51sLV7CNohVqt|2rqAtrGw59Jkwh{{I^A_*jDghm;|>_Wa%j
z_5k0dRO3SJ>B-R*=@7inR#&j6-m5(FS^Y>*riS2tC+qI>S|SS;{&pT8>)%69AW;au
zzOoqJY1nKcFf^BqB?d5<8Kz@vg=B!C2jABdgz0?s+4oEpfkQh>^Q#MwkKox$kzs&O
zPqq1%L_daqYZem{AHn^r3+|l@x$$PhJx7INqPv@G+FJY+rOd+6@}(Y$Xfi)LNB~{+
zFS<@r<ueNC{ttkRLaM;^=Bu5T?_N&0d+CbJ5z--W0f%0XL}WliswhhD?D{epwe)@@
zvNSTv>(i!t1c!PL4o3<OLuBQVd3TK?XdJ;I{tFH%Q<de-BRCx4lJcf*f20>Re_dG|
zNiq=(C2l>N0V=YaDK*wisd=)=oXmK3F)<QGW72w^nKd_=nH|t}Q%eyg0zE;tyL}7Q
zPG(owxQ&mm<sU^>Qe+KtiY5c2zq)e{olgBQ<orI4z!d}Hdn8t4F6jSRl|5TF7u=rJ
z#BX?ruGX?#_vi>38Tb8*)k!sb$uOFBee>M~?*>C85)G>~iflFWnd`Pkd4Uq9J7vp{
zpqZ5l{8vl`25^`PlHM6ueLc~X;q7<wtyZKnCE9+O#8Lr%p;9g3ggG^Qar{Sm88Ydk
zw=Oqc#uXfniTnv?+1j{T|96jeFmNgXCy|<c{jhTaG$E^sk$dLi;@XRg-uD%il3UFN
zweE4IYwc(o6FndDx2t=cz00mwdWHTQhCJ54#|T3nhWvrD5!~ZUrq?XnQy0FI+pKM2
zmP;2p|Mv)0^(sU8U|nAIFK%w{dKWjhmp@$g&TcR6ez^Jh(_R0fcXM%D*@@-}yV3tj
z`hRjQ7d*t>nS<8Ze@~B_CH?=nv$y}g4jdTbxcP9_1HI{>#)*+8xeWtD3?wMtbq)Z&
z2Z1E8cX>aSicdgbVzIU5{uupxC`cRKT5IJ=GtCKPguZm{DGR!glRpLdxJqm}6I4V~
zmA-ac<FQuI^JEJ~uQjT_G^LdJVH_-~{T}=q7-a!61s&Z=#G$o?)wIt3QSdm@H*q(y
zH7BERe>1j;Z2G!}#ymIDm`NtprYHus3M%&<xUoc2QtF~=x>X&8+$W)o2meH05#L8C
z1x_hGEOh6a+mgH7im;si2b2Yrjds8W*3th->$F7wC#NT;d-{J3H~_uRmh3G9;Cb?Y
zD?y@|QXezh-2&Bqum|PaAl`&168g1c?b{ig<&BRkx`nwKqN^+_1DZ$h5N~j(ds*aS
ztI?+fzhaSI*yfjqGW{30*N#+xHT2)=oRs}PCynEiJ^jB1l+1eb{r3|8g3&wkq+Jw)
znw~8MXzAX|n)f60s|h{i4=AcSEc-9KMb`p6Jpmltj;Yi)CBlG+0ab#CnKcCtVg*#e
z0}VqMpfv>&2?PWVQ6Mu;mTlOI9;T)UJrnD_&YahIXNw_hYheqDTu0gpnkijn%whXA
z*ucM{q3`o(^S*K(8N1NS95UbZEE0#8?x4cm)tkucFdk8sY)GxVoem@|%8s=2)RDH6
zaTt7ax7!Yo&fRn$jhk*$l%tpi24CjV`&8l5`?{T8zt2~BZ{U^(cIkQTKW9B;vK)D5
zW5Esad$a7FLP`Dy7=?T`LAJ|quyy{wMyo9Uk6WF+|L;{GFWE^H$+<i~&yK<d3cJy4
z*Q?E2>hy`=6=)*6WEYwyRw6VUyPJd|D1ZDni#!n=B#M^l;OT)++UBOGAuOO-i3lJa
zoQ9GzwdnLu8<|LtlIQ;s6#oaAgsYm*7v}vORn91w;?8RxS1YeN0Ax6%jH=muzKjQW
zw(u1)L+*JjC>!<tF$Qr++30e_c=q|?3;MB%7R<G@IQz+t-J+PtVzCy)W(zOAL;|Jp
z_LOVbTK72X!aNL6tDsy~)CAxW3Zf4PT(ZgvHtemc8{1V#S^Oop$PZMFv)##sY0TF$
zAG?vE)lJi_-Ear9*p?ic+L}wN1sneYZ}o9X4*3elz6VcFIk9LOd-KQ{czWtC6e}`<
zr>D2&KJx)G3vEg@ibEDi0?JUzYrzLt+>WtQ(MMF}J(B(y^;-ORdwbn4l|@92yHFn^
z3Dvk<##8TpstDwRh>F9~bxVh%2Bn~*%`i=Q7*Ft1;TllfQx%qv@I=?XHdAryDwJ-i
zTrb+sES%+n<}4taR`+rHxBlHv7yl^XF*MKx-9`N#XG>f5Zf;k!^o6QyY4+#t`sZbh
z-4zSyRx?%k6&$tPc211V)(UF0`&U7V#cfMGOof@|1N!oFUE+8u92)?tu!>O{7MQrf
z7MPbk{);8KX64<QH`675F8y{7tD&U-Qz>H<JB|cj7ysQ}(EmH_)8oDV{~A!X|1Ap_
z%Uc5ry2a8+HLY8u&Vo7Cjg9|>%S4q&{;RJOi7h2F1XYZ~Th_HFr~a1Byu`=m87H0t
zU}-M#CZzs^OY?E9uj2XgrB<swe*=@zd^>w5F&y?yaKDL}{`1;rUK&dLe-bOAC>tg2
zzugFeb^f15yBz<0(mHMI`TuJ`!Tu9WsJVJ47sRsP*7AZ+$r1UxJtD;{z)d;CbH$GJ
zoHE8${&rmsp``4e=&PDfYD2*%%b8Do`Jghze;e+UP)*`|w)4*xHO(*a@;Qs1q@&c8
zW~UTVWGe4>$m}^e1I=1Pz$T`+yyEX#%E!{B%f$I@x=BYl`$d*kwM;0bHI`nxvM3xY
zWvwwMNs4iMHy3BO7fG-S02HHWir>@VVO{cluBZ@D6Y(I8of#4u#sX7Y#t(#s=6kl0
zHzw33k9OL0-+`OPj{lY>E#bv*XkroIiZe{I=>pE)DiARP&fqVPS7)Ct`qyW@i&Er4
zzhK>j6~?jTVz)xjrZ6{%U2#>gi6xdW_%+RMd+D^JJ$xfjlK%;-+3f{zUHn(4)mg~@
zYIXMV|23eH|DTHZBy?dreg6d<KRHuuEwSNtI_=cvPQ(b+Cid8($7rcn=Rb<`Rnvds
znSY)5uSUDM82@#;kN<iVI7pHs3NfB0K`|Ev>a5}tX;|g&%`E<-$aZH?qW>ugX|QVx
zz}ox&aidKC$0z&zk5_@`-~T^nM`UjS_)}Q`659WR*#O>w`^)wD-WssC2JB%AF!G;7
zQB5ETCg@Fq-S@Fh|37Xoy#IIH*~|Y|frH|kerG9LgG9JHj>)#L52@H}LOGA%?%kZf
zgL%@2&B<QC;lb?~fe(k&rzC`c`|$*smE$&xJ62p!5=!t1g8?SV+`o=d;BSY|d<O8y
zbDV<%xE5&Q6(v<Dor*^XZO)sFqlgP-GdCbf-AJ!CkS1^F=BukXHTWqT6il05tNGVI
z0@F0~?~6d1e_rMZz%}%L+G>~czgwrr`~1&WfnxkO#V-n(eQTwx_xDV`_f4WFoui2l
zuGaV~@}Rw9+E|q??~;htNE8V^#lS0s__|$iSF(XRvN2&kYQ7@tN+8xJL@E^ZdyHgV
z(oroLK>g(Xf7SB*!p+Q#Bb%1FFw$wN+$9!BJIUM=FR6-Nc*77tDlSYkZu&x>h5#dh
zTK_H8^~X3Nb3Kkn$j+`WKezj(0s#BWDK~kp`FK^KH9AGh5zYD3wLBCacD39*+cGfe
zd&T-ox?R<^h85Xz8{=Qs2W*ylSKT8Kf-HtnTBr=b+<3^F4cvkW;aO3hb|#geY_y`H
zO_uvQOh0m|lEquTU$EH%Y%+bDk@xYJ%kxzO-)I3Ws!JBd3qj-0$Hj%x_n)3WN_phA
zD9dSwRZW*2#1)5dWuMh)j8zD>Cb~2ya^>+@vC8=z$Zc_$Y{zXISEM>_iz=VNxGj$U
zGo~_^LmNn-y`<R;|GGY4FKIH^OPal;v9Omke_~1Fb2iPNN#hv8(JZrLvw0Bx(w9JV
sVHC!Kgq62LM~fx%$V2ju&feg>hdu0J4=)V=9{>RV|IP!!%m8Wt0Fb4C0ssI2

literal 0
HcmV?d00001

diff --git a/charts/gmsa/Chart.yaml b/charts/gmsa/Chart.yaml
index f57410fa..28f985ab 100644
--- a/charts/gmsa/Chart.yaml
+++ b/charts/gmsa/Chart.yaml
@@ -10,4 +10,4 @@ name: gmsa
 sources:
 - https://github.com/kubernetes-sigs/windows-gmsa
 type: application
-version: 0.4.2
+version: 0.4.3
diff --git a/charts/gmsa/values.yaml b/charts/gmsa/values.yaml
index 645bf996..bb2e6bc1 100644
--- a/charts/gmsa/values.yaml
+++ b/charts/gmsa/values.yaml
@@ -21,7 +21,7 @@ credential:
 containerPort: "443"
 
 image:
-  repository: k8s.gcr.io/gmsa-webhook/k8s-gmsa-webhook
+  repository: registry.k8s.io/gmsa-webhook/k8s-gmsa-webhook
   tag: v0.4.0
   imagePullPolicy: IfNotPresent