cilium: add configurable Helm chart repository

[GmrezaH]

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespaces from that line:

/kind api-change
/kind bug
/kind cleanup
/kind design
/kind documentation
/kind failing-test

/kind feature

/kind flake

What this PR does / why we need it:

This PR adds support for specifying a custom Helm chart repository when installing Cilium through Kubespray.

Currently, Kubespray installs Cilium using the default upstream Helm chart location, which is not suitable for air-gapped or restricted environments.
This change introduces a new variable, cilium_chart_repository_url, and adds the corresponding --repository flag to the Cilium install/upgrade task.

This allows users to:

• Mirror the Cilium chart internally for offline deployments

• Retain the existing Cilium installation workflow, including Kubespray’s pre-flight and post-flight checks

• Avoid switching to custom_cni, which lacks Cilium-specific checks

The default behavior remains unchanged for users who do not set the variable.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

• The new variable is optional and defaults to the cilium upstream chart repository.

• Behavior is fully backward compatible.

• This aligns Cilium with how other CNIs can reference custom chart repositories while keeping Cilium’s enhanced validation tasks.

Does this PR introduce a user-facing change?:

NONE

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: GmrezaH
Once this PR has been reviewed and has the lgtm label, please assign mzaian for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @GmrezaH. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[bbaassssiiee]

The same can be achieved, without a code change, defining:

cilium_install_extra_flags: "--repository {{ files_repo }}/helm.cilium.io/"

#12534 (comment)

[VannTen]

@GmrezaH is the solution above working for you ?

[yankay]

/ok-to-test