bumped main chart `epinio` to version 1.8.1.

2023-05-25 16:01:30 +02:00 · 2023-05-25 16:01:30 +02:00 · 34a26c0f20
parent 0466c56341
commit 34a26c0f20
13 changed files with 147 additions and 33 deletions
--- a/packages/epinio/epinio/generated-changes/dependencies/epinio-ui/dependency.yaml
+++ b/packages/epinio/epinio/generated-changes/dependencies/epinio-ui/dependency.yaml
@ -1,2 +0,0 @@
-workingDir: ""
-url: packages/epinio/epinio-ui
--- a/packages/epinio/epinio/generated-changes/dependencies/s3gw/dependency.yaml
+++ b/packages/epinio/epinio/generated-changes/dependencies/s3gw/dependency.yaml
@ -0,0 +1,2 @@
+workingDir: ""
+url: packages/epinio/s3gw
--- a/packages/epinio/epinio/generated-changes/overlay/assets/epinio-application-0.1.24.tgz
+++ b/packages/epinio/epinio/generated-changes/overlay/assets/epinio-application-0.1.24.tgz
--- a/packages/epinio/epinio/generated-changes/overlay/assets/epinio-application-0.1.26.tgz
+++ b/packages/epinio/epinio/generated-changes/overlay/assets/epinio-application-0.1.26.tgz
--- a/packages/epinio/epinio/generated-changes/overlay/templates/ui/security.yaml
+++ b/packages/epinio/epinio/generated-changes/overlay/templates/ui/security.yaml
@ -0,0 +1,90 @@
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" -}}
+{{- if .Values.global.rbac.pspEnabled }}
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: epinio-ui
+  namespace: {{ .Release.Namespace }}
+
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: epinio-ui-psp
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: "{{ replace "+" "_" .Chart.Version }}"
+    app.kubernetes.io/part-of: epinio-ui
+    app: epinio-ui
+{{- if .Values.global.rbac.pspAnnotations }}
+  annotations: {{ toYaml .Values.global.rbac.pspAnnotations | nindent 4 }}
+{{- end }}
+spec:
+  privileged: false
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    # Permits the container to run with root privileges as well.
+    rule: 'RunAsAny'
+  seLinux:
+    # This policy assumes the nodes are using AppArmor rather than SELinux.
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 0
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      # Forbid adding the root group.
+      - min: 0
+        max: 65535
+  readOnlyRootFilesystem: false
+
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: epinio-ui-psp
+  labels:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: "{{ replace "+" "_" .Chart.Version }}"
+    app.kubernetes.io/part-of: epinio-ui
+    app: epinio-ui
+rules:
+{{- if semverCompare "> 1.15.0-0" .Capabilities.KubeVersion.GitVersion }}
+- apiGroups: ['policy']
+{{- else }}
+- apiGroups: ['extensions']
+{{- end }}
+  resources: ['podsecuritypolicies']
+  verbs:     ['use']
+  resourceNames:
+  - epinio-ui-psp
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: epinio-ui-psp
+  labels:
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: "{{ replace "+" "_" .Chart.Version }}"
+    app.kubernetes.io/part-of: epinio-ui
+    app: epinio-ui
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: epinio-ui-psp
+subjects:
+  - kind: ServiceAccount
+    name: epinio-ui
+    namespace: {{ .Release.Namespace }}
+
+{{- end }}
+{{- end -}}
--- a/packages/epinio/epinio/generated-changes/patch/Chart.yaml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/Chart.yaml.patch
@ -15,7 +15,7 @@
 +  catalog.cattle.io/type: app
 +  catalog.cattle.io/upstream-version: 1.6.2
 apiVersion: v2
- appVersion: v1.6.2
+ appVersion: v1.8.1
 dependencies:
@@ -26,7 +37,7 @@
 description: Epinio deploys Kubernetes applications directly from source code in one
--- a/packages/epinio/epinio/generated-changes/patch/questions.yml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/questions.yml.patch
@ -8,6 +8,6 @@
 +  label: "Enable PodSecurityPolicies"
 +  type: boolean
 +  group: "Security Settings"
- - variable: email
-   label: Email
-   description: "Email to use for getting notifications about your certificates"
+ - variable: global.tlsIssuerEmail
+   label: Issuer Email Receiver
+   description: "Email address to receive the certificate notification emails send by the `letsencrypt-production` issuer"
--- a/packages/epinio/epinio/generated-changes/patch/templates/_helpers.tpl.patch
+++ b/packages/epinio/epinio/generated-changes/patch/templates/_helpers.tpl.patch
@ -1,6 +1,6 @@
 --- charts-original/templates/_helpers.tpl
 +++ charts/templates/_helpers.tpl
-@@ -158,3 +158,22 @@
+@@ -175,3 +175,22 @@
 {{- define "epinio-truncate" -}}
 {{ print "r" (trunc 21 (include "epinio-name-sanitize" .)) "-" (sha1sum .) }}
 {{- end }}
--- a/packages/epinio/epinio/generated-changes/patch/templates/default-app-chart.yaml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/templates/default-app-chart.yaml.patch
@ -1,8 +1,11 @@
 --- charts-original/templates/default-app-chart.yaml
 +++ charts/templates/default-app-chart.yaml
-@@ -12,4 +12,4 @@
+@@ -12,7 +12,7 @@
 spec:
   shortDescription: Epinio standard deployment
   description: Epinio standard support chart for application deployment
-  helmChart: https://github.com/epinio/helm-charts/releases/download/epinio-application-0.1.24/epinio-application-0.1.24.tgz
-+  helmChart: /assets/epinio-application-0.1.24.tgz
+-  helmChart: https://github.com/epinio/helm-charts/releases/download/epinio-application-0.1.26/epinio-application-0.1.26.tgz
+  helmChart: /assets/epinio-application-0.1.26/epinio-application-0.1.26.tgz
+   settings:
+     appListeningPort:
+       type: 'integer'
--- a/packages/epinio/epinio/generated-changes/patch/templates/server.yaml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/templates/server.yaml.patch
@ -16,7 +16,7 @@
       - name: tmp-volume
         emptyDir: {}
       - name: image-export-volume
-@@ -323,6 +330,8 @@
+@@ -333,6 +340,8 @@
           ports:
             - containerPort: 8030
           volumeMounts:
@ -25,12 +25,3 @@
           - name: tmp-volume
             mountPath: /tmp
           - name: image-export-volume
-@@ -349,7 +358,7 @@
- kind: PersistentVolumeClaim
- metadata:
-   name: image-export-pvc
-  namespace: epinio
-+  namespace: {{ .Release.Namespace }}
- spec:
-   accessModes:
-     - ReadWriteOnce
--- a/packages/epinio/epinio/generated-changes/patch/templates/ui/deployment.yaml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/templates/ui/deployment.yaml.patch
@ -0,0 +1,25 @@
+--- charts-original/templates/ui/deployment.yaml
+++ charts/templates/ui/deployment.yaml
+@@ -20,6 +20,15 @@
+         app.kubernetes.io/name: epinio-ui
+         app.kubernetes.io/instance: {{ .Release.Name }}
+     spec:
+      nodeSelector:
+        {{- include "linux-node-selector" . | nindent 8 }}
+      tolerations:
+        {{- include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
+{{- if .Values.global.rbac.pspEnabled }}
+      serviceAccountName: epinio-ui
+{{- end }}
+{{- end }}
+       containers:
+       - name: epinio-ui
+         {{ $epinioUiImage := index .Values "image" "epinio-ui" -}}
+@@ -109,4 +118,4 @@
+         - name: db
+           emptyDir: {}
+ 
+-{{- end }}
+\ No newline at end of file
+{{- end }}
--- a/packages/epinio/epinio/generated-changes/patch/values.yaml.patch
+++ b/packages/epinio/epinio/generated-changes/patch/values.yaml.patch
@ -1,20 +1,25 @@
 --- charts-original/values.yaml
 +++ charts/values.yaml
-@@ -7,26 +7,23 @@
- 
+@@ -11,30 +11,26 @@
+ email: "epinio@suse.com"
 image:
   epinio:
 -    registry: ghcr.io/
 -    repository: epinio/epinio-server
 -    tag: ""
 +    repository: rancher/mirrored-epinio-epinio-server
-+    tag: v1.6.2
+    tag: v1.8.1
+   epinio-ui:
+-    registry: ghcr.io/
+-    repository: epinio/epinio-ui
+    repository: rancher/mirrored-epinio-epinio-ui
+     tag: v1.8.1-0.0.1
   bash:
 -    registry: ghcr.io/
 -    repository: epinio/epinio-unpacker
 -    tag: ""
 +    repository: rancher/mirrored-epinio-epinio-unpacker
-+    tag: v1.6.2
+    tag: v1.8.1
   awscli:
 -    repository: amazon/aws-cli
 +    repository: rancher/mirrored-amazon-aws-cli
@ -32,11 +37,11 @@
 -    repository: paketobuildpacks/builder
 -    tag: full
 +    repository: rancher/mirrored-paketobuildpacks-builder
-+    tag: 0.2.289-full
- 
+    tag: 0.2.407-full
 server:
   # Domain which serves the Rancher UI (to access the API)
-@@ -124,10 +121,10 @@
+   accessControlAllowOrigin: ""
+@@ -155,10 +151,10 @@
   enabled: true
   image:
     registry:
@ -49,12 +54,12 @@
       tag: 1.23.2-alpine
   imagePullPolicy: IfNotPresent
   # The ingressClassName is used to select the ingress controller. If
-@@ -139,6 +136,8 @@
+@@ -168,6 +164,8 @@
+   # Enable service catalog service for development
   enableDevServices: true
- 
 global:
 +  rbac:
 +    pspEnabled: false
+   dex:
+     enabled: true
   # The domain that will be used to access the epinio API server and the registry
-   domain: ""
-   # Connection details for the container registry.
--- a/packages/epinio/epinio/package.yaml
+++ b/packages/epinio/epinio/package.yaml
@ -1,5 +1,5 @@
-url: https://github.com/epinio/helm-charts/releases/download/epinio-1.6.2/epinio-1.6.2.tgz
-version: 102.0.2
+url: https://github.com/epinio/helm-charts/releases/download/epinio-1.8.1/epinio-1.8.1.tgz
+version: 102.0.3
 additionalCharts:
  - workingDir: charts-crd
    crdOptions: