andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add NeuVector chart version 2.2.4

pull/2187/head
selvamt94 2022-10-31 19:48:20 -07:00
parent 220dc23030
commit 4da0324977
7 changed files with 37 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/neuvector/generated-changes/overlay/questions.yaml
View File

@ -1,11 +1,5 @@
questions: questions:
#image configurations #image configurations
- variable: registry
default: "docker.io"
description: image registry
type: string
label: Image Registry
group: "Container Images"
- variable: controller.image.repository - variable: controller.image.repository
default: "neuvector/controller" default: "neuvector/controller"
description: controller image repository description: controller image repository

8
packages/neuvector/generated-changes/patch/Chart.yaml.patch
View File

@ -10,13 +10,13 @@
+ catalog.cattle.io/os: linux + catalog.cattle.io/os: linux
+ catalog.cattle.io/permit-os: linux + catalog.cattle.io/permit-os: linux
+ catalog.cattle.io/provides-gvr: neuvector.com/v1 + catalog.cattle.io/provides-gvr: neuvector.com/v1
+ catalog.cattle.io/rancher-version: '>= 2.7.0.0 < 2.8.0-0' + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+ catalog.cattle.io/release-name: neuvector + catalog.cattle.io/release-name: neuvector
+ catalog.cattle.io/type: cluster-tool + catalog.cattle.io/type: cluster-tool
+ catalog.cattle.io/ui-component: neuvector + catalog.cattle.io/ui-component: neuvector
+ catalog.cattle.io/upstream-version: 2.2.3 + catalog.cattle.io/upstream-version: 2.2.4
apiVersion: v1 apiVersion: v1
appVersion: 5.0.3 appVersion: 5.0.4
-description: Helm chart for NeuVector's core services -description: Helm chart for NeuVector's core services
+description: Helm feature chart for NeuVector's core services +description: Helm feature chart for NeuVector's core services
home: https://neuvector.com home: https://neuvector.com
@ -30,4 +30,4 @@
+name: neuvector +name: neuvector
+sources: +sources:
+- https://github.com/neuvector/neuvector +- https://github.com/neuvector/neuvector
version: 2.2.3 version: 2.2.4

18
packages/neuvector/generated-changes/patch/README.md.patch
View File

@ -5,7 +5,7 @@
`controller.affinity` | controller affinity rules | ... | spread controllers to different nodes | `controller.affinity` | controller affinity rules | ... | spread controllers to different nodes |
`controller.tolerations` | List of node taints to tolerate | `nil` | `controller.tolerations` | List of node taints to tolerate | `nil` |
-`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](values.yaml) -`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](values.yaml)
+`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`controller.resources` | Add resources requests and limits to controller deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`controller.nodeSelector` | Enable and specify nodeSelector labels | `{}` | `controller.nodeSelector` | Enable and specify nodeSelector labels | `{}` |
`controller.disruptionbudget` | controller PodDisruptionBudget. 0 to disable. Recommended value: 2. | `0` | `controller.disruptionbudget` | controller PodDisruptionBudget. 0 to disable. Recommended value: 2. | `0` |
`controller.priorityClassName` | controller priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` | `controller.priorityClassName` | controller priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` |
@ -14,7 +14,7 @@
`controller.federation.mastersvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually) `controller.federation.mastersvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
`controller.federation.mastersvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. `controller.federation.mastersvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
-`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml) -`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
+`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`controller.federation.mastersvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`controller.federation.managedsvc.type` | Multi-cluster managed cluster service type. If specified, the deployment will be managed by the managed clsuter. Possible values include NodePort, LoadBalancer and ClusterIP. | `nil` | `controller.federation.managedsvc.type` | Multi-cluster managed cluster service type. If specified, the deployment will be managed by the managed clsuter. Possible values include NodePort, LoadBalancer and ClusterIP. | `nil` |
`controller.federation.managedsvc.annotations` | Add annotations to Multi-cluster managed cluster REST API service | `{}` | `controller.federation.managedsvc.annotations` | Add annotations to Multi-cluster managed cluster REST API service | `{}` |
`controller.federation.managedsvc.route.enabled` | If true, create a OpenShift route to expose the Multi-cluster managed cluster service | `false` | `controller.federation.managedsvc.route.enabled` | If true, create a OpenShift route to expose the Multi-cluster managed cluster service | `false` |
@ -23,7 +23,7 @@
`controller.federation.managedsvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually) `controller.federation.managedsvc.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
`controller.federation.managedsvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. `controller.federation.managedsvc.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
-`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml) -`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
+`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`controller.federation.managedsvc.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`controller.ingress.enabled` | If true, create ingress for rest api, must also set ingress host value | `false` | enable this if ingress controller is installed `controller.ingress.enabled` | If true, create ingress for rest api, must also set ingress host value | `false` | enable this if ingress controller is installed
`controller.ingress.tls` | If true, TLS is enabled for controller rest api ingress service |`false` | If set, the tls-host used is the one set with `controller.ingress.host`. `controller.ingress.tls` | If true, TLS is enabled for controller rest api ingress service |`false` | If set, the tls-host used is the one set with `controller.ingress.host`.
`controller.ingress.host` | Must set this host value if ingress is enabled | `nil` | `controller.ingress.host` | Must set this host value if ingress is enabled | `nil` |
@ -31,7 +31,7 @@
`controller.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually) `controller.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
`controller.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. `controller.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations.
-`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml) -`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
+`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`controller.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`controller.configmap.enabled` | If true, configure NeuVector global settings using a ConfigMap | `false` `controller.configmap.enabled` | If true, configure NeuVector global settings using a ConfigMap | `false`
`controller.configmap.data` | NeuVector configuration in YAML format | `{}` `controller.configmap.data` | NeuVector configuration in YAML format | `{}`
`controller.secret.enabled` | If true, configure NeuVector global settings using secrets | `false` `controller.secret.enabled` | If true, configure NeuVector global settings using secrets | `false`
@ -40,7 +40,7 @@
`enforcer.priorityClassName` | enforcer priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` | `enforcer.priorityClassName` | enforcer priorityClassName. Must exist prior to helm deployment. Leave empty to disable. | `nil` |
`enforcer.tolerations` | List of node taints to tolerate | `- effect: NoSchedule`<br>`key: node-role.kubernetes.io/master` | other taints can be added after the default `enforcer.tolerations` | List of node taints to tolerate | `- effect: NoSchedule`<br>`key: node-role.kubernetes.io/master` | other taints can be added after the default
-`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](values.yaml) -`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](values.yaml)
+`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`enforcer.resources` | Add resources requests and limits to enforcer deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`manager.enabled` | If true, create manager | `true` | `manager.enabled` | If true, create manager | `true` |
`manager.image.repository` | manager image repository | `neuvector/manager` | `manager.image.repository` | manager image repository | `neuvector/manager` |
`manager.image.hash` | manager image hash in the format of sha256:xxxx. If present it overwrites the image tag value. | | `manager.image.hash` | manager image hash in the format of sha256:xxxx. If present it overwrites the image tag value. | |
@ -49,7 +49,7 @@
`manager.svc.type` | set manager service type for native Kubernetes | `NodePort`;<br>if it is OpenShift platform or ingress is enabled, then default is `ClusterIP` | set to LoadBalancer if using cloud providers, such as Azure, Amazon, Google `manager.svc.type` | set manager service type for native Kubernetes | `NodePort`;<br>if it is OpenShift platform or ingress is enabled, then default is `ClusterIP` | set to LoadBalancer if using cloud providers, such as Azure, Amazon, Google
`manager.svc.loadBalancerIP` | if manager service type is LoadBalancer, this is used to specify the load balancer's IP | `nil` | `manager.svc.loadBalancerIP` | if manager service type is LoadBalancer, this is used to specify the load balancer's IP | `nil` |
-`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](values.yaml) -`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](values.yaml)
+`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`manager.svc.annotations` | Add annotations to manager service | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`manager.route.enabled` | If true, create a OpenShift route to expose the management console service | `true` | `manager.route.enabled` | If true, create a OpenShift route to expose the management console service | `true` |
`manager.route.host` | Set OpenShift route host for management console service | `nil` | `manager.route.host` | Set OpenShift route host for management console service | `nil` |
`manager.route.termination` | Specify TLS termination for OpenShift route for management console service. Possible passthrough, edge, reencrypt | `passthrough` | `manager.route.termination` | Specify TLS termination for OpenShift route for management console service. Possible passthrough, edge, reencrypt | `passthrough` |
@ -58,11 +58,11 @@
`manager.ingress.ingressClassName` | To be used instead of the ingress.class annotation if an IngressClass is provisioned | `""` | `manager.ingress.ingressClassName` | To be used instead of the ingress.class annotation if an IngressClass is provisioned | `""` |
`manager.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. Currently only supports `/` `manager.ingress.path` | Set ingress path |`/` | If set, it might be necessary to set a rewrite rule in annotations. Currently only supports `/`
-`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml) -`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](values.yaml)
+`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`manager.ingress.annotations` | Add annotations to ingress to influence behavior | `nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`manager.ingress.tls` | If true, TLS is enabled for manager ingress service |`false` | If set, the tls-host used is the one set with `manager.ingress.host`. `manager.ingress.tls` | If true, TLS is enabled for manager ingress service |`false` | If set, the tls-host used is the one set with `manager.ingress.host`.
`manager.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually) `manager.ingress.secretName` | Name of the secret to be used for TLS-encryption | `nil` | Secret must be created separately (Let's encrypt, manually)
-`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](values.yaml) -`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](values.yaml)
+`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) +`manager.resources` | Add resources requests and limits to manager deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml)
`manager.affinity` | manager affinity rules | `{}` | `manager.affinity` | manager affinity rules | `{}` |
`manager.tolerations` | List of node taints to tolerate | `nil` | `manager.tolerations` | List of node taints to tolerate | `nil` |
`manager.nodeSelector` | Enable and specify nodeSelector labels | `{}` | `manager.nodeSelector` | Enable and specify nodeSelector labels | `{}` |
@ -71,7 +71,7 @@
`cve.scanner.replicas` | external scanner replicas | `3` | `cve.scanner.replicas` | external scanner replicas | `3` |
`cve.scanner.dockerPath` | the remote docker socket if CI/CD integration need scan images before they are pushed to the registry | `nil` | `cve.scanner.dockerPath` | the remote docker socket if CI/CD integration need scan images before they are pushed to the registry | `nil` |
-`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](values.yaml) | -`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](values.yaml) |
+`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.3/charts/core/values.yaml) | +`cve.scanner.resources` | Add resources requests and limits to scanner deployment | `{}` | see examples in [values.yaml](https://github.com/neuvector/neuvector-helm/tree/2.2.4/charts/core/values.yaml) |
`cve.scanner.affinity` | scanner affinity rules | `{}` | `cve.scanner.affinity` | scanner affinity rules | `{}` |
`cve.scanner.tolerations` | List of node taints to tolerate | `nil` | `cve.scanner.tolerations` | List of node taints to tolerate | `nil` |
`cve.scanner.nodeSelector` | Enable and specify nodeSelector labels | `{}` | `cve.scanner.nodeSelector` | Enable and specify nodeSelector labels | `{}` |

29
packages/neuvector/generated-changes/patch/values.yaml.patch
View File

@ -1,10 +1,17 @@
--- charts-original/values.yaml --- charts-original/values.yaml
+++ charts/values.yaml +++ charts/values.yaml
@@ -5,12 +5,10 @@ @@ -2,15 +2,17 @@
# This is a YAML-formatted file.
# Declare variables to be passed into the templates.
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
openshift: false openshift: false
registry: docker.io registry: docker.io
-tag: 5.0.3 -tag: 5.0.4
oem: oem:
-imagePullSecrets: -imagePullSecrets:
psp: false psp: false
@ -14,17 +21,17 @@
controller: controller:
# If false, controller will not be installed # If false, controller will not be installed
@@ -22,7 +20,8 @@ @@ -22,7 +24,8 @@
maxSurge: 1 maxSurge: 1
maxUnavailable: 0 maxUnavailable: 0
image: image:
- repository: neuvector/controller - repository: neuvector/controller
+ repository: rancher/mirrored-neuvector-controller + repository: rancher/mirrored-neuvector-controller
+ tag: 5.0.3 + tag: 5.0.4
hash: hash:
replicas: 3 replicas: 3
disruptionbudget: 0 disruptionbudget: 0
@@ -68,7 +67,7 @@ @@ -68,7 +71,7 @@
# -----BEGIN PRIVATE KEY----- # -----BEGIN PRIVATE KEY-----
# -----END PRIVATE KEY----- # -----END PRIVATE KEY-----
ranchersso: ranchersso:
@ -33,27 +40,27 @@
pvc: pvc:
enabled: false enabled: false
accessModes: accessModes:
@@ -206,7 +205,8 @@ @@ -206,7 +209,8 @@
# If false, enforcer will not be installed # If false, enforcer will not be installed
enabled: true enabled: true
image: image:
- repository: neuvector/enforcer - repository: neuvector/enforcer
+ repository: rancher/mirrored-neuvector-enforcer + repository: rancher/mirrored-neuvector-enforcer
+ tag: 5.0.3 + tag: 5.0.4
hash: hash:
priorityClassName: priorityClassName:
tolerations: tolerations:
@@ -224,7 +224,8 @@ @@ -224,7 +228,8 @@
# If false, manager will not be installed # If false, manager will not be installed
enabled: true enabled: true
image: image:
- repository: neuvector/manager - repository: neuvector/manager
+ repository: rancher/mirrored-neuvector-manager + repository: rancher/mirrored-neuvector-manager
+ tag: 5.0.3 + tag: 5.0.4
hash: hash:
priorityClassName: priorityClassName:
env: env:
@@ -292,7 +293,7 @@ @@ -292,7 +297,7 @@
enabled: true enabled: true
secure: false secure: false
image: image:
@ -62,7 +69,7 @@
tag: latest tag: latest
hash: hash:
schedule: "0 0 * * *" schedule: "0 0 * * *"
@@ -308,7 +309,7 @@ @@ -308,7 +313,7 @@
maxSurge: 1 maxSurge: 1
maxUnavailable: 0 maxUnavailable: 0
image: image:

4
packages/neuvector/package.yaml
View File

@ -1,5 +1,5 @@
url: https://neuvector.github.io/neuvector-helm/core-2.2.3.tgz url: https://neuvector.github.io/neuvector-helm/core-2.2.4.tgz
version: 101.0.0 version: 101.0.1
additionalCharts: additionalCharts:
- workingDir: charts-crd - workingDir: charts-crd
crdOptions: crdOptions:

4
packages/neuvector/templates/crd-template/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/certified: rancher catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: true catalog.cattle.io/hidden: true
apiVersion: v1 apiVersion: v1
appVersion: 5.0.3 appVersion: 5.0.4
description: Helm chart for NeuVector's CRD services description: Helm chart for NeuVector's CRD services
home: https://neuvector.com home: https://neuvector.com
icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4 icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4
@ -12,5 +12,5 @@ maintainers:
- email: support@neuvector.com - email: support@neuvector.com
name: becitsthere name: becitsthere
name: neuvector-crd name: neuvector-crd
version: 2.2.3 version: 2.2.4
type: application type: application

2
release.yaml
View File

@ -18,8 +18,10 @@ longhorn-crd:
- 100.2.3+up1.3.2 - 100.2.3+up1.3.2
neuvector: neuvector:
- 101.0.0+up2.2.3 - 101.0.0+up2.2.3
- 101.0.1+up2.2.4
neuvector-crd: neuvector-crd:
- 101.0.0+up2.2.3 - 101.0.0+up2.2.3
- 101.0.1+up2.2.4
prometheus-federator: prometheus-federator:
- 1.0.0+up0.1.1 - 1.0.0+up0.1.1
rancher-aks-operator: rancher-aks-operator: