Generated changes

2020-12-08 22:05:22 +00:00 · 2020-12-08 22:05:22 +00:00 · 8095ca174f
parent 3e9ace377a
commit 8095ca174f
11 changed files with 69 additions and 17 deletions
--- a/assets/index.yaml
+++ b/assets/index.yaml
@ -794,6 +794,33 @@ entries:
    - assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.100.tgz
    version: 1.0.100
  rancher-externalip-webhook:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: External IP Webhook
+      catalog.cattle.io/namespace: cattle-externalip-system
+      catalog.cattle.io/release-name: rancher-externalip-webhook
+      catalog.cattle.io/ui-component: rancher-externalip-webhook
+    apiVersion: v1
+    appVersion: v0.1.4
+    created: "2020-12-08T22:05:21.819947668Z"
+    description: |
+      Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
+    digest: abc86966d4a49e37ea0a7e90f38bc267a73cb9fc3a9ce96e407bae760eb9af95
+    home: https://github.com/rancher/externalip-webhook
+    keywords:
+    - cve
+    - externalip
+    - webhook
+    - security
+    maintainers:
+    - email: raul@rancher.com
+      name: rawmind0
+    name: rancher-externalip-webhook
+    sources:
+    - https://github.com/rancher/externalip-webhook
+    urls:
+    - assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
+    version: 0.1.400
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
@ -2245,4 +2272,4 @@ entries:
    urls:
    - assets/rio/rio-0.8.000.tgz
    version: 0.8.000
-generated: "2020-12-08T19:09:47.204545583Z"
+generated: "2020-12-08T22:05:21.818659463Z"
--- a/assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
+++ b/assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
--- a/charts/rancher-externalip-webhook/Chart.yaml
+++ b/charts/rancher-externalip-webhook/Chart.yaml
@ -5,13 +5,12 @@ annotations:
  catalog.cattle.io/release-name: rancher-externalip-webhook
  catalog.cattle.io/ui-component: rancher-externalip-webhook
 apiVersion: v1
-appVersion: v0.1.3
+appVersion: v0.1.4
 description: |
  Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
 home: https://github.com/rancher/externalip-webhook
 keywords:
 - cve
- embargo
 - externalip
 - webhook
 - security
@ -21,4 +20,4 @@ maintainers:
 name: rancher-externalip-webhook
 sources:
 - https://github.com/rancher/externalip-webhook
-version: 0.1.300
+version: 0.1.400
--- a/charts/rancher-externalip-webhook/app-README.md
+++ b/charts/rancher-externalip-webhook/app-README.md
@ -3,8 +3,7 @@
 This chart was created to mitigate [CVE-2020-8554](https://www.cvedetails.com/cve/CVE-2020-8554/)

 External IP Webhook is a validating k8s webhook which prevents services from using random external IPs. Cluster administrators
-can specify list of CIDRs allowed to be used as external IP by specifying `allowed-external-ip-cidrs` parameter.
-Webhook will only allow creation of services which doesn't require external IP or whose external IPs are within the range
-specified by the administrator.
+can specify list of CIDRs allowed to be used as external IP by specifying `allowed-external-ip-cidrs` parameter. 
+The webhook will only allow services which either don’t set external IP, or whose external IPs are within the range specified by the administrator.

 For more information, review the Helm README of this chart.
--- a/charts/rancher-externalip-webhook/questions.yaml
+++ b/charts/rancher-externalip-webhook/questions.yaml
@ -4,4 +4,4 @@ questions:
  label: Allowed external IP cidrs
  description: Set allowed external IP CIDRs separated by a comma
  type: string
-  group: config
+  group: Configuration
--- a/charts/rancher-externalip-webhook/templates/deployment.yaml
+++ b/charts/rancher-externalip-webhook/templates/deployment.yaml
@ -10,8 +10,8 @@ metadata:
 spec:
  replicas: {{ .Values.replicas }}
  selector:
-    matchLabels: {{ include "externalip-webhook.labels" . | indent 6 }}
-      chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    matchLabels:
+      app: {{ template "externalip-webhook.name" . }}
  template:
    metadata:
      annotations:
--- a/charts/rancher-externalip-webhook/templates/service.yaml
+++ b/charts/rancher-externalip-webhook/templates/service.yaml
@ -12,7 +12,7 @@ spec:
    protocol: TCP
    targetPort: {{ .Values.webhookPort }}
  selector:
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    app: {{ template "externalip-webhook.name" . }}
  type: "ClusterIP"
 {{- if .Values.metrics.enabled }}
 ---
@ -30,6 +30,6 @@ spec:
    protocol: TCP
    targetPort: {{ .Values.metrics.port }}
  selector:
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    app: {{ template "externalip-webhook.name" . }}
  type: "ClusterIP"
 {{- end }}
--- a/charts/rancher-externalip-webhook/templates/servicemonitor.yaml
+++ b/charts/rancher-externalip-webhook/templates/servicemonitor.yaml
@ -11,6 +11,6 @@ spec:
    - path: /metrics
      port: https
  selector:
-    matchLabels: {{ include "externalip-webhook.labels" . | indent 6 }}
-      chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    matchLabels:
+      app: {{ template "externalip-webhook.name" . }}
 {{- end }}
--- a/charts/rancher-externalip-webhook/values.yaml
+++ b/charts/rancher-externalip-webhook/values.yaml
@ -15,7 +15,7 @@ image:
  pullPolicy: IfNotPresent
  pullSecrets: []
  repository: rancher/externalip-webhook
-  tag: v0.1.3
+  tag: v0.1.4
 ## Enabling metrics endpoint
 # Webhook emits `webhook_failed_request_count` metrics whenever it rejects service creation or update operation
 metrics:
--- a/index.yaml
+++ b/index.yaml
@ -794,6 +794,33 @@ entries:
    - assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.100.tgz
    version: 1.0.100
  rancher-externalip-webhook:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: External IP Webhook
+      catalog.cattle.io/namespace: cattle-externalip-system
+      catalog.cattle.io/release-name: rancher-externalip-webhook
+      catalog.cattle.io/ui-component: rancher-externalip-webhook
+    apiVersion: v1
+    appVersion: v0.1.4
+    created: "2020-12-08T22:05:21.819947668Z"
+    description: |
+      Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
+    digest: abc86966d4a49e37ea0a7e90f38bc267a73cb9fc3a9ce96e407bae760eb9af95
+    home: https://github.com/rancher/externalip-webhook
+    keywords:
+    - cve
+    - externalip
+    - webhook
+    - security
+    maintainers:
+    - email: raul@rancher.com
+      name: rawmind0
+    name: rancher-externalip-webhook
+    sources:
+    - https://github.com/rancher/externalip-webhook
+    urls:
+    - assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
+    version: 0.1.400
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
@ -2245,4 +2272,4 @@ entries:
    urls:
    - assets/rio/rio-0.8.000.tgz
    version: 0.8.000
-generated: "2020-12-08T19:09:47.204545583Z"
+generated: "2020-12-08T22:05:21.818659463Z"
--- a/sha256sum/rancher-externalip-webhook/rancher-externalip-webhook.sum
+++ b/sha256sum/rancher-externalip-webhook/rancher-externalip-webhook.sum
@ -1 +1 @@
-f6bf0708fa426f2b4343691ca3c3fff2a7b6bd502af5ed3b0aeae51e011b5c8f  packages/rancher-externalip-webhook/package.yaml
+9f7d1eaa86b2b929e679dac7bb94e1632e959e6bc3f1137010474a24a38844b2  packages/rancher-externalip-webhook/package.yaml