Generated changes

2020-12-08 22:05:22 +00:00 · 2020-12-08 22:05:22 +00:00 · 8095ca174f
parent 3e9ace377a
commit 8095ca174f
11 changed files with 69 additions and 17 deletions
--- a/assets/index.yaml
+++ b/assets/index.yaml
@ -794,6 +794,33 @@ entries:
    - assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.100.tgz
    version: 1.0.100
  rancher-externalip-webhook:
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
      catalog.cattle.io/namespace: cattle-externalip-system
      catalog.cattle.io/release-name: rancher-externalip-webhook
      catalog.cattle.io/ui-component: rancher-externalip-webhook
    apiVersion: v1
    appVersion: v0.1.4
    created: "2020-12-08T22:05:21.819947668Z"
    description: |
      Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
    digest: abc86966d4a49e37ea0a7e90f38bc267a73cb9fc3a9ce96e407bae760eb9af95
    home: https://github.com/rancher/externalip-webhook
    keywords:
    - cve
    - externalip
    - webhook
    - security
    maintainers:
    - email: raul@rancher.com
      name: rawmind0
    name: rancher-externalip-webhook
    sources:
    - https://github.com/rancher/externalip-webhook
    urls:
    - assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
    version: 0.1.400
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
@ -2245,4 +2272,4 @@ entries:
    urls:
    - assets/rio/rio-0.8.000.tgz
    version: 0.8.000
-generated: "2020-12-08T19:09:47.204545583Z"
+generated: "2020-12-08T22:05:21.818659463Z"
--- a/assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
+++ b/assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
--- a/charts/rancher-externalip-webhook/Chart.yaml
+++ b/charts/rancher-externalip-webhook/Chart.yaml
@ -5,13 +5,12 @@ annotations:
  catalog.cattle.io/release-name: rancher-externalip-webhook
  catalog.cattle.io/ui-component: rancher-externalip-webhook
 apiVersion: v1
-appVersion: v0.1.3
+appVersion: v0.1.4
 description: |
  Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
 home: https://github.com/rancher/externalip-webhook
 keywords:
 - cve
 - embargo
 - externalip
 - webhook
 - security
@ -21,4 +20,4 @@ maintainers:
 name: rancher-externalip-webhook
 sources:
 - https://github.com/rancher/externalip-webhook
-version: 0.1.300
+version: 0.1.400
--- a/charts/rancher-externalip-webhook/app-README.md
+++ b/charts/rancher-externalip-webhook/app-README.md
@ -3,8 +3,7 @@
 This chart was created to mitigate [CVE-2020-8554](https://www.cvedetails.com/cve/CVE-2020-8554/)
 External IP Webhook is a validating k8s webhook which prevents services from using random external IPs. Cluster administrators
-can specify list of CIDRs allowed to be used as external IP by specifying `allowed-external-ip-cidrs` parameter.
+can specify list of CIDRs allowed to be used as external IP by specifying `allowed-external-ip-cidrs` parameter. 
-Webhook will only allow creation of services which doesn't require external IP or whose external IPs are within the range
+The webhook will only allow services which either don’t set external IP, or whose external IPs are within the range specified by the administrator.
 specified by the administrator.
 For more information, review the Helm README of this chart.
--- a/charts/rancher-externalip-webhook/questions.yaml
+++ b/charts/rancher-externalip-webhook/questions.yaml
@ -4,4 +4,4 @@ questions:
  label: Allowed external IP cidrs
  description: Set allowed external IP CIDRs separated by a comma
  type: string
-  group: config
+  group: Configuration
--- a/charts/rancher-externalip-webhook/templates/deployment.yaml
+++ b/charts/rancher-externalip-webhook/templates/deployment.yaml
@ -10,8 +10,8 @@ metadata:
 spec:
  replicas: {{ .Values.replicas }}
  selector:
-    matchLabels: {{ include "externalip-webhook.labels" . | indent 6 }}
+    matchLabels:
-      chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+      app: {{ template "externalip-webhook.name" . }}
  template:
    metadata:
      annotations:
--- a/charts/rancher-externalip-webhook/templates/service.yaml
+++ b/charts/rancher-externalip-webhook/templates/service.yaml
@ -12,7 +12,7 @@ spec:
    protocol: TCP
    targetPort: {{ .Values.webhookPort }}
  selector:
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    app: {{ template "externalip-webhook.name" . }}
  type: "ClusterIP"
 {{- if .Values.metrics.enabled }}
 ---
@ -30,6 +30,6 @@ spec:
    protocol: TCP
    targetPort: {{ .Values.metrics.port }}
  selector:
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    app: {{ template "externalip-webhook.name" . }}
  type: "ClusterIP"
 {{- end }}
--- a/charts/rancher-externalip-webhook/templates/servicemonitor.yaml
+++ b/charts/rancher-externalip-webhook/templates/servicemonitor.yaml
@ -11,6 +11,6 @@ spec:
    - path: /metrics
      port: https
  selector:
-    matchLabels: {{ include "externalip-webhook.labels" . | indent 6 }}
+    matchLabels:
-      chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+      app: {{ template "externalip-webhook.name" . }}
 {{- end }}
--- a/charts/rancher-externalip-webhook/values.yaml
+++ b/charts/rancher-externalip-webhook/values.yaml
@ -15,7 +15,7 @@ image:
  pullPolicy: IfNotPresent
  pullSecrets: []
  repository: rancher/externalip-webhook
-  tag: v0.1.3
+  tag: v0.1.4
 ## Enabling metrics endpoint
 # Webhook emits `webhook_failed_request_count` metrics whenever it rejects service creation or update operation
 metrics:
--- a/index.yaml
+++ b/index.yaml
@ -794,6 +794,33 @@ entries:
    - assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.100.tgz
    version: 1.0.100
  rancher-externalip-webhook:
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
      catalog.cattle.io/namespace: cattle-externalip-system
      catalog.cattle.io/release-name: rancher-externalip-webhook
      catalog.cattle.io/ui-component: rancher-externalip-webhook
    apiVersion: v1
    appVersion: v0.1.4
    created: "2020-12-08T22:05:21.819947668Z"
    description: |
      Deploy the externalip-webhook to mitigate k8s CVE-2020-8554
    digest: abc86966d4a49e37ea0a7e90f38bc267a73cb9fc3a9ce96e407bae760eb9af95
    home: https://github.com/rancher/externalip-webhook
    keywords:
    - cve
    - externalip
    - webhook
    - security
    maintainers:
    - email: raul@rancher.com
      name: rawmind0
    name: rancher-externalip-webhook
    sources:
    - https://github.com/rancher/externalip-webhook
    urls:
    - assets/rancher-externalip-webhook/rancher-externalip-webhook-0.1.400.tgz
    version: 0.1.400
  - annotations:
      catalog.cattle.io/certified: rancher
      catalog.cattle.io/display-name: External IP Webhook
@ -2245,4 +2272,4 @@ entries:
    urls:
    - assets/rio/rio-0.8.000.tgz
    version: 0.8.000
-generated: "2020-12-08T19:09:47.204545583Z"
+generated: "2020-12-08T22:05:21.818659463Z"
--- a/sha256sum/rancher-externalip-webhook/rancher-externalip-webhook.sum
+++ b/sha256sum/rancher-externalip-webhook/rancher-externalip-webhook.sum
@ -1 +1 @@
-f6bf0708fa426f2b4343691ca3c3fff2a7b6bd502af5ed3b0aeae51e011b5c8f  packages/rancher-externalip-webhook/package.yaml
+9f7d1eaa86b2b929e679dac7bb94e1632e959e6bc3f1137010474a24a38844b2  packages/rancher-externalip-webhook/package.yaml
`@ -1 +1 @@`
	`f6bf0708fa426f2b4343691ca3c3fff2a7b6bd502af5ed3b0aeae51e011b5c8f packages/rancher-externalip-webhook/package.yaml`	`9f7d1eaa86b2b929e679dac7bb94e1632e959e6bc3f1137010474a24a38844b2 packages/rancher-externalip-webhook/package.yaml`