- Update namespace annotation to `cattle-gatekeeper-system`
- Remove `gatekeeper-system` from templates as Rancher handles
namespaces for chart installation.
(partially cherry picked from commit 6e147640be)
The previous patch didn't apply cleanly since the latest version had
significant changes made including structural. Instead I started with
an empty patch file and made changes manually. This patch includes the
same changes done in our previous patch, but on the latest version of
the chart.
(partially cherry picked from commit 3d8b451d4a)
Removes the code that supports the Helm 2 hack for crd/ (`prometheus-operator/cleanup-crds.yaml` and
`prometheus-operator/crds.yaml`) and removes crd-install hooks from crds.
Also updates the README.md and CHANGELOG.md accordingly.
(partially cherry picked from commit 921f735cbc)
This commit adds script changes to automatically allow packages to split
the CRD components located in a crd/ directory into a separate package.
It also automatically adds in a validation yaml helper to the main package
to prevent a user from installing the base package without installing the crd
install package first.
Any package can enable the creation of a separate crd package by just adding
`splitCRDsIntoSeparatePackage: true` into the package.yaml, as shown in the
rancher-monitoring chart.
(partially cherry picked from commit fcc8528186)
This commit removes packages/istio from the main branch.
This has been a long-standing pending maintenance task and should not have any impact on the main branch.
Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
This commit adds support for deploying rancher-monitoring into hardened clusters.
It modifies some of the default securityContexts and does some misc. fixes such as:
- Removing default AppArmor PSP annotations from Grafana (related to https://github.com/helm/charts/issues/9090)
- Modifying rkeScheduler and rkeControllerManager to use localhost to scrape components since the endpoints aren't exposed in a hardened cluster
These changes have been verified on a hardened RKE cluster.
This commit adds support for deploying rancher-pushprox into hardened clusters.
It introduces securityContexts and rearranges the RBAC in order to support a PodSecurityPolicy for the PushProx clients.
These changes have been verified on a hardened RKE cluster.
This commit renames `grafana-dashboards` to `cattle-dashboards` and deprecates the `grafana-datasources` namespace in favor of the normal release namespace.
Related Issue: rancher/rancher#28887
Caleb Bron
Darren Shepherd
Steven Crespo
Jacob Payne
Jacob Payne
Brenda Rearden
Arvind Iyengar
aiyengar2
Vincent Fiduccia
Denise Schannon
actions
rajashree
maggieliu
Prachi Damle
Prachi Damle
Daishan