Charts CI

```
Updated:
  kuma/kuma:
    - 2.7.1
  ngrok/kubernetes-ingress-controller:
    - 0.12.4
```
pull/1015/head
github-actions[bot] 2024-04-24 00:52:16 +00:00
parent dcc25be64d
commit 07bc7ff6e7
17 changed files with 114 additions and 16 deletions

BIN
assets/kuma/kuma-2.7.1.tgz Normal file

Binary file not shown.

Binary file not shown.

View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/namespace: kuma-system
catalog.cattle.io/release-name: kuma
apiVersion: v2
appVersion: 2.7.0
appVersion: 2.7.1
description: A Helm chart for the Kuma Control Plane
home: https://github.com/kumahq/kuma
icon: https://kuma.io/assets/images/brand/kuma-logo-new.svg
@ -23,4 +23,4 @@ maintainers:
url: https://github.com/michaelbeaumont
name: kuma
type: application
version: 2.7.0
version: 2.7.1

View File

@ -2,7 +2,7 @@
A Helm chart for the Kuma Control Plane
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 2.7.0](https://img.shields.io/badge/Version-2.7.0-informational?style=flat-square) ![AppVersion: 2.7.0](https://img.shields.io/badge/AppVersion-2.7.0-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 2.7.1](https://img.shields.io/badge/Version-2.7.1-informational?style=flat-square) ![AppVersion: 2.7.1](https://img.shields.io/badge/AppVersion-2.7.1-informational?style=flat-square)
**Homepage:** <https://github.com/kumahq/kuma>
@ -94,6 +94,7 @@ A Helm chart for the Kuma Control Plane
| controlPlane.admissionServerPort | int | `5443` | Define a new server port for the admission controller. Recommended to set in combination with hostNetwork to prevent multiple port bindings on the same port (like Calico in AWS EKS). |
| controlPlane.podSecurityContext | object | `{"runAsNonRoot":true}` | Security context at the pod level for control plane. |
| controlPlane.containerSecurityContext | object | `{"readOnlyRootFilesystem":true}` | Security context at the container level for control plane. |
| controlPlane.supportGatewaySecretsInAllNamespaces | bool | `false` | If true, then control plane can support TLS secrets for builtin gateway outside of mesh system namespace. The downside is that control plane requires permission to read Secrets in all namespaces. |
| cni.enabled | bool | `false` | Install Kuma with CNI instead of proxy init container |
| cni.chained | bool | `false` | Install CNI in chained mode |
| cni.netDir | string | `"/etc/cni/multus/net.d"` | Set the CNI install directory |

View File

@ -299,6 +299,10 @@ env:
{{- end }}
- name: KUMA_PLUGIN_POLICIES_ENABLED
value: {{ include "kuma.pluginPoliciesEnabled" . | quote }}
{{- if .Values.controlPlane.supportGatewaySecretsInAllNamespaces }}
- name: KUMA_RUNTIME_KUBERNETES_SUPPORT_GATEWAY_SECRETS_IN_ALL_NAMESPACES
value: true
{{- end }}
{{- end }}
{{- define "kuma.controlPlane.tls.general.caSecretName" -}}

View File

@ -29,11 +29,20 @@ rules:
- pods
- configmaps
- nodes
{{- if .Values.controlPlane.supportGatewaySecretsInAllNamespaces }}
- secrets
{{- end }}
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- list
- watch
- apiGroups:
- "apps"
resources:

View File

@ -1,3 +1,4 @@
{{- if and (eq .Values.controlPlane.environment "kubernetes") (eq .Values.controlPlane.mode "zone") }}
{{- if .Capabilities.APIVersions.Has "gateway.networking.k8s.io/v1/GatewayClass" }}
---
apiVersion: gateway.networking.k8s.io/v1
@ -15,3 +16,4 @@ metadata:
spec:
controllerName: "gateways.kuma.io/controller"
{{- end }}
{{- end }}

View File

@ -321,6 +321,10 @@ controlPlane:
containerSecurityContext:
readOnlyRootFilesystem: true
# -- If true, then control plane can support TLS secrets for builtin gateway outside of mesh system namespace.
# The downside is that control plane requires permission to read Secrets in all namespaces.
supportGatewaySecretsInAllNamespaces: false
cni:
# -- Install Kuma with CNI instead of proxy init container
enabled: false

View File

@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 0.12.4
- Add the `apiURL` value.
This sets the ngrok API endpoint used by the controller.
It corresponds to the `--api-url` argument to the manager binary.
- Update to version 0.10.4 of the ingress controller.
See its changes [here](../../CHANGELOG.md#0104).
## 0.12.1
- Update to version 0.10.1 of the ingress controller, which includes:

View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.19.0
digest: sha256:9d633ce0386ef6e5855933e3b4144996795219b3dcbc920b5eda03565c91b1f6
generated: "2024-03-15T11:15:37.790716635-05:00"
version: 2.19.1
digest: sha256:8b1a425b039469d9fd0b0b48bd825df70bdcbe6f62e1f83b8c06653bfc472943
generated: "2024-03-27T10:54:59.497298868-05:00"

View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: ngrok Ingress Controller
catalog.cattle.io/release-name: kubernetes-ingress-controller
apiVersion: v2
appVersion: 0.10.3
appVersion: 0.10.4
dependencies:
- name: common
repository: file://./charts/common
@ -22,4 +22,4 @@ keywords:
name: kubernetes-ingress-controller
sources:
- https://github.com/ngrok/kubernetes-ingress-controller
version: 0.12.3
version: 0.12.4

View File

@ -64,7 +64,8 @@ To uninstall the chart:
| `credentials.apiKey` | Your ngrok API key. If provided, it will be will be written to the secret and the authtoken must be provided as well. | `""` |
| `credentials.authtoken` | Your ngrok authtoken. If provided, it will be will be written to the secret and the apiKey must be provided as well. | `""` |
| `region` | ngrok region to create tunnels in. Defaults to connect to the closest geographical region. | `""` |
| `serverAddr` | This is the URL of the ngrok server to connect to. You should set this if you are using a custom ingress URL. | `""` |
| `serverAddr` | This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address. | `""` |
| `apiURL` | This is the URL of the ngrok API. You should set this if you are using a custom API URL. | `""` |
| `metaData` | This is a map of key/value pairs that will be added as meta data to all ngrok api resources created | `{}` |
| `affinity` | Affinity for the controller pod assignment | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |

View File

@ -2,7 +2,7 @@ annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.19.0
appVersion: 2.19.1
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://bitnami.com
@ -20,4 +20,4 @@ name: common
sources:
- https://github.com/bitnami/charts
type: library
version: 2.19.0
version: 2.19.1

View File

@ -11,7 +11,7 @@ These presets are for basic testing and not meant to be used in production
{{ include "common.resources.preset" (dict "type" "nano") -}}
*/}}
{{- define "common.resources.preset" -}}
{{/* The limits are the requests increased by 50% (except ephemeral-storage)*/}}
{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
{{- $presets := dict
"nano" (dict
"requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
@ -34,11 +34,11 @@ These presets are for basic testing and not meant to be used in production
"limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "1024Mi")
)
"xlarge" (dict
"requests" (dict "cpu" "2.0" "memory" "4096Mi" "ephemeral-storage" "50Mi")
"requests" (dict "cpu" "1.5" "memory" "4096Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "1024Mi")
)
"2xlarge" (dict
"requests" (dict "cpu" "4.0" "memory" "8192Mi" "ephemeral-storage" "50Mi")
"requests" (dict "cpu" "1.5" "memory" "4096Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "1024Mi")
)
}}
@ -47,4 +47,4 @@ These presets are for basic testing and not meant to be used in production
{{- else -}}
{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@ -28,6 +28,9 @@ spec:
prometheus.io/path: /metrics
prometheus.io/port: '8080'
prometheus.io/scrape: 'true'
checksum/controller-role: {{ include (print $.Template.BasePath "/rbac/role.yaml") . | sha256sum }}
checksum/rbac: {{ include (print $.Template.BasePath "/controller-rbac.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/credentials-secret.yaml") . | sha256sum }}
labels:
{{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 8 }}
{{- if .Values.podLabels }}
@ -61,6 +64,9 @@ spec:
{{- if .Values.region }}
- --region={{ .Values.region}}
{{- end }}
{{- if .Values.apiURL }}
- --api-url={{ .Values.apiURL}}
{{- end }}
{{- if .Values.serverAddr }}
- --server-addr={{ .Values.serverAddr}}
{{- end }}

View File

@ -67,9 +67,12 @@ credentials:
## @param region ngrok region to create tunnels in. Defaults to connect to the closest geographical region.
region: ""
## @param serverAddr This is the URL of the ngrok server to connect to. You should set this if you are using a custom ingress URL.
## @param serverAddr This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address.
serverAddr: ""
## @param apiURL This is the URL of the ngrok API. You should set this if you are using a custom API URL.
apiURL: ""
## @param metaData This is a map of key/value pairs that will be added as meta data to all ngrok api resources created
metaData: {}

View File

@ -32206,6 +32206,35 @@ entries:
- assets/kubemq/kubemq-crds-2.3.7.tgz
version: 2.3.7
kubernetes-ingress-controller:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: ngrok Ingress Controller
catalog.cattle.io/release-name: kubernetes-ingress-controller
apiVersion: v2
appVersion: 0.10.4
created: "2024-04-24T00:52:02.821080173Z"
dependencies:
- name: common
repository: file://./charts/common
tags:
- bitnami-common
version: 2.x.x
description: A Kubernetes ingress controller built using ngrok.
digest: eee2f79ed343620ac426b65da3a752a70203847da6f9ad10da5c80a79f043f9b
home: https://ngrok.com
icon: https://assets-global.website-files.com/63ed4bc7a4b189da942a6b8c/6411ffa0b395a44345ed2b1a_Frame%201.svg
keywords:
- ngrok
- networking
- ingress
- edge
- api gateway
name: kubernetes-ingress-controller
sources:
- https://github.com/ngrok/kubernetes-ingress-controller
urls:
- assets/ngrok/kubernetes-ingress-controller-0.12.4.tgz
version: 0.12.4
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: ngrok Ingress Controller
@ -33044,6 +33073,36 @@ entries:
- assets/avesha/kubeslice-worker-0.4.5.tgz
version: 0.4.5
kuma:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Kuma
catalog.cattle.io/namespace: kuma-system
catalog.cattle.io/release-name: kuma
apiVersion: v2
appVersion: 2.7.1
created: "2024-04-24T00:52:02.041129376Z"
description: A Helm chart for the Kuma Control Plane
digest: e62533c6525e4c0e3d464bb54680db107d53d9a6eeedf808110864e7129ee1a5
home: https://github.com/kumahq/kuma
icon: https://kuma.io/assets/images/brand/kuma-logo-new.svg
keywords:
- service mesh
- control plane
maintainers:
- email: jakub.dyszkiewicz@konghq.com
name: Jakub Dyszkiewicz
url: https://github.com/jakubdyszkiewicz
- email: charly.molter@konghq.com
name: Charly Molter
url: https://github.com/lahabana
- email: michael.beaumont@konghq.com
name: Mike Beaumont
url: https://github.com/michaelbeaumont
name: kuma
type: application
urls:
- assets/kuma/kuma-2.7.1.tgz
version: 2.7.1
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Kuma