Charts CI

``` Updated: argo/argo-cd: - 5.49.0 bitnami/wordpress: - 18.0.12 cert-manager/cert-manager: - v1.13.2 crowdstrike/falcon-sensor: - 1.22.1 external-secrets/external-secrets: - 0.9.8 hashicorp/vault: - 0.26.1 loft/loft: - 3.3.1 nats/nats: - 1.1.3 new-relic/nri-bundle: - 5.0.43 redpanda/redpanda: - 5.6.37 stackstate/stackstate-k8s-agent: - 1.0.51 ```
2023-10-31 13:41:58 +00:00 · 2023-10-31 13:41:58 +00:00 · d47dfdbd11
parent 0771e64a07
commit d47dfdbd11
103 changed files with 1097 additions and 170 deletions
--- a/assets/argo/argo-cd-5.47.0.tgz
+++ b/assets/argo/argo-cd-5.47.0.tgz
--- a/assets/argo/argo-cd-5.49.0.tgz
+++ b/assets/argo/argo-cd-5.49.0.tgz
--- a/assets/bitnami/wordpress-18.0.12.tgz
+++ b/assets/bitnami/wordpress-18.0.12.tgz
--- a/assets/cert-manager/cert-manager-v1.13.2.tgz
+++ b/assets/cert-manager/cert-manager-v1.13.2.tgz
--- a/assets/crowdstrike/falcon-sensor-1.22.1.tgz
+++ b/assets/crowdstrike/falcon-sensor-1.22.1.tgz
--- a/assets/external-secrets/external-secrets-0.9.8.tgz
+++ b/assets/external-secrets/external-secrets-0.9.8.tgz
--- a/assets/hashicorp/vault-0.25.0.tgz
+++ b/assets/hashicorp/vault-0.25.0.tgz
--- a/assets/hashicorp/vault-0.26.1.tgz
+++ b/assets/hashicorp/vault-0.26.1.tgz
--- a/assets/loft/loft-3.3.1.tgz
+++ b/assets/loft/loft-3.3.1.tgz
--- a/assets/nats/nats-1.1.3.tgz
+++ b/assets/nats/nats-1.1.3.tgz
--- a/assets/new-relic/nri-bundle-5.0.43.tgz
+++ b/assets/new-relic/nri-bundle-5.0.43.tgz
--- a/assets/redpanda/redpanda-5.6.37.tgz
+++ b/assets/redpanda/redpanda-5.6.37.tgz
--- a/assets/stackstate/stackstate-k8s-agent-1.0.51.tgz
+++ b/assets/stackstate/stackstate-k8s-agent-1.0.51.tgz
--- a/charts/argo/argo-cd/Chart.yaml
+++ b/charts/argo/argo-cd/Chart.yaml
@ -1,7 +1,7 @@
 annotations:
  artifacthub.io/changes: |
    - kind: added
-      description: add terminationGracePeriodSeconds
+      description: Add notification cluster role support
  artifacthub.io/signKey: |
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
@ -11,7 +11,7 @@ annotations:
  catalog.cattle.io/kube-version: '>=1.23.0-0'
  catalog.cattle.io/release-name: argo-cd
 apiVersion: v2
-appVersion: v2.8.4
+appVersion: v2.8.5
 dependencies:
 - condition: redis-ha.enabled
  name: redis-ha
@ -33,4 +33,4 @@ name: argo-cd
 sources:
 - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
 - https://github.com/argoproj/argo-cd
-version: 5.47.0
+version: 5.49.0
--- a/charts/argo/argo-cd/README.md
+++ b/charts/argo/argo-cd/README.md
@ -1160,6 +1160,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 |-----|------|---------|-------------|
 | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
 | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
 | notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource |
 | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
 | notifications.containerPorts.metrics | int | `9001` | Metrics container port |
 | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
--- a/charts/argo/argo-cd/templates/argocd-notifications/clusterrole.yaml
+++ b/charts/argo/argo-cd/templates/argocd-notifications/clusterrole.yaml
@ -0,0 +1,22 @@
 {{- if .Values.createClusterRoles }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: {{ include "argo-cd.notifications.fullname" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
 rules:
  {{- with .Values.notifications.clusterRoleRules.rules }}
    {{- toYaml . | nindent 2 }}
  {{- end }}
  - apiGroups:
    - "argoproj.io"
    resources:
    - "applications"
    verbs:
    - get
    - list
    - watch
    - update
    - patch
 {{- end }}
--- a/charts/argo/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml
+++ b/charts/argo/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml
@ -0,0 +1,16 @@
 {{- if .Values.createClusterRoles }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  name: {{ include "argo-cd.notifications.fullname" . }}
  labels:
    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: {{ include "argo-cd.notifications.fullname" . }}
 subjects:
 - kind: ServiceAccount
  name: {{ include "argo-cd.notificationsServiceAccountName" . }}
  namespace: {{ .Release.Namespace }}
 {{- end }}
--- a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml
+++ b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml
@ -78,13 +78,19 @@ spec:
                configMapKeyRef:
                  key: notificationscontroller.log.level
                  name: argocd-cmd-params-cm
-                  optional: true              
+                  optional: true
            - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT
              valueFrom:
                configMapKeyRef:
                  key: notificationscontroller.log.format
                  name: argocd-cmd-params-cm
                  optional: true
            - name: ARGOCD_APPLICATION_NAMESPACES
              valueFrom:
                configMapKeyRef:
                  key: application.namespaces
                  name: argocd-cmd-params-cm
                  optional: true
          {{- with .Values.notifications.extraEnvFrom }}
          envFrom:
            {{- toYaml . | nindent 12 }}
--- a/charts/argo/argo-cd/values.yaml
+++ b/charts/argo/argo-cd/values.yaml
@ -326,7 +326,7 @@ configs:
      [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
      bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE=
      bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO
-      bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==
+      bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M=
      github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg=
      github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
      github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
@ -2997,6 +2997,12 @@ notifications:
    # -- Whether helm chart creates notifications controller config map
    create: true
  ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource.
  ## Defaults to off
  clusterRoleRules:
    # -- List of custom rules for the notifications controller's ClusterRole resource
    rules: []
  # -- Contains centrally managed global application subscriptions
  ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/
  subscriptions: []
--- a/charts/bitnami/wordpress/Chart.yaml
+++ b/charts/bitnami/wordpress/Chart.yaml
@ -10,7 +10,7 @@ annotations:
    - name: os-shell
      image: docker.io/bitnami/os-shell:11-debian-11-r90
    - name: wordpress
-      image: docker.io/bitnami/wordpress:6.3.2-debian-11-r4
+      image: docker.io/bitnami/wordpress:6.3.2-debian-11-r5
  licenses: Apache-2.0
 apiVersion: v2
 appVersion: 6.3.2
@ -47,4 +47,4 @@ maintainers:
 name: wordpress
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/wordpress
-version: 18.0.11
+version: 18.0.12
--- a/charts/bitnami/wordpress/values.yaml
+++ b/charts/bitnami/wordpress/values.yaml
@ -76,7 +76,7 @@ diagnosticMode:
 image:
  registry: docker.io
  repository: bitnami/wordpress
-  tag: 6.3.2-debian-11-r4
+  tag: 6.3.2-debian-11-r5
  digest: ""
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
--- a/charts/cert-manager/cert-manager/Chart.yaml
+++ b/charts/cert-manager/cert-manager/Chart.yaml
@ -10,7 +10,7 @@ annotations:
  catalog.cattle.io/namespace: cert-manager
  catalog.cattle.io/release-name: cert-manager
 apiVersion: v1
-appVersion: v1.13.1
+appVersion: v1.13.2
 description: A Helm chart for cert-manager
 home: https://github.com/cert-manager/cert-manager
 icon: https://raw.githubusercontent.com/cert-manager/cert-manager/d53c0b9270f8cd90d908460d69502694e1838f5f/logo/logo-small.png
@ -27,4 +27,4 @@ maintainers:
 name: cert-manager
 sources:
 - https://github.com/cert-manager/cert-manager
-version: v1.13.1
+version: v1.13.2
--- a/charts/cert-manager/cert-manager/README.md
+++ b/charts/cert-manager/cert-manager/README.md
@ -19,7 +19,7 @@ Before installing the chart, you must first install the cert-manager CustomResou
 This is performed in a separate step to allow you to easily uninstall and reinstall cert-manager without deleting your installed custom resources.
 ```bash
-$ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.1/cert-manager.crds.yaml
+$ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.crds.yaml
 ```
 To install the chart with the release name `my-release`:
@ -29,7 +29,7 @@ To install the chart with the release name `my-release`:
 $ helm repo add jetstack https://charts.jetstack.io
 ## Install the cert-manager helm chart
-$ helm install my-release --namespace cert-manager --version v1.13.1 jetstack/cert-manager
+$ helm install my-release --namespace cert-manager --version v1.13.2 jetstack/cert-manager
 ```
 In order to begin issuing certificates, you will need to set up a ClusterIssuer
@ -65,7 +65,7 @@ If you want to completely uninstall cert-manager from your cluster, you will als
 delete the previously installed CustomResourceDefinition resources:
 ```console
-$ kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.1/cert-manager.crds.yaml
+$ kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.crds.yaml
 ```
 ## Configuration
@ -86,7 +86,7 @@ The following table lists the configurable parameters of the cert-manager chart
 | `global.leaderElection.retryPeriod` | The duration the clients should wait between attempting acquisition and renewal of a leadership |  |
 | `installCRDs` | If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED | `false` |
 | `image.repository` | Image repository | `quay.io/jetstack/cert-manager-controller` |
-| `image.tag` | Image tag | `v1.13.1` |
+| `image.tag` | Image tag | `v1.13.2` |
 | `image.pullPolicy` | Image pull policy | `IfNotPresent` |
 | `replicaCount`  | Number of cert-manager replicas  | `1` |
 | `clusterResourceNamespace` | Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources | Same namespace as cert-manager pod |
@ -171,7 +171,7 @@ The following table lists the configurable parameters of the cert-manager chart
 | `webhook.tolerations` | Node tolerations for webhook pod assignment | `[]` |
 | `webhook.topologySpreadConstraints` | Topology spread constraints for webhook pod assignment | `[]` |
 | `webhook.image.repository` | Webhook image repository | `quay.io/jetstack/cert-manager-webhook` |
-| `webhook.image.tag` | Webhook image tag | `v1.13.1` |
+| `webhook.image.tag` | Webhook image tag | `v1.13.2` |
 | `webhook.image.pullPolicy` | Webhook image pull policy | `IfNotPresent` |
 | `webhook.securePort` | The port that the webhook should listen on for requests. | `10250` |
 | `webhook.securityContext` | Security context for webhook pod assignment | refer to [Default Security Contexts](#default-security-contexts) |
@ -210,13 +210,13 @@ The following table lists the configurable parameters of the cert-manager chart
 | `cainjector.tolerations` | Node tolerations for cainjector pod assignment | `[]` |
 | `cainjector.topologySpreadConstraints` | Topology spread constraints for cainjector pod assignment | `[]` |
 | `cainjector.image.repository` | cainjector image repository | `quay.io/jetstack/cert-manager-cainjector` |
-| `cainjector.image.tag` | cainjector image tag | `v1.13.1` |
+| `cainjector.image.tag` | cainjector image tag | `v1.13.2` |
 | `cainjector.image.pullPolicy` | cainjector image pull policy | `IfNotPresent` |
 | `cainjector.securityContext` | Security context for cainjector pod assignment | refer to [Default Security Contexts](#default-security-contexts) |
 | `cainjector.containerSecurityContext` | Security context to be set on cainjector component container | refer to [Default Security Contexts](#default-security-contexts) |
 | `cainjector.enableServiceLinks` | Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. | `false` |
 | `acmesolver.image.repository` | acmesolver image repository | `quay.io/jetstack/cert-manager-acmesolver` |
-| `acmesolver.image.tag` | acmesolver image tag | `v1.13.1` |
+| `acmesolver.image.tag` | acmesolver image tag | `v1.13.2` |
 | `acmesolver.image.pullPolicy` | acmesolver image pull policy | `IfNotPresent` |
 | `startupapicheck.enabled` | Toggles whether the startupapicheck Job should be installed | `true` |
 | `startupapicheck.securityContext` | Security context for startupapicheck pod assignment | refer to [Default Security Contexts](#default-security-contexts) |
@ -232,7 +232,7 @@ The following table lists the configurable parameters of the cert-manager chart
 | `startupapicheck.tolerations` | Node tolerations for startupapicheck pod assignment | `[]` |
 | `startupapicheck.podLabels` | Optional additional labels to add to the startupapicheck Pods | `{}` |
 | `startupapicheck.image.repository` | startupapicheck image repository | `quay.io/jetstack/cert-manager-ctl` |
-| `startupapicheck.image.tag` | startupapicheck image tag | `v1.13.1` |
+| `startupapicheck.image.tag` | startupapicheck image tag | `v1.13.2` |
 | `startupapicheck.image.pullPolicy` | startupapicheck image pull policy | `IfNotPresent` |
 | `startupapicheck.serviceAccount.create` | If `true`, create a new service account for the startupapicheck component | `true` |
 | `startupapicheck.serviceAccount.name` | Service account for the startupapicheck component to be used. If not set and `startupapicheck.serviceAccount.create` is `true`, a name is generated using the fullname template |  |
--- a/charts/cert-manager/cert-manager/templates/webhook-deployment.yaml
+++ b/charts/cert-manager/cert-manager/templates/webhook-deployment.yaml
@ -75,7 +75,7 @@ spec:
          {{ if not $config.securePort -}}
          - --secure-port={{ .Values.webhook.securePort }}
          {{- end }}
-          {{- if .Values.featureGates }}
+          {{- if .Values.webhook.featureGates }}
          - --feature-gates={{ .Values.webhook.featureGates }}
          {{- end }}
          {{- $tlsConfig := default $config.tlsConfig "" }}
--- a/charts/crowdstrike/falcon-sensor/Chart.yaml
+++ b/charts/crowdstrike/falcon-sensor/Chart.yaml
@ -4,7 +4,7 @@ annotations:
  catalog.cattle.io/kube-version: '>1.22.0-0'
  catalog.cattle.io/release-name: falcon-sensor
 apiVersion: v2
-appVersion: 1.21.2
+appVersion: 1.22.1
 description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters.
 home: https://crowdstrike.com
 icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg
@ -24,4 +24,4 @@ name: falcon-sensor
 sources:
 - https://github.com/CrowdStrike/falcon-helm
 type: application
-version: 1.21.2
+version: 1.22.1
--- a/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml
+++ b/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml
@ -108,6 +108,15 @@ spec:
          - name: falconstore-dir
            mountPath: /host_opt
        {{- end }}
        resources:
          requests:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
          limits:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
        securityContext:
          runAsUser: 0
          privileged: true
--- a/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml
+++ b/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml
@ -100,6 +100,15 @@ spec:
          - name: opt-crowdstrike
            mountPath: /host_opt
        {{- end }}
        resources:
          requests:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
          limits:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
        securityContext:
          runAsUser: 0
          privileged: true
@ -124,6 +133,15 @@ spec:
        - sleep 10
        command:
        - /bin/bash
        resources:
          requests:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
          limits:
            cpu: 10m
            ephemeral-storage: 10Mi
            memory: 50Mi
        securityContext:
          privileged: false
          readOnlyRootFilesystem: true
--- a/charts/external-secrets/external-secrets/Chart.yaml
+++ b/charts/external-secrets/external-secrets/Chart.yaml
@ -4,7 +4,7 @@ annotations:
  catalog.cattle.io/kube-version: '>= 1.19.0-0'
  catalog.cattle.io/release-name: external-secrets
 apiVersion: v2
-appVersion: v0.9.7
+appVersion: v0.9.8
 description: External secret management for Kubernetes
 home: https://github.com/external-secrets/external-secrets
 icon: https://raw.githubusercontent.com/external-secrets/external-secrets/main/assets/eso-logo-large.png
@ -17,4 +17,4 @@ maintainers:
  name: mcavoyk
 name: external-secrets
 type: application
-version: 0.9.7
+version: 0.9.8
--- a/charts/external-secrets/external-secrets/README.md
+++ b/charts/external-secrets/external-secrets/README.md
@ -4,7 +4,7 @@
 [//]: # (README.md generated by gotmpl. DO NOT EDIT.)
-![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.9.7](https://img.shields.io/badge/Version-0.9.7-informational?style=flat-square)
+![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.9.8](https://img.shields.io/badge/Version-0.9.8-informational?style=flat-square)
 External secret management for Kubernetes
--- a/charts/external-secrets/external-secrets/templates/crds/clusterexternalsecret.yaml
+++ b/charts/external-secrets/external-secrets/templates/crds/clusterexternalsecret.yaml
@ -79,16 +79,28 @@ spec:
                              conversionStrategy:
                                default: Default
                                description: Used to define a conversion Strategy
                                enum:
                                  - Default
                                  - Unicode
                                type: string
                              decodingStrategy:
                                default: None
                                description: Used to define a decoding Strategy
                                enum:
                                  - Auto
                                  - Base64
                                  - Base64URL
                                  - None
                                type: string
                              key:
                                description: Key is the key used in the Provider, mandatory
                                type: string
                              metadataPolicy:
                                default: None
                                description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None
                                enum:
                                  - None
                                  - Fetch
                                type: string
                              property:
                                description: Used to select a specific property of the Provider value (if a map), if supported
@ -151,16 +163,28 @@ spec:
                              conversionStrategy:
                                default: Default
                                description: Used to define a conversion Strategy
                                enum:
                                  - Default
                                  - Unicode
                                type: string
                              decodingStrategy:
                                default: None
                                description: Used to define a decoding Strategy
                                enum:
                                  - Auto
                                  - Base64
                                  - Base64URL
                                  - None
                                type: string
                              key:
                                description: Key is the key used in the Provider, mandatory
                                type: string
                              metadataPolicy:
                                default: None
                                description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None
                                enum:
                                  - None
                                  - Fetch
                                type: string
                              property:
                                description: Used to select a specific property of the Provider value (if a map), if supported
@ -177,10 +201,18 @@ spec:
                              conversionStrategy:
                                default: Default
                                description: Used to define a conversion Strategy
                                enum:
                                  - Default
                                  - Unicode
                                type: string
                              decodingStrategy:
                                default: None
                                description: Used to define a decoding Strategy
                                enum:
                                  - Auto
                                  - Base64
                                  - Base64URL
                                  - None
                                type: string
                              name:
                                description: Finds secrets based on the name.
@ -215,6 +247,15 @@ spec:
                                    - source
                                    - target
                                  type: object
                                transform:
                                  description: Used to apply string transformation on the secrets. The resulting key will be the output of the template applied by the operation.
                                  properties:
                                    template:
                                      description: Used to define the template to apply on the secret name. `.value ` will specify the secret name in the template.
                                      type: string
                                  required:
                                    - template
                                  type: object
                              type: object
                            type: array
                          sourceRef:
@ -307,9 +348,16 @@ spec:
                              type: object
                            engineVersion:
                              default: v2
                              description: EngineVersion specifies the template engine version that should be used to compile/execute the template specified in .data and .templateFrom[].
                              enum:
                                - v1
                                - v2
                              type: string
                            mergePolicy:
                              default: Replace
                              enum:
                                - Replace
                                - Merge
                              type: string
                            metadata:
                              description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint.
@ -335,6 +383,9 @@ spec:
                                              type: string
                                            templateAs:
                                              default: Values
                                              enum:
                                                - Values
                                                - KeysAndValues
                                              type: string
                                          required:
                                            - key
@ -357,6 +408,9 @@ spec:
                                              type: string
                                            templateAs:
                                              default: Values
                                              enum:
                                                - Values
                                                - KeysAndValues
                                              type: string
                                          required:
                                            - key
@ -370,6 +424,10 @@ spec:
                                    type: object
                                  target:
                                    default: Data
                                    enum:
                                      - Data
                                      - Annotations
                                      - Labels
                                    type: string
                                type: object
                              type: array
@ -409,12 +467,16 @@ spec:
                      type: object
                  type: object
                  x-kubernetes-map-type: atomic
                namespaces:
                  description: Choose namespaces by name. This field is ORed with anything that NamespaceSelector ends up choosing.
                  items:
                    type: string
                  type: array
                refreshTime:
-                  description: The time in which the controller should reconcile it's objects and recheck namespaces for labels.
+                  description: The time in which the controller should reconcile its objects and recheck namespaces for labels.
                  type: string
              required:
                - externalSecretSpec
                - namespaceSelector
              type: object
            status:
              description: ClusterExternalSecretStatus defines the observed state of ClusterExternalSecret.
--- a/charts/external-secrets/external-secrets/templates/crds/clustersecretstore.yaml
+++ b/charts/external-secrets/external-secrets/templates/crds/clustersecretstore.yaml
@ -657,7 +657,7 @@ spec:
                      description: Oracle configures this store to sync secrets using Oracle Vault provider
                      properties:
                        auth:
-                          description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, use the instance principal, otherwise the user credentials specified in Auth.
+                          description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, instance principal is used. Optionally, the authenticating principal type and/or user data may be supplied for the use of workload identity and user principal.
                          properties:
                            secretRef:
                              description: SecretRef to pass through sensitive information.
@ -703,6 +703,9 @@ spec:
                            - tenancy
                            - user
                          type: object
                        principalType:
                          description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                          type: string
                        region:
                          description: Region is the region where vault is located.
                          type: string
@ -2221,6 +2224,9 @@ spec:
                            - tenancy
                            - user
                          type: object
                        principalType:
                          description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                          type: string
                        region:
                          description: Region is the region where vault is located.
                          type: string
--- a/charts/external-secrets/external-secrets/templates/crds/externalsecret.yaml
+++ b/charts/external-secrets/external-secrets/templates/crds/externalsecret.yaml
@ -62,6 +62,9 @@ spec:
                          conversionStrategy:
                            default: Default
                            description: Used to define a conversion Strategy
                            enum:
                              - Default
                              - Unicode
                            type: string
                          key:
                            description: Key is the key used in the Provider, mandatory
@ -90,6 +93,9 @@ spec:
                      conversionStrategy:
                        default: Default
                        description: Used to define a conversion Strategy
                        enum:
                          - Default
                          - Unicode
                        type: string
                      key:
                        description: Key is the key used in the Provider, mandatory
@ -126,6 +132,10 @@ spec:
                    creationPolicy:
                      default: Owner
                      description: CreationPolicy defines rules on how to create the resulting Secret Defaults to 'Owner'
                      enum:
                        - Owner
                        - Merge
                        - None
                      type: string
                    immutable:
                      description: Immutable defines if the final secret will be immutable
@ -143,6 +153,9 @@ spec:
                        engineVersion:
                          default: v1
                          description: EngineVersion specifies the template engine version that should be used to compile/execute the template specified in .data and .templateFrom[].
                          enum:
                            - v1
                            - v2
                          type: string
                        metadata:
                          description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint.
@ -288,16 +301,28 @@ spec:
                          conversionStrategy:
                            default: Default
                            description: Used to define a conversion Strategy
                            enum:
                              - Default
                              - Unicode
                            type: string
                          decodingStrategy:
                            default: None
                            description: Used to define a decoding Strategy
                            enum:
                              - Auto
                              - Base64
                              - Base64URL
                              - None
                            type: string
                          key:
                            description: Key is the key used in the Provider, mandatory
                            type: string
                          metadataPolicy:
                            default: None
                            description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None
                            enum:
                              - None
                              - Fetch
                            type: string
                          property:
                            description: Used to select a specific property of the Provider value (if a map), if supported
@ -360,16 +385,28 @@ spec:
                          conversionStrategy:
                            default: Default
                            description: Used to define a conversion Strategy
                            enum:
                              - Default
                              - Unicode
                            type: string
                          decodingStrategy:
                            default: None
                            description: Used to define a decoding Strategy
                            enum:
                              - Auto
                              - Base64
                              - Base64URL
                              - None
                            type: string
                          key:
                            description: Key is the key used in the Provider, mandatory
                            type: string
                          metadataPolicy:
                            default: None
                            description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None
                            enum:
                              - None
                              - Fetch
                            type: string
                          property:
                            description: Used to select a specific property of the Provider value (if a map), if supported
@ -386,10 +423,18 @@ spec:
                          conversionStrategy:
                            default: Default
                            description: Used to define a conversion Strategy
                            enum:
                              - Default
                              - Unicode
                            type: string
                          decodingStrategy:
                            default: None
                            description: Used to define a decoding Strategy
                            enum:
                              - Auto
                              - Base64
                              - Base64URL
                              - None
                            type: string
                          name:
                            description: Finds secrets based on the name.
@ -424,6 +469,15 @@ spec:
                                - source
                                - target
                              type: object
                            transform:
                              description: Used to apply string transformation on the secrets. The resulting key will be the output of the template applied by the operation.
                              properties:
                                template:
                                  description: Used to define the template to apply on the secret name. `.value ` will specify the secret name in the template.
                                  type: string
                              required:
                                - template
                              type: object
                          type: object
                        type: array
                      sourceRef:
@ -516,9 +570,16 @@ spec:
                          type: object
                        engineVersion:
                          default: v2
                          description: EngineVersion specifies the template engine version that should be used to compile/execute the template specified in .data and .templateFrom[].
                          enum:
                            - v1
                            - v2
                          type: string
                        mergePolicy:
                          default: Replace
                          enum:
                            - Replace
                            - Merge
                          type: string
                        metadata:
                          description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint.
@ -544,6 +605,9 @@ spec:
                                          type: string
                                        templateAs:
                                          default: Values
                                          enum:
                                            - Values
                                            - KeysAndValues
                                          type: string
                                      required:
                                        - key
@ -566,6 +630,9 @@ spec:
                                          type: string
                                        templateAs:
                                          default: Values
                                          enum:
                                            - Values
                                            - KeysAndValues
                                          type: string
                                      required:
                                        - key
@ -579,6 +646,10 @@ spec:
                                type: object
                              target:
                                default: Data
                                enum:
                                  - Data
                                  - Annotations
                                  - Labels
                                type: string
                            type: object
                          type: array
--- a/charts/external-secrets/external-secrets/templates/crds/pushsecret.yaml
+++ b/charts/external-secrets/external-secrets/templates/crds/pushsecret.yaml
@ -80,6 +80,9 @@ spec:
                deletionPolicy:
                  default: None
                  description: 'Deletion Policy to handle Secrets in the provider. Possible Values: "Delete/None". Defaults to "None".'
                  enum:
                    - Delete
                    - None
                  type: string
                refreshInterval:
                  description: The Interval to which External Secrets will try to push a secret definition
--- a/charts/external-secrets/external-secrets/templates/crds/secretstore.yaml
+++ b/charts/external-secrets/external-secrets/templates/crds/secretstore.yaml
@ -657,7 +657,7 @@ spec:
                      description: Oracle configures this store to sync secrets using Oracle Vault provider
                      properties:
                        auth:
-                          description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, use the instance principal, otherwise the user credentials specified in Auth.
+                          description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, instance principal is used. Optionally, the authenticating principal type and/or user data may be supplied for the use of workload identity and user principal.
                          properties:
                            secretRef:
                              description: SecretRef to pass through sensitive information.
@ -703,6 +703,9 @@ spec:
                            - tenancy
                            - user
                          type: object
                        principalType:
                          description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                          type: string
                        region:
                          description: Region is the region where vault is located.
                          type: string
@ -2221,6 +2224,9 @@ spec:
                            - tenancy
                            - user
                          type: object
                        principalType:
                          description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                          type: string
                        region:
                          description: Region is the region where vault is located.
                          type: string
--- a/charts/external-secrets/external-secrets/tests/snapshot/cert_controller_test.yaml.snap
+++ b/charts/external-secrets/external-secrets/tests/snapshot/cert_controller_test.yaml.snap
@ -7,8 +7,8 @@ should match snapshot of default values:
        app.kubernetes.io/instance: RELEASE-NAME
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: external-secrets-cert-controller
-        app.kubernetes.io/version: v0.9.7
+        app.kubernetes.io/version: v0.9.8
-        helm.sh/chart: external-secrets-0.9.7
+        helm.sh/chart: external-secrets-0.9.8
      name: RELEASE-NAME-external-secrets-cert-controller
      namespace: NAMESPACE
    spec:
@ -24,8 +24,8 @@ should match snapshot of default values:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: external-secrets-cert-controller
-            app.kubernetes.io/version: v0.9.7
+            app.kubernetes.io/version: v0.9.8
-            helm.sh/chart: external-secrets-0.9.7
+            helm.sh/chart: external-secrets-0.9.8
        spec:
          automountServiceAccountToken: true
          containers:
@ -38,7 +38,7 @@ should match snapshot of default values:
                - --secret-namespace=NAMESPACE
                - --metrics-addr=:8080
                - --healthz-addr=:8081
-              image: ghcr.io/external-secrets/external-secrets:v0.9.7
+              image: ghcr.io/external-secrets/external-secrets:v0.9.8
              imagePullPolicy: IfNotPresent
              name: cert-controller
              ports:
--- a/charts/external-secrets/external-secrets/tests/snapshot/controller_test.yaml.snap
+++ b/charts/external-secrets/external-secrets/tests/snapshot/controller_test.yaml.snap
@ -7,8 +7,8 @@ should match snapshot of default values:
        app.kubernetes.io/instance: RELEASE-NAME
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: external-secrets
-        app.kubernetes.io/version: v0.9.7
+        app.kubernetes.io/version: v0.9.8
-        helm.sh/chart: external-secrets-0.9.7
+        helm.sh/chart: external-secrets-0.9.8
      name: RELEASE-NAME-external-secrets
      namespace: NAMESPACE
    spec:
@ -24,14 +24,14 @@ should match snapshot of default values:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: external-secrets
-            app.kubernetes.io/version: v0.9.7
+            app.kubernetes.io/version: v0.9.8
-            helm.sh/chart: external-secrets-0.9.7
+            helm.sh/chart: external-secrets-0.9.8
        spec:
          automountServiceAccountToken: true
          containers:
            - args:
                - --concurrent=1
-              image: ghcr.io/external-secrets/external-secrets:v0.9.7
+              image: ghcr.io/external-secrets/external-secrets:v0.9.8
              imagePullPolicy: IfNotPresent
              name: external-secrets
              ports:
--- a/charts/external-secrets/external-secrets/tests/snapshot/crds_test.yaml.snap
+++ b/charts/external-secrets/external-secrets/tests/snapshot/crds_test.yaml.snap
@ -662,7 +662,7 @@ should match snapshot of default values:
                          description: Oracle configures this store to sync secrets using Oracle Vault provider
                          properties:
                            auth:
-                              description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, use the instance principal, otherwise the user credentials specified in Auth.
+                              description: Auth configures how secret-manager authenticates with the Oracle Vault. If empty, instance principal is used. Optionally, the authenticating principal type and/or user data may be supplied for the use of workload identity and user principal.
                              properties:
                                secretRef:
                                  description: SecretRef to pass through sensitive information.
@ -708,6 +708,9 @@ should match snapshot of default values:
                                - tenancy
                                - user
                              type: object
                            principalType:
                              description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                              type: string
                            region:
                              description: Region is the region where vault is located.
                              type: string
@ -2226,6 +2229,9 @@ should match snapshot of default values:
                                - tenancy
                                - user
                              type: object
                            principalType:
                              description: The type of principal to use for authentication. If left blank, the Auth struct will determine the principal type. This optional field must be specified if using workload identity.
                              type: string
                            region:
                              description: Region is the region where vault is located.
                              type: string
--- a/charts/external-secrets/external-secrets/tests/snapshot/webhook_test.yaml.snap
+++ b/charts/external-secrets/external-secrets/tests/snapshot/webhook_test.yaml.snap
@ -7,8 +7,8 @@ should match snapshot of default values:
        app.kubernetes.io/instance: RELEASE-NAME
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: external-secrets-webhook
-        app.kubernetes.io/version: v0.9.7
+        app.kubernetes.io/version: v0.9.8
-        helm.sh/chart: external-secrets-0.9.7
+        helm.sh/chart: external-secrets-0.9.8
      name: RELEASE-NAME-external-secrets-webhook
      namespace: NAMESPACE
    spec:
@ -24,8 +24,8 @@ should match snapshot of default values:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: external-secrets-webhook
-            app.kubernetes.io/version: v0.9.7
+            app.kubernetes.io/version: v0.9.8
-            helm.sh/chart: external-secrets-0.9.7
+            helm.sh/chart: external-secrets-0.9.8
        spec:
          automountServiceAccountToken: true
          containers:
@ -37,7 +37,7 @@ should match snapshot of default values:
                - --check-interval=5m
                - --metrics-addr=:8080
                - --healthz-addr=:8081
-              image: ghcr.io/external-secrets/external-secrets:v0.9.7
+              image: ghcr.io/external-secrets/external-secrets:v0.9.8
              imagePullPolicy: IfNotPresent
              name: webhook
              ports:
@ -81,8 +81,8 @@ should match snapshot of default values:
        app.kubernetes.io/instance: RELEASE-NAME
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: external-secrets-webhook
-        app.kubernetes.io/version: v0.9.7
+        app.kubernetes.io/version: v0.9.8
        external-secrets.io/component: webhook
-        helm.sh/chart: external-secrets-0.9.7
+        helm.sh/chart: external-secrets-0.9.8
      name: RELEASE-NAME-external-secrets-webhook
      namespace: NAMESPACE
--- a/charts/hashicorp/vault/CHANGELOG.md
+++ b/charts/hashicorp/vault/CHANGELOG.md
@ -1,5 +1,33 @@
 ## Unreleased
 ## 0.26.1 (October 30, 2023)
 Bugs:
 * Fix templating of `server.ha.replicas` when set via override file. The `0.26.0` chart would ignore `server.ha.replicas` and always deploy 3 server replicas when `server.ha.enabled=true` unless overridden by command line when issuing the helm command: `--set server.ha.replicas=<some_number>`. Fixed in [GH-961](https://github.com/hashicorp/vault-helm/pull/961)
 ## 0.26.0 (October 27, 2023)
 Changes:
 * Default `vault` version updated to 1.15.1
 * Default `vault-k8s` version updated to 1.3.1
 * Default `vault-csi-provider` version updated to 1.4.1
 * Tested with Kubernetes versions 1.24-1.28
 * server: OpenShift default readiness probe returns 204 when uninitialized [GH-966](https://github.com/hashicorp/vault-helm/pull/966)
 Features:
 * server: Add support for dual stack clusters [GH-833](https://github.com/hashicorp/vault-helm/pull/833)
 * server: Support `hostAliases` for the StatefulSet pods [GH-955](https://github.com/hashicorp/vault-helm/pull/955)
 * server: Add `server.service.active.annotations` and `server.service.standby.annotations` [GH-896](https://github.com/hashicorp/vault-helm/pull/896)
 * server: Add long-lived service account token option [GH-923](https://github.com/hashicorp/vault-helm/pull/923)
 Bugs:
 * csi: Add namespace field to `csi-role` and `csi-rolebindings`. [GH-909](https://github.com/hashicorp/vault-helm/pull/909)
 Improvements:
 * global: Add `global.namespace` to override the helm installation namespace. [GH-909](https://github.com/hashicorp/vault-helm/pull/909)
 * server: use vault.fullname in Helm test [GH-912](https://github.com/hashicorp/vault-helm/pull/912)
 * server: Allow scaling HA replicas to zero [GH-943](https://github.com/hashicorp/vault-helm/pull/943)
 ## 0.25.0 (June 26, 2023)
 Changes:
--- a/charts/hashicorp/vault/Chart.yaml
+++ b/charts/hashicorp/vault/Chart.yaml
@ -6,7 +6,7 @@ annotations:
  catalog.cattle.io/release-name: vault
  charts.openshift.io/name: HashiCorp Vault
 apiVersion: v2
-appVersion: 1.14.0
+appVersion: 1.15.1
 description: Official HashiCorp Vault Chart
 home: https://www.vaultproject.io
 icon: https://github.com/hashicorp/vault/raw/f22d202cde2018f9455dec755118a9b84586e082/Vault_PrimaryLogo_Black.png
@ -25,4 +25,4 @@ sources:
 - https://github.com/hashicorp/vault-helm
 - https://github.com/hashicorp/vault-k8s
 - https://github.com/hashicorp/vault-csi-provider
-version: 0.25.0
+version: 0.26.1
--- a/charts/hashicorp/vault/README.md
+++ b/charts/hashicorp/vault/README.md
@ -10,7 +10,7 @@ cases of Vault on Kubernetes depending on the values provided.
 For full documentation on this Helm chart along with all the ways you can
 use Vault with Kubernetes, please see the
-[Vault and Kubernetes documentation](https://www.vaultproject.io/docs/platform/k8s/).
+[Vault and Kubernetes documentation](https://developer.hashicorp.com/vault/docs/platform/k8s).
 ## Prerequisites
@ -39,5 +39,5 @@ $ helm install vault hashicorp/vault
 Please see the many options supported in the `values.yaml` file. These are also
 fully documented directly on the [Vault
-website](https://www.vaultproject.io/docs/platform/k8s/helm) along with more
+website](https://developer.hashicorp.com/vault/docs/platform/k8s/helm) along with more
 detailed installation instructions.
--- a/charts/hashicorp/vault/templates/NOTES.txt
+++ b/charts/hashicorp/vault/templates/NOTES.txt
@ -4,7 +4,7 @@ Thank you for installing HashiCorp Vault!
 Now that you have deployed Vault, you should look over the docs on using
 Vault with Kubernetes available here:
-https://www.vaultproject.io/docs/
+https://developer.hashicorp.com/vault/docs
 Your release is named {{ .Release.Name }}. To learn more about the release, try:
--- a/charts/hashicorp/vault/templates/_helpers.tpl
+++ b/charts/hashicorp/vault/templates/_helpers.tpl
@ -36,6 +36,13 @@ Expand the name of the chart.
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Allow the release namespace to be overridden
 */}}
 {{- define "vault.namespace" -}}
 {{- default .Release.Namespace .Values.global.namespace -}}
 {{- end -}}
 {{/*
 Compute if the csi driver is enabled.
 */}}
@ -75,6 +82,17 @@ Compute if the server serviceaccount is enabled.
      (eq (.Values.global.enabled | toString) "true"))) -}}
 {{- end -}}
 {{/*
 Compute if the server serviceaccount should have a token created and mounted to the serviceaccount.
 */}}
 {{- define "vault.serverServiceAccountSecretCreationEnabled" -}}
 {{- $_ := set . "serverServiceAccountSecretCreationEnabled"
  (and
    (eq (.Values.server.serviceAccount.create | toString) "true")
    (eq (.Values.server.serviceAccount.createSecret | toString) "true")) -}}
 {{- end -}}
 {{/*
 Compute if the server auth delegator serviceaccount is enabled.
 */}}
@ -149,7 +167,11 @@ Set's the replica count based on the different modes configured by user
  {{ if eq .mode "standalone" }}
    {{- default 1 -}}
  {{ else if eq .mode "ha" }}
-    {{- .Values.server.ha.replicas | default 3 -}}
+    {{- if or (kindIs "int64" .Values.server.ha.replicas) (kindIs "float64" .Values.server.ha.replicas) -}}
      {{- .Values.server.ha.replicas -}}
    {{ else }}
      {{- 3 -}}
    {{- end -}}
  {{ else }}
    {{- default 1 -}}
  {{ end }}
@ -688,6 +710,33 @@ Sets extra vault server Service annotations
  {{- end }}
 {{- end -}}
 {{/*
 Sets extra vault server Service (active) annotations
 */}}
 {{- define "vault.service.active.annotations" -}}
  {{- if .Values.server.service.active.annotations }}
    {{- $tp := typeOf .Values.server.service.active.annotations }}
    {{- if eq $tp "string" }}
      {{- tpl .Values.server.service.active.annotations . | nindent 4 }}
    {{- else }}
      {{- toYaml .Values.server.service.active.annotations | nindent 4 }}
    {{- end }}
  {{- end }}
 {{- end -}}
 {{/*
 Sets extra vault server Service annotations
 */}}
 {{- define "vault.service.standby.annotations" -}}
  {{- if .Values.server.service.standby.annotations }}
    {{- $tp := typeOf .Values.server.service.standby.annotations }}
    {{- if eq $tp "string" }}
      {{- tpl .Values.server.service.standby.annotations . | nindent 4 }}
    {{- else }}
      {{- toYaml .Values.server.service.standby.annotations | nindent 4 }}
    {{- end }}
  {{- end }}
 {{- end -}}
 {{/*
 Sets PodSecurityPolicy annotations
 */}}
--- a/charts/hashicorp/vault/templates/csi-agent-configmap.yaml
+++ b/charts/hashicorp/vault/templates/csi-agent-configmap.yaml
@ -9,7 +9,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ template "vault.fullname" . }}-csi-provider-agent-config
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}-csi-provider
@ -21,7 +21,7 @@ data:
        {{- if .Values.global.externalVaultAddr }}
        "address" = "{{ .Values.global.externalVaultAddr }}"
        {{- else }}
-        "address" = "{{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.server.service.port }}"
+        "address" = "{{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}"
        {{- end }}
    }
--- a/charts/hashicorp/vault/templates/csi-clusterrolebinding.yaml
+++ b/charts/hashicorp/vault/templates/csi-clusterrolebinding.yaml
@ -20,5 +20,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ template "vault.fullname" . }}-csi-provider
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
 {{- end }}
--- a/charts/hashicorp/vault/templates/csi-daemonset.yaml
+++ b/charts/hashicorp/vault/templates/csi-daemonset.yaml
@ -9,7 +9,7 @@ apiVersion: apps/v1
 kind: DaemonSet
 metadata:
  name: {{ template "vault.fullname" . }}-csi-provider
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-csi-provider
    app.kubernetes.io/instance: {{ .Release.Name }}
@ -71,7 +71,7 @@ spec:
            {{- else if .Values.global.externalVaultAddr }}
              value: "{{ .Values.global.externalVaultAddr }}"
            {{- else }}
-              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.server.service.port }}
+              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
            {{- end }}
          volumeMounts:
            - name: providervol
--- a/charts/hashicorp/vault/templates/csi-role.yaml
+++ b/charts/hashicorp/vault/templates/csi-role.yaml
@ -9,6 +9,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ template "vault.fullname" . }}-csi-provider-role
  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-csi-provider
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/csi-rolebinding.yaml
+++ b/charts/hashicorp/vault/templates/csi-rolebinding.yaml
@ -9,6 +9,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ template "vault.fullname" . }}-csi-provider-rolebinding
  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-csi-provider
    app.kubernetes.io/instance: {{ .Release.Name }}
@ -20,5 +21,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ template "vault.fullname" . }}-csi-provider
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
 {{- end }}
--- a/charts/hashicorp/vault/templates/csi-serviceaccount.yaml
+++ b/charts/hashicorp/vault/templates/csi-serviceaccount.yaml
@ -9,7 +9,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "vault.fullname" . }}-csi-provider
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-csi-provider
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-certs-secret.yaml
+++ b/charts/hashicorp/vault/templates/injector-certs-secret.yaml
@ -10,7 +10,7 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: vault-injector-certs
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-clusterrolebinding.yaml
+++ b/charts/hashicorp/vault/templates/injector-clusterrolebinding.yaml
@ -20,5 +20,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ template "vault.fullname" . }}-agent-injector
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
 {{ end }}
--- a/charts/hashicorp/vault/templates/injector-deployment.yaml
+++ b/charts/hashicorp/vault/templates/injector-deployment.yaml
@ -10,7 +10,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
@ -64,7 +64,7 @@ spec:
            {{- else if .Values.injector.externalVaultAddr }}
              value: "{{ .Values.injector.externalVaultAddr }}"
            {{- else }}
-              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.server.service.port }}
+              value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
            {{- end }}
            - name: AGENT_INJECT_VAULT_AUTH_PATH
              value: {{ .Values.injector.authPath }}
@ -79,7 +79,7 @@ spec:
            - name: AGENT_INJECT_TLS_AUTO
              value: {{ template "vault.fullname" . }}-agent-injector-cfg
            - name: AGENT_INJECT_TLS_AUTO_HOSTS
-              value: {{ template "vault.fullname" . }}-agent-injector-svc,{{ template "vault.fullname" . }}-agent-injector-svc.{{ .Release.Namespace }},{{ template "vault.fullname" . }}-agent-injector-svc.{{ .Release.Namespace }}.svc
+              value: {{ template "vault.fullname" . }}-agent-injector-svc,{{ template "vault.fullname" . }}-agent-injector-svc.{{ include "vault.namespace" . }},{{ template "vault.fullname" . }}-agent-injector-svc.{{ include "vault.namespace" . }}.svc
            {{- end }}
            - name: AGENT_INJECT_LOG_FORMAT
              value: {{ .Values.injector.logFormat | default "standard" }}
--- a/charts/hashicorp/vault/templates/injector-disruptionbudget.yaml
+++ b/charts/hashicorp/vault/templates/injector-disruptionbudget.yaml
@ -8,7 +8,7 @@ apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
--- a/charts/hashicorp/vault/templates/injector-mutating-webhook.yaml
+++ b/charts/hashicorp/vault/templates/injector-mutating-webhook.yaml
@ -28,7 +28,7 @@ webhooks:
    clientConfig:
      service:
        name: {{ template "vault.fullname" . }}-agent-injector-svc
-        namespace: {{ .Release.Namespace }}
+        namespace: {{ include "vault.namespace" . }}
        path: "/mutate"
      caBundle: {{ .Values.injector.certs.caBundle | quote }}
    rules:
--- a/charts/hashicorp/vault/templates/injector-psp-role.yaml
+++ b/charts/hashicorp/vault/templates/injector-psp-role.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector-psp
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-psp-rolebinding.yaml
+++ b/charts/hashicorp/vault/templates/injector-psp-rolebinding.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector-psp
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-role.yaml
+++ b/charts/hashicorp/vault/templates/injector-role.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector-leader-elector-role
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-rolebinding.yaml
+++ b/charts/hashicorp/vault/templates/injector-rolebinding.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector-leader-elector-binding
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
@ -22,6 +22,6 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: {{ template "vault.fullname" . }}-agent-injector
-    namespace: {{ .Release.Namespace }}
+    namespace: {{ include "vault.namespace" . }}
 {{- end }}
 {{- end }}
--- a/charts/hashicorp/vault/templates/injector-service.yaml
+++ b/charts/hashicorp/vault/templates/injector-service.yaml
@ -9,7 +9,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector-svc
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/injector-serviceaccount.yaml
+++ b/charts/hashicorp/vault/templates/injector-serviceaccount.yaml
@ -9,7 +9,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "vault.fullname" . }}-agent-injector
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}-agent-injector
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/prometheus-servicemonitor.yaml
+++ b/charts/hashicorp/vault/templates/prometheus-servicemonitor.yaml
@ -45,5 +45,5 @@ spec:
      insecureSkipVerify: true
  namespaceSelector:
    matchNames:
-      - {{ .Release.Namespace }}
+      - {{ include "vault.namespace" . }}
 {{ end }}
--- a/charts/hashicorp/vault/templates/server-clusterrolebinding.yaml
+++ b/charts/hashicorp/vault/templates/server-clusterrolebinding.yaml
@ -25,5 +25,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ template "vault.serviceAccount.name" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
 {{ end }}
--- a/charts/hashicorp/vault/templates/server-config-configmap.yaml
+++ b/charts/hashicorp/vault/templates/server-config-configmap.yaml
@ -12,7 +12,7 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ template "vault.fullname" . }}-config
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
--- a/charts/hashicorp/vault/templates/server-discovery-role.yaml
+++ b/charts/hashicorp/vault/templates/server-discovery-role.yaml
@ -10,7 +10,7 @@ SPDX-License-Identifier: MPL-2.0
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  name: {{ template "vault.fullname" . }}-discovery-role
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
--- a/charts/hashicorp/vault/templates/server-discovery-rolebinding.yaml
+++ b/charts/hashicorp/vault/templates/server-discovery-rolebinding.yaml
@ -15,7 +15,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
 metadata:
  name: {{ template "vault.fullname" . }}-discovery-rolebinding
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
@ -28,7 +28,7 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: {{ template "vault.serviceAccount.name" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
 {{ end }}
 {{ end }}
 {{ end }}
--- a/charts/hashicorp/vault/templates/server-disruptionbudget.yaml
+++ b/charts/hashicorp/vault/templates/server-disruptionbudget.yaml
@ -13,7 +13,7 @@ apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
  name: {{ template "vault.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
--- a/charts/hashicorp/vault/templates/server-ha-active-service.yaml
+++ b/charts/hashicorp/vault/templates/server-ha-active-service.yaml
@ -14,7 +14,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}-active
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
@ -22,11 +22,20 @@ metadata:
    app.kubernetes.io/managed-by: {{ .Release.Service }}
    vault-active: "true"
  annotations:
-{{ template "vault.service.annotations" .}}
+{{- template "vault.service.active.annotations" . }}
 {{- template "vault.service.annotations" . }}
 spec:
  {{- if .Values.server.service.type}}
  type: {{ .Values.server.service.type }}
  {{- end}}
  {{- if (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) }}
  {{- if .Values.server.service.ipFamilyPolicy }}
  ipFamilyPolicy: {{ .Values.server.service.ipFamilyPolicy }}
  {{- end }}
  {{- if .Values.server.service.ipFamilies }}
  ipFamilies: {{ .Values.server.service.ipFamilies | toYaml | nindent 2 }}
  {{- end }}
  {{- end }}
  {{- if .Values.server.service.clusterIP }}
  clusterIP: {{ .Values.server.service.clusterIP }}
  {{- end }}
--- a/charts/hashicorp/vault/templates/server-ha-standby-service.yaml
+++ b/charts/hashicorp/vault/templates/server-ha-standby-service.yaml
@ -14,18 +14,27 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}-standby
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
  annotations:
-{{ template "vault.service.annotations" .}}
+{{- template "vault.service.standby.annotations" . }}
 {{- template "vault.service.annotations" . }}
 spec:
  {{- if .Values.server.service.type}}
  type: {{ .Values.server.service.type }}
  {{- end}}
  {{- if (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) }}
  {{- if .Values.server.service.ipFamilyPolicy }}
  ipFamilyPolicy: {{ .Values.server.service.ipFamilyPolicy }}
  {{- end }}
  {{- if .Values.server.service.ipFamilies }}
  ipFamilies: {{ .Values.server.service.ipFamilies | toYaml | nindent 2 }}
  {{- end }}
  {{- end }}
  {{- if .Values.server.service.clusterIP }}
  clusterIP: {{ .Values.server.service.clusterIP }}
  {{- end }}
--- a/charts/hashicorp/vault/templates/server-headless-service.yaml
+++ b/charts/hashicorp/vault/templates/server-headless-service.yaml
@ -12,7 +12,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}-internal
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
@ -22,6 +22,14 @@ metadata:
  annotations:
 {{ template "vault.service.annotations" .}}
 spec:
  {{- if (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) }}
  {{- if .Values.server.service.ipFamilyPolicy }}
  ipFamilyPolicy: {{ .Values.server.service.ipFamilyPolicy }}
  {{- end }}
  {{- if .Values.server.service.ipFamilies }}
  ipFamilies: {{ .Values.server.service.ipFamilies | toYaml | nindent 2 }}
  {{- end }}
  {{- end }}
  clusterIP: None
  publishNotReadyAddresses: true
  ports:
--- a/charts/hashicorp/vault/templates/server-ingress.yaml
+++ b/charts/hashicorp/vault/templates/server-ingress.yaml
@ -21,7 +21,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ template "vault.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
--- a/charts/hashicorp/vault/templates/server-psp-role.yaml
+++ b/charts/hashicorp/vault/templates/server-psp-role.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  name: {{ template "vault.fullname" . }}-psp
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/server-psp-rolebinding.yaml
+++ b/charts/hashicorp/vault/templates/server-psp-rolebinding.yaml
@ -10,7 +10,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  name: {{ template "vault.fullname" . }}-psp
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/templates/server-route.yaml
+++ b/charts/hashicorp/vault/templates/server-route.yaml
@ -14,7 +14,7 @@ kind: Route
 apiVersion: route.openshift.io/v1
 metadata:
  name: {{ template "vault.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
--- a/charts/hashicorp/vault/templates/server-service.yaml
+++ b/charts/hashicorp/vault/templates/server-service.yaml
@ -12,7 +12,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
@ -24,6 +24,14 @@ spec:
  {{- if .Values.server.service.type}}
  type: {{ .Values.server.service.type }}
  {{- end}}
  {{- if (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) }}
  {{- if .Values.server.service.ipFamilyPolicy }}
  ipFamilyPolicy: {{ .Values.server.service.ipFamilyPolicy }}
  {{- end }}
  {{- if .Values.server.service.ipFamilies }}
  ipFamilies: {{ .Values.server.service.ipFamilies | toYaml | nindent 2 }}
  {{- end }}
  {{- end }}
  {{- if .Values.server.service.clusterIP }}
  clusterIP: {{ .Values.server.service.clusterIP }}
  {{- end }}
--- a/charts/hashicorp/vault/templates/server-serviceaccount-secret.yaml
+++ b/charts/hashicorp/vault/templates/server-serviceaccount-secret.yaml
@ -0,0 +1,21 @@
 {{/*
 Copyright (c) HashiCorp, Inc.
 SPDX-License-Identifier: MPL-2.0
 */}}
 {{ template "vault.serverServiceAccountSecretCreationEnabled" . }}
 {{- if .serverServiceAccountSecretCreationEnabled -}}
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ template "vault.serviceAccount.name" . }}-token
  namespace: {{ include "vault.namespace" . }}
  annotations:
    kubernetes.io/service-account.name: {{ template "vault.serviceAccount.name" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 type: kubernetes.io/service-account-token
 {{ end }}
--- a/charts/hashicorp/vault/templates/server-serviceaccount.yaml
+++ b/charts/hashicorp/vault/templates/server-serviceaccount.yaml
@ -9,7 +9,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ template "vault.serviceAccount.name" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}
--- a/charts/hashicorp/vault/templates/server-statefulset.yaml
+++ b/charts/hashicorp/vault/templates/server-statefulset.yaml
@ -12,7 +12,7 @@ apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  name: {{ template "vault.fullname" . }}
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
@ -61,6 +61,10 @@ spec:
        {{ template "vault.volumes" . }}
        - name: home
          emptyDir: {}
      {{- if .Values.server.hostAliases }}
      hostAliases:
        {{ toYaml .Values.server.hostAliases | nindent 8}}
      {{- end }}
      {{- if .Values.server.extraInitContainers }}
      initContainers:
        {{ toYaml .Values.server.extraInitContainers | nindent 8}}
--- a/charts/hashicorp/vault/templates/tests/server-test.yaml
+++ b/charts/hashicorp/vault/templates/tests/server-test.yaml
@ -9,8 +9,8 @@ SPDX-License-Identifier: MPL-2.0
 apiVersion: v1
 kind: Pod
 metadata:
-  name: "{{ .Release.Name }}-server-test"
+  name: {{ template "vault.fullname" . }}-server-test
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  annotations:
    "helm.sh/hook": test
 spec:
@ -21,7 +21,7 @@ spec:
      imagePullPolicy: {{ .Values.server.image.pullPolicy }}
      env:
        - name: VAULT_ADDR
-          value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ .Release.Namespace }}.svc:{{ .Values.server.service.port }}
+          value: {{ include "vault.scheme" . }}://{{ template "vault.fullname" . }}.{{ include "vault.namespace" . }}.svc:{{ .Values.server.service.port }}
        {{- include "vault.extraEnvironmentVars" .Values.server | nindent 8 }}
      command:
        - /bin/sh
--- a/charts/hashicorp/vault/templates/ui-service.yaml
+++ b/charts/hashicorp/vault/templates/ui-service.yaml
@ -12,7 +12,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ template "vault.fullname" . }}-ui
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ include "vault.namespace" . }}
  labels:
    helm.sh/chart: {{ include "vault.chart" . }}
    app.kubernetes.io/name: {{ include "vault.name" . }}-ui
@ -20,6 +20,14 @@ metadata:
    app.kubernetes.io/managed-by: {{ .Release.Service }}
  {{- template "vault.ui.annotations" . }}
 spec:
  {{- if (semverCompare ">= 1.23-0" .Capabilities.KubeVersion.Version) }}
  {{- if .Values.ui.serviceIPFamilyPolicy }}
  ipFamilyPolicy: {{ .Values.ui.serviceIPFamilyPolicy }}
  {{- end }}
  {{- if .Values.ui.serviceIPFamilies }}
  ipFamilies: {{ .Values.ui.serviceIPFamilies | toYaml | nindent 2 }}
  {{- end }}
  {{- end }}
  selector:
    app.kubernetes.io/name: {{ include "vault.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
--- a/charts/hashicorp/vault/values.openshift.yaml
+++ b/charts/hashicorp/vault/values.openshift.yaml
@ -9,13 +9,16 @@ global:
 injector:
  image:
    repository: "registry.connect.redhat.com/hashicorp/vault-k8s"
-    tag: "1.2.1-ubi"
+    tag: "1.3.1-ubi"
  agentImage:
    repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.14.0-ubi"
+    tag: "1.15.1-ubi"
 server:
  image:
    repository: "registry.connect.redhat.com/hashicorp/vault"
-    tag: "1.14.0-ubi"
+    tag: "1.15.1-ubi"
  readinessProbe:
    path: "/v1/sys/health?uninitcode=204"
--- a/charts/hashicorp/vault/values.schema.json
+++ b/charts/hashicorp/vault/values.schema.json
@ -228,6 +228,9 @@
                "enabled": {
                    "type": "boolean"
                },
                "namespace": {
                    "type": "string"
                },        
                "externalVaultAddr": {
                    "type": "string"
                },
@ -737,6 +740,9 @@
                        }
                    }
                },
                "hostAliases": {
                    "type": "array"
                },
                "image": {
                    "type": "object",
                    "properties": {
@ -916,6 +922,12 @@
                            "properties": {
                                "enabled": {
                                    "type": "boolean"
                                },
                                "annotations": {
                                    "type": [
                                        "object",
                                        "string"
                                    ]
                                }
                            }
                        },
@ -950,6 +962,12 @@
                            "properties": {
                                "enabled": {
                                    "type": "boolean"
                                },
                                "annotations": {
                                    "type": [
                                        "object",
                                        "string"
                                    ]
                                }
                            }
                        },
@ -964,6 +982,14 @@
                        },
                        "standbyNodePort": {
                            "type": "integer"
                        },
                        "ipFamilyPolicy": {
                            "type": "string"
                        },
                        "ipFamilies": {
                            "type": [
                                "array"
                            ]
                        }
                    }
                },
@ -982,6 +1008,9 @@
                        "extraLabels": {
                            "type": "object"
                        },
                        "createSecret": {
                            "type": "boolean"
                        },
                        "name": {
                            "type": "string"
                        },
@ -1137,6 +1166,16 @@
                },
                "targetPort": {
                    "type": "integer"
                },
                "serviceIPFamilyPolicy": {
                    "type": [
                        "string"
                    ]
                },
                "serviceIPFamilies": {
                    "type": [
                        "array"
                    ]
                }
            }
        }
--- a/charts/hashicorp/vault/values.yaml
+++ b/charts/hashicorp/vault/values.yaml
@ -8,6 +8,9 @@ global:
  # will enable or disable all the components within this chart by default.
  enabled: true
  # The namespace to deploy to. Defaults to the `helm` installation namespace.
  namespace: ""
  # Image pull secret to use for registry authentication.
  # Alternatively, the value may be specified as an array of strings.
  imagePullSecrets: []
@ -65,7 +68,7 @@ injector:
  # image sets the repo and tag of the vault-k8s image to use for the injector.
  image:
    repository: "hashicorp/vault-k8s"
-    tag: "1.2.1"
+    tag: "1.3.1"
    pullPolicy: IfNotPresent
  # agentImage sets the repo and tag of the Vault image to use for the Vault Agent
@ -73,7 +76,7 @@ injector:
  # required.
  agentImage:
    repository: "hashicorp/vault"
-    tag: "1.14.0"
+    tag: "1.15.1"
  # The default values for the injected Vault Agent containers.
  agentDefaults:
@ -374,7 +377,7 @@ server:
  image:
    repository: "hashicorp/vault"
-    tag: "1.14.0"
+    tag: "1.15.1"
    # Overrides the default Image Pull Policy
    pullPolicy: IfNotPresent
@ -442,6 +445,12 @@ server:
    #    hosts:
    #      - chart-example.local
  # hostAliases is a list of aliases to be added to /etc/hosts. Specified as a YAML list.
  hostAliases: []
  # - ip: 127.0.0.1
  #   hostnames:
  #     - chart-example.local
  # OpenShift only - create a route to expose the service
  # By default the created route will be of type passthrough
  route:
@ -462,7 +471,7 @@ server:
  # authDelegator enables a cluster role binding to be attached to the service
  # account.  This cluster role binding can be used to setup Kubernetes auth
-  # method.  https://www.vaultproject.io/docs/auth/kubernetes.html
+  # method. See https://developer.hashicorp.com/vault/docs/auth/kubernetes
  authDelegator:
    enabled: true
@ -649,13 +658,21 @@ server:
  service:
    enabled: true
    # Enable or disable the vault-active service, which selects Vault pods that
-    # have labelled themselves as the cluster leader with `vault-active: "true"`
+    # have labeled themselves as the cluster leader with `vault-active: "true"`.
    active:
      enabled: true
      # Extra annotations for the service definition. This can either be YAML or a
      # YAML-formatted multi-line templated string map of the annotations to apply
      # to the active service.
      annotations: {}
    # Enable or disable the vault-standby service, which selects Vault pods that
-    # have labelled themselves as a cluster follower with `vault-active: "false"`
+    # have labeled themselves as a cluster follower with `vault-active: "false"`.
    standby:
      enabled: true
      # Extra annotations for the service definition. This can either be YAML or a
      # YAML-formatted multi-line templated string map of the annotations to apply
      # to the standby service.
      annotations: {}
    # If enabled, the service selectors will include `app.kubernetes.io/instance: {{ .Release.Name }}`
    # When disabled, services may select Vault pods not deployed from the chart.
    # Does not affect the headless vault-internal service with `ClusterIP: None`
@ -673,6 +690,21 @@ server:
    # or NodePort.
    #type: ClusterIP
    # The IP family and IP families options are to set the behaviour in a dual-stack environment.
    # Omitting these values will let the service fall back to whatever the CNI dictates the defaults
    # should be.
    # These are only supported for kubernetes versions >=1.23.0
    #
    # Configures the service's supported IP family policy, can be either:
    #     SingleStack: Single-stack service. The control plane allocates a cluster IP for the Service, using the first configured service cluster IP range.
    #     PreferDualStack: Allocates IPv4 and IPv6 cluster IPs for the Service.
    #     RequireDualStack: Allocates Service .spec.ClusterIPs from both IPv4 and IPv6 address ranges.
    ipFamilyPolicy: ""
    # Sets the families that should be supported and the order in which they should be applied to ClusterIP as well.
    # Can be IPv4 and/or IPv6.
    ipFamilies: []
    # Do not wait for pods to be ready before including them in the services'
    # targets. Does not apply to the headless service, which is used for
    # cluster-internal communication.
@ -709,7 +741,7 @@ server:
  # This configures the Vault Statefulset to create a PVC for data
  # storage when using the file or raft backend storage engines.
-  # See https://www.vaultproject.io/docs/configuration/storage/index.html to know more
+  # See https://developer.hashicorp.com/vault/docs/configuration/storage to know more
  dataStorage:
    enabled: true
    # Size of the PVC created
@ -728,7 +760,7 @@ server:
  # logs.  Once Vault is deployed, initialized, and unsealed, Vault must
  # be configured to use this for audit logs.  This will be mounted to
  # /vault/audit
-  # See https://www.vaultproject.io/docs/audit/index.html to know more
+  # See https://developer.hashicorp.com/vault/docs/audit to know more
  auditStorage:
    enabled: false
    # Size of the PVC created
@ -747,7 +779,7 @@ server:
  # and no initialization. This is useful for experimenting with Vault without
  # needing to unseal, store keys, et. al. All data is lost on restart - do not
  # use dev mode for anything other than experimenting.
-  # See https://www.vaultproject.io/docs/concepts/dev-server.html to know more
+  # See https://developer.hashicorp.com/vault/docs/concepts/dev-server to know more
  dev:
    enabled: false
@ -769,7 +801,7 @@ server:
    # Note: Configuration files are stored in ConfigMaps so sensitive data
    # such as passwords should be either mounted through extraSecretEnvironmentVars
    # or through a Kube secret.  For more information see:
-    # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
+    # https://developer.hashicorp.com/vault/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
    config: |
      ui = true
@ -812,12 +844,12 @@ server:
    replicas: 3
    # Set the api_addr configuration for Vault HA
-    # See https://www.vaultproject.io/docs/configuration#api_addr
+    # See https://developer.hashicorp.com/vault/docs/configuration#api_addr
    # If set to null, this will be set to the Pod IP Address
    apiAddr: null
    # Set the cluster_addr confuguration for Vault HA
-    # See https://www.vaultproject.io/docs/configuration#cluster_addr
+    # See https://developer.hashicorp.com/vault/docs/configuration#cluster_addr
    # If set to null, this will be set to https://$(HOSTNAME).{{ template "vault.fullname" . }}-internal:8201
    clusterAddr: null
@ -835,7 +867,7 @@ server:
      # Note: Configuration files are stored in ConfigMaps so sensitive data
      # such as passwords should be either mounted through extraSecretEnvironmentVars
      # or through a Kube secret.  For more information see:
-      # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
+      # https://developer.hashicorp.com/vault/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
      config: |
        ui = true
@ -862,7 +894,7 @@ server:
    # Note: Configuration files are stored in ConfigMaps so sensitive data
    # such as passwords should be either mounted through extraSecretEnvironmentVars
    # or through a Kube secret.  For more information see:
-    # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
+    # https://developer.hashicorp.com/vault/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations
    config: |
      ui = true
@ -914,6 +946,12 @@ server:
    # The name of the service account to use.
    # If not set and create is true, a name is generated using the fullname template
    name: ""
    # Create a Secret API object to store a non-expiring token for the service account.
    # Prior to v1.24.0, Kubernetes used to generate this secret for each service account by default.
    # Kubernetes now recommends using short-lived tokens from the TokenRequest API or projected volumes instead if possible.
    # For more details, see https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
    # serviceAccount.create must be equal to 'true' in order to use this feature.
    createSecret: false
    # Extra annotations for the serviceAccount definition. This can either be
    # YAML or a YAML-formatted multi-line templated string map of the
    # annotations to apply to the serviceAccount.
@ -970,6 +1008,21 @@ ui:
  externalPort: 8200
  targetPort: 8200
  # The IP family and IP families options are to set the behaviour in a dual-stack environment.
  # Omitting these values will let the service fall back to whatever the CNI dictates the defaults
  # should be.
  # These are only supported for kubernetes versions >=1.23.0
  #
  # Configures the service's supported IP family, can be either:
  #     SingleStack: Single-stack service. The control plane allocates a cluster IP for the Service, using the first configured service cluster IP range.
  #     PreferDualStack: Allocates IPv4 and IPv6 cluster IPs for the Service.
  #     RequireDualStack: Allocates Service .spec.ClusterIPs from both IPv4 and IPv6 address ranges.
  serviceIPFamilyPolicy: ""
  # Sets the families that should be supported and the order in which they should be applied to ClusterIP as well
  # Can be IPv4 and/or IPv6.
  serviceIPFamilies: []
  # The externalTrafficPolicy can be set to either Cluster or Local
  # and is only valid for LoadBalancer and NodePort service types.
  # The default value is Cluster.
@ -1001,7 +1054,7 @@ csi:
  image:
    repository: "hashicorp/vault-csi-provider"
-    tag: "1.4.0"
+    tag: "1.4.1"
    pullPolicy: IfNotPresent
  # volumes is a list of volumes made available to all containers. These are rendered
@ -1086,7 +1139,7 @@ csi:
    image:
      repository: "hashicorp/vault"
-      tag: "1.14.0"
+      tag: "1.15.1"
      pullPolicy: IfNotPresent
    logFormat: standard
@ -1143,7 +1196,7 @@ csi:
  debug: false
  # Pass arbitrary additional arguments to vault-csi-provider.
-  # See https://www.vaultproject.io/docs/platform/k8s/csi/configurations#command-line-arguments
+  # See https://developer.hashicorp.com/vault/docs/platform/k8s/csi/configurations#command-line-arguments
  # for the available command line flags.
  extraArgs: []
@ -1152,8 +1205,8 @@ csi:
 # the Vault configuration. There are a few examples included in the `config` sections above.
 #
 # For more information see:
-# https://www.vaultproject.io/docs/configuration/telemetry
+# https://developer.hashicorp.com/vault/docs/configuration/telemetry
-# https://www.vaultproject.io/docs/internals/telemetry
+# https://developer.hashicorp.com/vault/docs/internals/telemetry
 serverTelemetry:
  # Enable support for the Prometheus Operator. Currently, this chart does not support
  # authenticating to Vault's metrics endpoint, so the following `telemetry{}` must be included
--- a/charts/loft/loft/Chart.yaml
+++ b/charts/loft/loft/Chart.yaml
@ -28,4 +28,4 @@ name: loft
 sources:
 - https://github.com/loft-sh/loft
 type: application
-version: 3.3.0
+version: 3.3.1
--- a/charts/nats/nats/Chart.yaml
+++ b/charts/nats/nats/Chart.yaml
@ -4,7 +4,7 @@ annotations:
  catalog.cattle.io/kube-version: '>=1.16-0'
  catalog.cattle.io/release-name: nats
 apiVersion: v2
-appVersion: 2.10.3
+appVersion: 2.10.4
 description: A Helm chart for the NATS.io High Speed Cloud Native Distributed Communications
  Technology.
 home: http://github.com/nats-io/k8s
@ -18,4 +18,4 @@ maintainers:
  name: The NATS Authors
  url: https://github.com/nats-io
 name: nats
-version: 1.1.2
+version: 1.1.3
--- a/charts/nats/nats/values.yaml
+++ b/charts/nats/nats/values.yaml
@ -308,7 +308,7 @@ config:
 container:
  image:
    repository: nats
-    tag: 2.10.3-alpine
+    tag: 2.10.4-alpine
    pullPolicy:
    registry:
--- a/charts/new-relic/nri-bundle/Chart.lock
+++ b/charts/new-relic/nri-bundle/Chart.lock
@ -1,25 +1,25 @@
 dependencies:
 - name: newrelic-infrastructure
  repository: https://newrelic.github.io/nri-kubernetes
-  version: 3.23.3
+  version: 3.23.4
 - name: nri-prometheus
  repository: https://newrelic.github.io/nri-prometheus
  version: 2.1.17
 - name: newrelic-prometheus-agent
  repository: https://newrelic.github.io/newrelic-prometheus-configurator
-  version: 1.5.1
+  version: 1.6.0
 - name: nri-metadata-injection
  repository: https://newrelic.github.io/k8s-metadata-injection
-  version: 4.10.2
+  version: 4.11.0
 - name: newrelic-k8s-metrics-adapter
  repository: https://newrelic.github.io/newrelic-k8s-metrics-adapter
-  version: 1.4.3
+  version: 1.5.0
 - name: kube-state-metrics
  repository: https://prometheus-community.github.io/helm-charts
  version: 5.12.1
 - name: nri-kube-events
  repository: https://newrelic.github.io/nri-kube-events
-  version: 3.2.6
+  version: 3.3.0
 - name: newrelic-logging
  repository: https://newrelic.github.io/helm-charts
  version: 1.18.1
@ -31,6 +31,6 @@ dependencies:
  version: 0.1.4
 - name: newrelic-infra-operator
  repository: https://newrelic.github.io/newrelic-infra-operator
-  version: 2.3.3
+  version: 2.4.0
-digest: sha256:c543d1a04d2e80cc532d335b7c13104007c19ca20fc64a625ca1f0c4e27ae681
+digest: sha256:513fd7c4b9475bfa329ebe349022b95481f456b4facad64b82921bb8926361e1
-generated: "2023-10-25T15:02:36.960563782Z"
+generated: "2023-10-31T08:04:17.666576471Z"
--- a/charts/new-relic/nri-bundle/Chart.yaml
+++ b/charts/new-relic/nri-bundle/Chart.yaml
@ -7,7 +7,7 @@ dependencies:
 - condition: infrastructure.enabled,newrelic-infrastructure.enabled
  name: newrelic-infrastructure
  repository: file://./charts/newrelic-infrastructure
-  version: 3.23.3
+  version: 3.23.4
 - condition: prometheus.enabled,nri-prometheus.enabled
  name: nri-prometheus
  repository: file://./charts/nri-prometheus
@ -15,15 +15,15 @@ dependencies:
 - condition: newrelic-prometheus-agent.enabled
  name: newrelic-prometheus-agent
  repository: file://./charts/newrelic-prometheus-agent
-  version: 1.5.1
+  version: 1.6.0
 - condition: webhook.enabled,nri-metadata-injection.enabled
  name: nri-metadata-injection
  repository: file://./charts/nri-metadata-injection
-  version: 4.10.2
+  version: 4.11.0
 - condition: metrics-adapter.enabled,newrelic-k8s-metrics-adapter.enabled
  name: newrelic-k8s-metrics-adapter
  repository: file://./charts/newrelic-k8s-metrics-adapter
-  version: 1.4.3
+  version: 1.5.0
 - condition: ksm.enabled,kube-state-metrics.enabled
  name: kube-state-metrics
  repository: file://./charts/kube-state-metrics
@ -31,7 +31,7 @@ dependencies:
 - condition: kubeEvents.enabled,nri-kube-events.enabled
  name: nri-kube-events
  repository: file://./charts/nri-kube-events
-  version: 3.2.6
+  version: 3.3.0
 - condition: logging.enabled,newrelic-logging.enabled
  name: newrelic-logging
  repository: file://./charts/newrelic-logging
@ -48,7 +48,7 @@ dependencies:
 - condition: newrelic-infra-operator.enabled
  name: newrelic-infra-operator
  repository: file://./charts/newrelic-infra-operator
-  version: 2.3.3
+  version: 2.4.0
 description: Groups together the individual charts for the New Relic Kubernetes solution
  for a more comfortable deployment.
 home: https://github.com/newrelic/helm-charts
@ -89,4 +89,4 @@ sources:
 - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging
 - https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-pixie
 - https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator
-version: 5.0.42
+version: 5.0.43
--- a/charts/new-relic/nri-bundle/charts/newrelic-infra-operator/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/newrelic-infra-operator/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 0.11.3
+appVersion: 0.12.0
 dependencies:
 - name: common-library
  repository: https://helm-charts.newrelic.com
@ -32,4 +32,4 @@ name: newrelic-infra-operator
 sources:
 - https://github.com/newrelic/newrelic-infra-operator
 - https://github.com/newrelic/newrelic-infra-operator/tree/main/charts/newrelic-infra-operator
-version: 2.3.3
+version: 2.4.0
--- a/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 3.18.3
+appVersion: 3.18.4
 dependencies:
 - name: common-library
  repository: https://helm-charts.newrelic.com
@ -35,4 +35,4 @@ sources:
 - https://github.com/newrelic/nri-kubernetes/
 - https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure
 - https://github.com/newrelic/infrastructure-agent/
-version: 3.23.3
+version: 3.23.4
--- a/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 0.6.4
+appVersion: 0.7.0
 dependencies:
 - name: common-library
  repository: https://helm-charts.newrelic.com
@ -20,4 +20,4 @@ name: newrelic-k8s-metrics-adapter
 sources:
 - https://github.com/newrelic/newrelic-k8s-metrics-adapter
 - https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter
-version: 1.4.3
+version: 1.5.0
--- a/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml
@ -1,5 +1,5 @@
 annotations:
-  configuratorVersion: 1.8.1
+  configuratorVersion: 1.9.0
 apiVersion: v2
 appVersion: v2.37.8
 dependencies:
@ -31,4 +31,4 @@ maintainers:
  url: https://github.com/xqi-nr
 name: newrelic-prometheus-agent
 type: application
-version: 1.5.1
+version: 1.6.0
--- a/charts/new-relic/nri-bundle/charts/nri-kube-events/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/nri-kube-events/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 2.2.13
+appVersion: 2.3.0
 dependencies:
 - name: common-library
  repository: https://helm-charts.newrelic.com
@ -35,4 +35,4 @@ sources:
 - https://github.com/newrelic/nri-kube-events/
 - https://github.com/newrelic/nri-kube-events/tree/main/charts/nri-kube-events
 - https://github.com/newrelic/infrastructure-agent/
-version: 3.2.6
+version: 3.3.0
--- a/charts/new-relic/nri-bundle/charts/nri-kube-events/README.md
+++ b/charts/new-relic/nri-bundle/charts/nri-kube-events/README.md
@ -1,6 +1,6 @@
 # nri-kube-events
-![Version: 3.2.6](https://img.shields.io/badge/Version-3.2.6-informational?style=flat-square) ![AppVersion: 2.2.13](https://img.shields.io/badge/AppVersion-2.2.13-informational?style=flat-square)
+![Version: 3.3.0](https://img.shields.io/badge/Version-3.3.0-informational?style=flat-square) ![AppVersion: 2.3.0](https://img.shields.io/badge/AppVersion-2.3.0-informational?style=flat-square)
 A Helm chart to deploy the New Relic Kube Events router
--- a/charts/new-relic/nri-bundle/charts/nri-metadata-injection/Chart.yaml
+++ b/charts/new-relic/nri-bundle/charts/nri-metadata-injection/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 1.18.4
+appVersion: 1.19.0
 dependencies:
 - name: common-library
  repository: https://helm-charts.newrelic.com
@ -22,4 +22,4 @@ name: nri-metadata-injection
 sources:
 - https://github.com/newrelic/k8s-metadata-injection
 - https://github.com/newrelic/k8s-metadata-injection/tree/master/charts/nri-metadata-injection
-version: 4.10.2
+version: 4.11.0
--- a/charts/redpanda/redpanda/Chart.lock
+++ b/charts/redpanda/redpanda/Chart.lock
@ -6,4 +6,4 @@ dependencies:
  repository: https://charts.redpanda.com
  version: 0.1.7
 digest: sha256:2be209fa1660b3c8a030bb35e9e7fa25dcb81aa456ce7a73c2ab1ae6eebb3d04
-generated: "2023-10-27T18:34:04.296697929Z"
+generated: "2023-10-30T17:31:44.018230015Z"
--- a/charts/redpanda/redpanda/Chart.yaml
+++ b/charts/redpanda/redpanda/Chart.yaml
@ -10,7 +10,7 @@ annotations:
  artifacthub.io/links: |
    - name: Documentation
      url: https://docs.redpanda.com
-    - name: "Helm (>= 3.6.0)"
+    - name: "Helm (>= 3.8.0)"
      url: https://helm.sh/docs/intro/install/
  catalog.cattle.io/certified: partner
  catalog.cattle.io/display-name: Redpanda
@ -37,4 +37,4 @@ name: redpanda
 sources:
 - https://github.com/redpanda-data/helm-charts
 type: application
-version: 5.6.35
+version: 5.6.37
--- a/charts/redpanda/redpanda/templates/_helpers.tpl
+++ b/charts/redpanda/redpanda/templates/_helpers.tpl
@ -202,7 +202,10 @@ Use AppVersion if image.tag is not set
  Input can be: b | B | k | K | m | M | g | G | Ki | Mi | Gi
  Or number without suffix
  */}}
-  {{- $si := . | toString -}}
+  {{- $si := . -}}
  {{- if not (typeIs "string" . ) -}}
    {{- $si = int64 $si | toString -}}
  {{- end -}}
  {{- $bytes := 0 -}}
  {{- if or (hasSuffix "B" $si) (hasSuffix "b" $si) -}}
    {{- $bytes = $si | trimSuffix "B" | trimSuffix "b" | float64 | floor -}}
@ -423,6 +426,13 @@ than 1 core.
 {{- end -}}
 {{- end -}}
 {{- define "fail-on-unsupported-helm-version" -}}
  {{- $helmVer := (fromYaml (toYaml .Capabilities.HelmVersion)).version -}}
  {{- if semverCompare "<3.8.0-0" $helmVer -}}
    {{- fail (printf "helm version %s is not supported. Please use helm version v3.8.0 or newer." $helmVer) -}}
  {{- end -}}
 {{- end -}}
 {{- define "redpanda-atleast-22-2-0" -}}
 {{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.2.0-0 || <0.0.1-0"))) -}}
 {{- end -}}
--- a/charts/redpanda/redpanda/templates/statefulset.yaml
+++ b/charts/redpanda/redpanda/templates/statefulset.yaml
@ -15,6 +15,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{- include "fail-on-unsupported-helm-version" . -}}
 {{- include "fail-on-insecure-sasl-logging" . -}}
 {{- $values := .Values }}
--- a/charts/stackstate/stackstate-k8s-agent/Chart.yaml
+++ b/charts/stackstate/stackstate-k8s-agent/Chart.yaml
@ -21,4 +21,4 @@ maintainers:
 - email: ops@stackstate.com
  name: Stackstate
 name: stackstate-k8s-agent
-version: 1.0.49
+version: 1.0.51
--- a/charts/stackstate/stackstate-k8s-agent/README.md
+++ b/charts/stackstate/stackstate-k8s-agent/README.md
@ -2,7 +2,7 @@
 Helm chart for the StackState Agent.
-Current chart version is `1.0.49`
+Current chart version is `1.0.51`
 **Homepage:** <https://github.com/StackVista/stackstate-agent>
@ -61,7 +61,7 @@ stackstate/stackstate-k8s-agent
 | checksAgent.enabled | bool | `true` | Enable / disable runnning cluster checks in a separately deployed pod |
 | checksAgent.image.pullPolicy | string | `"IfNotPresent"` | Default container image pull policy. |
 | checksAgent.image.repository | string | `"stackstate/stackstate-k8s-agent"` | Base container image repository. |
-| checksAgent.image.tag | string | `"e36d1c88"` | Default container image tag. |
+| checksAgent.image.tag | string | `"9af1b63f"` | Default container image tag. |
 | checksAgent.livenessProbe.enabled | bool | `true` | Enable use of livenessProbe check. |
 | checksAgent.livenessProbe.failureThreshold | int | `3` | `failureThreshold` for the liveness probe. |
 | checksAgent.livenessProbe.initialDelaySeconds | int | `15` | `initialDelaySeconds` for the liveness probe. |
@ -121,7 +121,7 @@ stackstate/stackstate-k8s-agent
 | clusterAgent.enabled | bool | `true` | Enable / disable the cluster agent. |
 | clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Default container image pull policy. |
 | clusterAgent.image.repository | string | `"stackstate/stackstate-k8s-cluster-agent"` | Base container image repository. |
-| clusterAgent.image.tag | string | `"e36d1c88"` | Default container image tag. |
+| clusterAgent.image.tag | string | `"9af1b63f"` | Default container image tag. |
 | clusterAgent.livenessProbe.enabled | bool | `true` | Enable use of livenessProbe check. |
 | clusterAgent.livenessProbe.failureThreshold | int | `3` | `failureThreshold` for the liveness probe. |
 | clusterAgent.livenessProbe.initialDelaySeconds | int | `15` | `initialDelaySeconds` for the liveness probe. |
@ -178,7 +178,7 @@ stackstate/stackstate-k8s-agent
 | nodeAgent.containers.agent.env | object | `{}` | Additional environment variables for the agent container |
 | nodeAgent.containers.agent.image.pullPolicy | string | `"IfNotPresent"` | Default container image pull policy. |
 | nodeAgent.containers.agent.image.repository | string | `"stackstate/stackstate-k8s-agent"` | Base container image repository. |
-| nodeAgent.containers.agent.image.tag | string | `"e36d1c88"` | Default container image tag. |
+| nodeAgent.containers.agent.image.tag | string | `"9af1b63f"` | Default container image tag. |
 | nodeAgent.containers.agent.livenessProbe.enabled | bool | `true` | Enable use of livenessProbe check. |
 | nodeAgent.containers.agent.livenessProbe.failureThreshold | int | `3` | `failureThreshold` for the liveness probe. |
 | nodeAgent.containers.agent.livenessProbe.initialDelaySeconds | int | `15` | `initialDelaySeconds` for the liveness probe. |
--- a/Show More
+++ b/Show More