Skip to content

Commit

Permalink
Update README and publish 7.0.0 (#75)
Browse files Browse the repository at this point in the history 
Signed-off-by: Travis Groth <tgroth@gmail.com>
  • Loading branch information
@travisgroth
travisgroth authored Mar 29, 2020
1 parent 80ae533 commit d42bc0e
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 5 deletions.
2 changes: 1 addition & 1 deletion charts/pomerium/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
name: pomerium
version: 6.0.5
version: 7.0.0
appVersion: 0.6.2
home: http://www.pomerium.io/
icon: https://www.pomerium.io/logo-long.svg
Expand Down
22 changes: 18 additions & 4 deletions charts/pomerium/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,19 @@
- [Ingress Controller Annotations](#ingress-controller-annotations)
- [Auto Generation](#auto-generation)
- [Self Provisioned](#self-provisioned)
- [Signing Key](#signing-key)
- [Auto Generation](#auto-generation-1)
- [Self Provisioned](#self-provisioned-1)
- [Configuration](#configuration)
- [Changelog](#changelog)
- [7.0.0](#700)
- [6.0.0](#600)
- [5.0.0](#500)
- [4.0.0](#400)
- [3.0.0](#300)
- [2.0.0](#200)
- [Upgrading](#upgrading)
- [7.0.0](#700-1)
- [5.0.0](#500-1)
- [4.0.0](#400-1)
- [3.0.0](#300-1)
Expand Down Expand Up @@ -130,12 +135,12 @@ A full listing of Pomerium's configuration variables can be found on the [config
| `nameOverride` | Name of the chart. | `pomerium` |
| `fullnameOverride` | Full name of the chart. | `pomerium` |
| `config.rootDomain` | Root Domain specifies the sub-domain handled by pomerium. [See more](https://www.pomerium.io/docs/reference/reference.html#proxy-root-domains). | `corp.pomerium.io` |
| `config.administrators` | Comma seperated list of email addresses of administrative users [See more](https://www.pomerium.io/configuration/#administrators). | Optional |
| `config.administrators` | Comma seperated list of email addresses of administrative users [See more](https://www.pomerium.io/configuration/#administrators). | Optional |
| `config.existingSecret` | Name of the existing Kubernetes Secret. | |
| `config.existingConfig` | Name of the existing Config Map deployed on Kubernetes. | |
| `config.existingCASecret` | Name of the existing CA Secret. | |
| `config.generateSigningKey` | Generate a signing key to sign jwt in proxy responses. Manual signing key can be set in values. | `true` |
| `config.forceGenerateSigningKey` | Force recreation of generated signing key. You will need to restart your deployments after running | `false` |
| `config.generateSigningKey` | Generate a signing key to sign jwt in proxy responses. Manual signing key can be set in values. | `true` |
| `config.forceGenerateSigningKey` | Force recreation of generated signing key. You will need to restart your deployments after running | `false` |
| `config.generateTLS` | Generate a dummy Certificate Authority and certs for service communication. Manual CA and certs can be set in values. | `true` |
| `config.forceGenerateTLS` | Force recreation of generated TLS certificates. You will need to restart your deployments after running | `false` |
| `config.sharedSecret` | 256 bit key to secure service communication. [See more](https://www.pomerium.io/docs/reference/reference.html#shared-secret). | 32 [random ascii chars](http://masterminds.github.io/sprig/strings.html) |
Expand Down Expand Up @@ -163,7 +168,7 @@ A full listing of Pomerium's configuration variables can be found on the [config
| `proxy.existingTLSSecret` | Name of existing TLS Secret for proxy service | |
| `proxy.deployment.annotations` | Annotations for the proxy deployment. If none given, then use value of `annotations` | `{}` |
| `proxy.service.annotations` | Annotations for the proxy service. If none given, then use value of `service.annotations` | `{}` |
| `proxy.existingSigningKeySecret` | Name of existing Signing key Secret for proxy requests. | |
| `proxy.existingSigningKeySecret` | Name of existing Signing key Secret for proxy requests. | |
| `proxy.signingKey` | Signing key is the base64 encoded key used to sign outbound requests. | |
| `authorize.nameOverride` | Name of the authorize service. | `authorize` |
| `authorize.fullnameOverride` | Full name of the authorize service. | `authorize` |
Expand Down Expand Up @@ -211,6 +216,10 @@ A full listing of Pomerium's configuration variables can be found on the [config

## Changelog

### 7.0.0

- Add automatic signing key generation. See [v7.0.0 Upgrade Nodes](#700-1) to migrate

### 6.0.0

- Integrate pomerium operator
Expand Down Expand Up @@ -239,6 +248,11 @@ A full listing of Pomerium's configuration variables can be found on the [config

## Upgrading

### 7.0.0

- A signing key is now automatically generated, similar to TLS secrets.
- If upgrading an install you should temporarily set `config.forceGenerateSigningKey` to `true` and generate this key during upgrade.

### 5.0.0

- A new service, cache, was added to this chart release.
Expand Down

0 comments on commit d42bc0e

Please sign in to comment.