From ad576bc70dda2f902dc64bc22dcf9832bfb1fd9b Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Mon, 22 Jul 2024 15:14:03 -0600 Subject: [PATCH 1/2] chore(main): release 0.0.48 --- .release-please-manifest.json | 2 +- CHANGELOG.md | 12 ++++++++++++ chart/validator/Chart.yaml | 2 +- chart/validator/README.md | 2 +- chart/validator/values.yaml | 2 +- hack/chart/values-base.yaml | 2 +- hack/hauler-manifest-template.yaml | 4 ++-- hauler-manifest.yaml | 4 ++-- 8 files changed, 21 insertions(+), 9 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 3ae182d1..ea35a815 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1 +1 @@ -{".":"0.0.47"} \ No newline at end of file +{".":"0.0.48"} \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index fce4a083..d4a0b632 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## [0.0.48](https://github.com/validator-labs/validator/compare/v0.0.47...v0.0.48) (2024-07-22) + + +### Bug Fixes + +* sink HTTP clients to read proxy config from environment ([#341](https://github.com/validator-labs/validator/issues/341)) ([ffa327e](https://github.com/validator-labs/validator/commit/ffa327e97898b29526fc7ed0abf8d7dddfe4142f)) + + +### Other + +* **deps:** bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 ([#337](https://github.com/validator-labs/validator/issues/337)) ([c36994d](https://github.com/validator-labs/validator/commit/c36994de7ff1d253240824a6d90485d7b1eda207)) + ## [0.0.47](https://github.com/validator-labs/validator/compare/v0.0.46...v0.0.47) (2024-07-20) diff --git a/chart/validator/Chart.yaml b/chart/validator/Chart.yaml index a7c91549..7a87c036 100644 --- a/chart/validator/Chart.yaml +++ b/chart/validator/Chart.yaml @@ -4,5 +4,5 @@ description: >- Monitor results created by validator plugins and upload them to a configurable sink type: application -version: 0.0.47 +version: 0.0.48 appVersion: 0.0.27 diff --git a/chart/validator/README.md b/chart/validator/README.md index 70937d5d..f586d5ac 100644 --- a/chart/validator/README.md +++ b/chart/validator/README.md @@ -24,7 +24,7 @@ The following table lists the configurable parameters of the Validator chart and | `controllerManager.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | | `controllerManager.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | | `controllerManager.manager.image.repository` | | `"quay.io/validator-labs/validator"` | -| `controllerManager.manager.image.tag` | x-release-please-version | `"v0.0.47"` | +| `controllerManager.manager.image.tag` | x-release-please-version | `"v0.0.48"` | | `controllerManager.manager.resources.limits.cpu` | | `"500m"` | | `controllerManager.manager.resources.limits.memory` | | `"512Mi"` | | `controllerManager.manager.resources.requests.cpu` | | `"10m"` | diff --git a/chart/validator/values.yaml b/chart/validator/values.yaml index f2611d63..403dd524 100644 --- a/chart/validator/values.yaml +++ b/chart/validator/values.yaml @@ -31,7 +31,7 @@ controllerManager: - ALL image: repository: quay.io/validator-labs/validator - tag: v0.0.47 # x-release-please-version + tag: v0.0.48 # x-release-please-version resources: limits: cpu: 500m diff --git a/hack/chart/values-base.yaml b/hack/chart/values-base.yaml index b3d5cfd7..13fbf04a 100644 --- a/hack/chart/values-base.yaml +++ b/hack/chart/values-base.yaml @@ -31,7 +31,7 @@ controllerManager: - ALL image: repository: quay.io/validator-labs/validator - tag: v0.0.47 # x-release-please-version + tag: v0.0.48 # x-release-please-version resources: limits: cpu: 500m diff --git a/hack/hauler-manifest-template.yaml b/hack/hauler-manifest-template.yaml index 88cd2774..1a934dfa 100644 --- a/hack/hauler-manifest-template.yaml +++ b/hack/hauler-manifest-template.yaml @@ -4,7 +4,7 @@ metadata: name: validator-images spec: images: - - name: quay.io/validator-labs/validator:v0.0.47 # x-release-please-version + - name: quay.io/validator-labs/validator:v0.0.48 # x-release-please-version - name: quay.io/validator-labs/validator-plugin-aws:v${AWS_VERSION} - name: quay.io/validator-labs/validator-plugin-azure:v${AZURE_VERSION} - name: quay.io/validator-labs/validator-plugin-kubescape:v${KUBESCAPE_VERSION} @@ -27,7 +27,7 @@ spec: charts: - name: validator repoURL: https://validator-labs.github.io/validator - version: 0.0.47 # x-release-please-version + version: 0.0.48 # x-release-please-version - name: validator-plugin-aws repoURL: https://validator-labs.github.io/validator-plugin-aws version: ${AWS_VERSION} diff --git a/hauler-manifest.yaml b/hauler-manifest.yaml index e1192e75..c56773d7 100644 --- a/hauler-manifest.yaml +++ b/hauler-manifest.yaml @@ -4,7 +4,7 @@ metadata: name: validator-images spec: images: - - name: quay.io/validator-labs/validator:v0.0.47 # x-release-please-version + - name: quay.io/validator-labs/validator:v0.0.48 # x-release-please-version - name: quay.io/validator-labs/validator-plugin-aws:v0.1.1 - name: quay.io/validator-labs/validator-plugin-azure:v0.0.13 - name: quay.io/validator-labs/validator-plugin-kubescape:v0.0.3 @@ -27,7 +27,7 @@ spec: charts: - name: validator repoURL: https://validator-labs.github.io/validator - version: 0.0.47 # x-release-please-version + version: 0.0.48 # x-release-please-version - name: validator-plugin-aws repoURL: https://validator-labs.github.io/validator-plugin-aws version: 0.1.1 From 1a01377949b85609383e99f198edfe38f808876a Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Mon, 22 Jul 2024 15:38:28 -0600 Subject: [PATCH 2/2] chore: make reviewable Signed-off-by: Tyler Gillson --- chart/validator/README.md | 2 +- chart/validator/values.yaml | 4 ++-- hauler-manifest.yaml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/chart/validator/README.md b/chart/validator/README.md index f586d5ac..94301190 100644 --- a/chart/validator/README.md +++ b/chart/validator/README.md @@ -51,7 +51,7 @@ The following table lists the configurable parameters of the Validator chart and | `pluginSecrets.vSphere` | Don't forget to delete these curly braces if you're specifying credentials here! | `{}` | | `pluginSecrets.oci.auth` | Don't forget to delete these square brackets if you're specifying credentials here! | `[]` | | `pluginSecrets.oci.pubKeys` | Don't forget to delete these square brackets if you're specifying public keys here! | `[]` | -| `plugins` | | `[{"chart": {"name": "validator-plugin-azure", "repository": "https://validator-labs.github.io/validator-plugin-azure", "version": "v0.0.13"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-azure\n tag: v0.0.13\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n # Optionally specify a volumeMount to mount a volume containing a private key\n # to leverage Azure Service principal with certificate authentication.\n volumeMounts: []\n replicas: 1\n serviceAccount:\n annotations: {}\n # Optionally specify a volume containing a private key to leverage Azure Service\n # principal with certificate authentication.\n volumes: []\n # Optionally specify additional labels to use for the controller-manager Pods.\n podLabels: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Leave secret undefined for implicit auth (e.g., WorkloadIdentity credentials)\n secret: {}\n # Specify the name of a secret in your cluster that contains Azure credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-azure.yaml\n # secretName: azure-creds\n\n # Override the service account used by Azure validator (optional, could be used for WorkloadIdentityCredentials on AKS)\n # WARNING: the chosen service account must include all RBAC privileges found in templates/manager-rbac.yaml\n serviceAccountName: \"\""}, {"chart": {"name": "validator-plugin-oci", "repository": "https://validator-labs.github.io/validator-plugin-oci", "version": "v0.0.11"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-oci\n tag: v0.0.11\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-kubescape", "repository": "https://validator-labs.github.io/validator-plugin-kubescape", "version": "v0.0.3"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-kubescape\n tag: v0.0.3\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n # Optionally specify a volumeMount to mount a volume containing a private key\n # to leverage Azure Service principal with certificate authentication.\n volumeMounts: []\n replicas: 1\n serviceAccount:\n annotations: {}\n # Optionally specify a volume containing a private key to leverage Azure Service\n # principal with certificate authentication.\n volumes: []\n # Optionally specify additional labels to use for the controller-manager Pods.\n podLabels: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-aws", "repository": "https://validator-labs.github.io/validator-plugin-aws", "version": "v0.1.1"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-aws\n tag: v0.1.1\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Leave secret undefined for implicit auth (node instance IAM role, IAM roles for Service Accounts, etc.)\n secret: {}\n # Specify the name of a secret in your cluster that contains AWS credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-aws.yaml\n # secretName: aws-creds\n\n # Override the service account used by AWS validator (optional, could be used for IAM roles for Service Accounts)\n # WARNING: the chosen service account must have the same RBAC privileges as seen in templates/manager-rbac.yaml\n serviceAccountName: \"\""}, {"chart": {"name": "validator-plugin-network", "repository": "https://validator-labs.github.io/validator-plugin-network", "version": "v0.0.18"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: true\n capabilities:\n add:\n - NET_RAW\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-network\n tag: v0.0.18\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-maas", "repository": "https://validator-labs.github.io/validator-plugin-maas", "version": "v0.0.4"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-maas\n tag: v0.0.4\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-vsphere", "repository": "https://validator-labs.github.io/validator-plugin-vsphere", "version": "v0.0.27"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --metrics-bind-address=127.0.0.1:8080\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-vsphere\n tag: v0.0.27\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Specify the name of a secret in your cluster that contains vSphere credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-vsphere.yaml\n secretName: vsphere-credentials"}]` | +| `plugins` | | `[{"chart": {"name": "validator-plugin-azure", "repository": "https://validator-labs.github.io/validator-plugin-azure", "version": "v0.0.13"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-azure\n tag: v0.0.13\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n # Optionally specify a volumeMount to mount a volume containing a private key\n # to leverage Azure Service principal with certificate authentication.\n volumeMounts: []\n replicas: 1\n serviceAccount:\n annotations: {}\n # Optionally specify a volume containing a private key to leverage Azure Service\n # principal with certificate authentication.\n volumes: []\n # Optionally specify additional labels to use for the controller-manager Pods.\n podLabels: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Leave secret undefined for implicit auth (e.g., WorkloadIdentity credentials)\n secret: {}\n # Specify the name of a secret in your cluster that contains Azure credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-azure.yaml\n # secretName: azure-creds\n\n # Override the service account used by Azure validator (optional, could be used for WorkloadIdentityCredentials on AKS)\n # WARNING: the chosen service account must include all RBAC privileges found in templates/manager-rbac.yaml\n serviceAccountName: \"\""}, {"chart": {"name": "validator-plugin-oci", "repository": "https://validator-labs.github.io/validator-plugin-oci", "version": "v0.0.11"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-oci\n tag: v0.0.11\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-kubescape", "repository": "https://validator-labs.github.io/validator-plugin-kubescape", "version": "v0.0.3"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-kubescape\n tag: v0.0.3\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n # Optionally specify a volumeMount to mount a volume containing a private key\n # to leverage Azure Service principal with certificate authentication.\n volumeMounts: []\n replicas: 1\n serviceAccount:\n annotations: {}\n # Optionally specify a volume containing a private key to leverage Azure Service\n # principal with certificate authentication.\n volumes: []\n # Optionally specify additional labels to use for the controller-manager Pods.\n podLabels: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-aws", "repository": "https://validator-labs.github.io/validator-plugin-aws", "version": "v0.1.1"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-aws\n tag: v0.1.1\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Leave secret undefined for implicit auth (node instance IAM role, IAM roles for Service Accounts, etc.)\n secret: {}\n # Specify the name of a secret in your cluster that contains AWS credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-aws.yaml\n # secretName: aws-creds\n\n # Override the service account used by AWS validator (optional, could be used for IAM roles for Service Accounts)\n # WARNING: the chosen service account must have the same RBAC privileges as seen in templates/manager-rbac.yaml\n serviceAccountName: \"\""}, {"chart": {"name": "validator-plugin-network", "repository": "https://validator-labs.github.io/validator-plugin-network", "version": "v0.0.19"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: true\n capabilities:\n add:\n - NET_RAW\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-network\n tag: v0.0.19\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-maas", "repository": "https://validator-labs.github.io/validator-plugin-maas", "version": "v0.0.4"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-maas\n tag: v0.0.4\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP"}, {"chart": {"name": "validator-plugin-vsphere", "repository": "https://validator-labs.github.io/validator-plugin-vsphere", "version": "v0.0.27"}, "values": "controllerManager:\n kubeRbacProxy:\n args:\n - --secure-listen-address=0.0.0.0:8443\n - --upstream=http://127.0.0.1:8080/\n - --logtostderr=true\n - --v=0\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: gcr.io/kubebuilder/kube-rbac-proxy\n tag: v0.16.0\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 5m\n memory: 64Mi\n manager:\n args:\n - --health-probe-bind-address=:8081\n - --metrics-bind-address=127.0.0.1:8080\n - --leader-elect\n containerSecurityContext:\n allowPrivilegeEscalation: false\n capabilities:\n drop:\n - ALL\n image:\n repository: quay.io/validator-labs/validator-plugin-vsphere\n tag: v0.0.27\n resources:\n limits:\n cpu: 500m\n memory: 128Mi\n requests:\n cpu: 10m\n memory: 64Mi\n replicas: 1\n serviceAccount:\n annotations: {}\nkubernetesClusterDomain: cluster.local\nmetricsService:\n ports:\n - name: https\n port: 8443\n protocol: TCP\n targetPort: https\n type: ClusterIP\nauth:\n # Specify the name of a secret in your cluster that contains vSphere credentials.\n # E.g.: https://github.com/validator-labs/validator/blob/main/chart/validator/templates/plugin-secret-vsphere.yaml\n secretName: vsphere-credentials"}]` | diff --git a/chart/validator/values.yaml b/chart/validator/values.yaml index 403dd524..99a946a8 100644 --- a/chart/validator/values.yaml +++ b/chart/validator/values.yaml @@ -454,7 +454,7 @@ plugins: - chart: name: validator-plugin-network repository: "https://validator-labs.github.io/validator-plugin-network" - version: v0.0.18 + version: v0.0.19 values: |- controllerManager: kubeRbacProxy: @@ -491,7 +491,7 @@ plugins: - ALL image: repository: quay.io/validator-labs/validator-plugin-network - tag: v0.0.18 + tag: v0.0.19 resources: limits: cpu: 500m diff --git a/hauler-manifest.yaml b/hauler-manifest.yaml index c56773d7..ea9138d5 100644 --- a/hauler-manifest.yaml +++ b/hauler-manifest.yaml @@ -9,7 +9,7 @@ spec: - name: quay.io/validator-labs/validator-plugin-azure:v0.0.13 - name: quay.io/validator-labs/validator-plugin-kubescape:v0.0.3 - name: quay.io/validator-labs/validator-plugin-maas:v0.0.4 - - name: quay.io/validator-labs/validator-plugin-network:v0.0.18 + - name: quay.io/validator-labs/validator-plugin-network:v0.0.19 - name: quay.io/validator-labs/validator-plugin-oci:v0.0.11 - name: quay.io/validator-labs/validator-plugin-vsphere:v0.0.27 - name: quay.io/validator-labs/validator-certs-init:1.0.0 @@ -42,7 +42,7 @@ spec: version: 0.0.4 - name: validator-plugin-network repoURL: https://validator-labs.github.io/validator-plugin-network - version: 0.0.18 + version: 0.0.19 - name: validator-plugin-oci repoURL: https://validator-labs.github.io/validator-plugin-oci version: 0.0.11