diff --git a/assets/crowdstrike/falcon-sensor-1.27.1.tgz b/assets/crowdstrike/falcon-sensor-1.27.1.tgz new file mode 100644 index 000000000..44290888e Binary files /dev/null and b/assets/crowdstrike/falcon-sensor-1.27.1.tgz differ diff --git a/assets/haproxy/haproxy-1.39.2.tgz b/assets/haproxy/haproxy-1.39.2.tgz new file mode 100644 index 000000000..09fe9d8b8 Binary files /dev/null and b/assets/haproxy/haproxy-1.39.2.tgz differ diff --git a/assets/jenkins/jenkins-5.1.7.tgz b/assets/jenkins/jenkins-5.1.7.tgz new file mode 100644 index 000000000..09902f914 Binary files /dev/null and b/assets/jenkins/jenkins-5.1.7.tgz differ diff --git a/assets/redpanda/redpanda-5.8.2.tgz b/assets/redpanda/redpanda-5.8.2.tgz new file mode 100644 index 000000000..fdc44e165 Binary files /dev/null and b/assets/redpanda/redpanda-5.8.2.tgz differ diff --git a/assets/speedscale/speedscale-operator-2.1.288.tgz b/assets/speedscale/speedscale-operator-2.1.288.tgz new file mode 100644 index 000000000..9e83b82c7 Binary files /dev/null and b/assets/speedscale/speedscale-operator-2.1.288.tgz differ diff --git a/charts/crowdstrike/falcon-sensor/Chart.yaml b/charts/crowdstrike/falcon-sensor/Chart.yaml index c73f3746f..3c83003ab 100644 --- a/charts/crowdstrike/falcon-sensor/Chart.yaml +++ b/charts/crowdstrike/falcon-sensor/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>1.22.0-0' catalog.cattle.io/release-name: falcon-sensor apiVersion: v2 -appVersion: 1.26.1 +appVersion: 1.27.1 description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters. home: https://crowdstrike.com icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg @@ -24,4 +24,4 @@ name: falcon-sensor sources: - https://github.com/CrowdStrike/falcon-helm type: application -version: 1.26.1 +version: 1.27.1 diff --git a/charts/crowdstrike/falcon-sensor/README.md b/charts/crowdstrike/falcon-sensor/README.md index 3e4a801ff..9346620bb 100644 --- a/charts/crowdstrike/falcon-sensor/README.md +++ b/charts/crowdstrike/falcon-sensor/README.md @@ -29,10 +29,8 @@ The Falcon Helm chart has been tested to deploy on the following Kubernetes dist | Helm chart Version | Falcon Sensor Version | |:------------------------|:----------------------------------| -| `<= 1.6.x` | `<= 6.34.x` | -| `>= 1.7.x && <= 1.17.x` | `>= 6.35.x && < 6.49.x` | -| `>= 1.18.x` | `>= 6.49.x` | -| `>= 1.19.x` | `>= 6.54.x` | +| `<= 1.26.x` | `< 7.05.x` | +| `>= 1.27.x` | `>= 7.06.x` | # Installation diff --git a/charts/crowdstrike/falcon-sensor/templates/container_secret.yaml b/charts/crowdstrike/falcon-sensor/templates/container_secret.yaml index c023e98da..3b740ae90 100644 --- a/charts/crowdstrike/falcon-sensor/templates/container_secret.yaml +++ b/charts/crowdstrike/falcon-sensor/templates/container_secret.yaml @@ -12,7 +12,7 @@ data: type: kubernetes.io/dockerconfigjson {{- if or .Values.container.image.pullSecrets.namespaces .Values.container.image.pullSecrets.allNamespaces }} {{- $name := ( .Values.container.image.pullSecrets.name | default (printf "%s-pull-secret" (include "falcon-sensor.fullname" .))) }} -{{- $myns := split "," .Values.container.image.pullSecrets.namespaces -}} +{{- $myns := split "," .Values.container.image.pullSecrets.namespaces | default "" -}} {{- if .Values.container.image.pullSecrets.allNamespaces }} {{- $myns = list -}} {{- range $index, $ns := (lookup "v1" "Namespace" "" "").items -}} diff --git a/charts/crowdstrike/falcon-sensor/templates/container_webhook_upgrade.yaml b/charts/crowdstrike/falcon-sensor/templates/container_webhook_upgrade.yaml deleted file mode 100644 index 3d0f34a0f..000000000 --- a/charts/crowdstrike/falcon-sensor/templates/container_webhook_upgrade.yaml +++ /dev/null @@ -1,72 +0,0 @@ -{{- if and .Values.container.enabled .Values.container.autoDeploymentUpdate }} -{{- $name := (printf "%s-injector" (include "falcon-sensor.name" .)) -}} -{{- $fullName := (printf "%s.%s.svc" $name .Release.Namespace) -}} -{{- $caCert := "" -}} -{{- $tlsca := (lookup "admissionregistration.k8s.io/v1" "MutatingWebhookConfiguration" .Release.Namespace $name).webhooks -}} -{{- if kindIs "slice" $tlsca }} -{{- $ca := dict }} -{{- range $index, $wca := $tlsca -}} - {{- $ca = dict "Cert" ($wca.clientConfig.caBundle | b64dec) }} -{{- end }} -{{- $caCert := $ca.Cert | b64enc }} -{{- end }} ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: {{ include "falcon-sensor.name" . }}-injector - labels: - app: {{ include "falcon-sensor.name" . }} - app.kubernetes.io/name: {{ include "falcon-sensor.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/component: "container_sensor" - crowdstrike.com/provider: crowdstrike - helm.sh/chart: {{ include "falcon-sensor.chart" . }} - annotations: - "helm.sh/hook": pre-upgrade - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -webhooks: - - name: {{ $name }}.{{ .Release.Namespace }}.svc - failurePolicy: Ignore - admissionReviewVersions: - - v1 - {{- if lt (int (semver .Capabilities.KubeVersion.Version).Minor) 22 }} - - v1beta1 - {{- end }} - sideEffects: None - namespaceSelector: - matchExpressions: - - key: {{ .Values.container.namespaceLabelKey }} - operator: {{ if .Values.container.disableNSInjection }}In{{ else }}NotIn{{- end }} - values: - - {{ if .Values.container.disableNSInjection }}enabled{{ else }}disabled{{- end }} - {{- if lt (int (semver .Capabilities.KubeVersion.Version).Minor) 22 }} - - key: "name" - {{- else }} - - key: kubernetes.io/metadata.name - {{- end }} - operator: "NotIn" - values: - - {{ .Release.Namespace }} - clientConfig: - {{- if .Values.container.domainName }} - url: https://{{ $fullName }}:443/mutate - {{- else }} - service: - name: {{ include "falcon-sensor.name" . }}-injector - namespace: {{ .Release.Namespace }} - path: "/mutate" - {{- end }} - caBundle: {{ $caCert }} - rules: - - operations: - - CREATE - apiGroups: - - "" - apiVersions: - - v1 - resources: - - pods - timeoutSeconds: 30 -{{- end }} \ No newline at end of file diff --git a/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml b/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml index 4149f96ea..99a18bafc 100644 --- a/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml +++ b/charts/crowdstrike/falcon-sensor/templates/daemonset.yaml @@ -96,18 +96,11 @@ spec: imagePullPolicy: "{{ .Values.node.image.pullPolicy }}" command: - /bin/bash - {{- if .Values.node.gke.autopilot }} args: - '-c' - >- echo "Running /opt/CrowdStrike/falcon-daemonset-init -i"; /opt/CrowdStrike/falcon-daemonset-init -i - {{- else }} - args: ['-c', 'if [ -x "/opt/CrowdStrike/falcon-daemonset-init" ]; then echo "Running falcon-daemonset-init -i" ; /opt/CrowdStrike/falcon-daemonset-init -i ; else if [ -d "/host_opt/CrowdStrike/falconstore" ] ; then echo "Re-creating /opt/CrowdStrike/falconstore as it is a directory instead of a file"; rm -rf /host_opt/CrowdStrike/falconstore; fi; mkdir -p /host_opt/CrowdStrike && touch /host_opt/CrowdStrike/falconstore; fi'] - volumeMounts: - - name: falconstore-dir - mountPath: /host_opt - {{- end }} {{- if or .Values.node.gke.autopilot .Values.node.daemonset.resources }} resources: requests: @@ -178,12 +171,6 @@ spec: - name: falconstore mountPath: /opt/CrowdStrike/falconstore volumes: - {{- if not .Values.node.gke.autopilot }} - - name: falconstore-dir - hostPath: - path: /opt - type: DirectoryOrCreate - {{- end }} - name: falconstore hostPath: path: /opt/CrowdStrike/falconstore diff --git a/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml b/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml index 81e01aef8..c437aebf3 100644 --- a/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml +++ b/charts/crowdstrike/falcon-sensor/templates/node_cleanup.yaml @@ -1,4 +1,4 @@ -{{- if .Values.node.enabled }} +{{- if and .Values.node.enabled .Values.node.hooks.postDelete.enabled }} apiVersion: apps/v1 kind: DaemonSet metadata: @@ -88,18 +88,11 @@ spec: imagePullPolicy: "{{ .Values.node.image.pullPolicy }}" command: - /bin/bash - {{- if .Values.node.gke.autopilot }} args: - '-c' - >- echo "Running /opt/CrowdStrike/falcon-daemonset-init -u"; /opt/CrowdStrike/falcon-daemonset-init -u - {{- else }} - args: ['-c', 'if [ -x "/opt/CrowdStrike/falcon-daemonset-init" ]; then echo "Running /opt/CrowdStrike/falcon-daemonset-init -u"; /opt/CrowdStrike/falcon-daemonset-init -u ; else rm -rf "/host_opt/CrowdStrike"; fi'] - volumeMounts: - - name: opt-crowdstrike - mountPath: /host_opt - {{- end }} {{- if or .Values.node.gke.autopilot .Values.node.daemonset.resources }} resources: requests: @@ -150,12 +143,6 @@ spec: privileged: false readOnlyRootFilesystem: true allowPrivilegeEscalation: true - {{- if not .Values.node.gke.autopilot }} - volumes: - - name: opt-crowdstrike - hostPath: - path: /opt - {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }}-node-cleanup terminationGracePeriodSeconds: {{ .Values.node.terminationGracePeriod }} hostPID: true diff --git a/charts/crowdstrike/falcon-sensor/templates/node_secret_cleanup.yaml b/charts/crowdstrike/falcon-sensor/templates/node_secret_cleanup.yaml index 6dd36721d..cebcc65fc 100644 --- a/charts/crowdstrike/falcon-sensor/templates/node_secret_cleanup.yaml +++ b/charts/crowdstrike/falcon-sensor/templates/node_secret_cleanup.yaml @@ -1,4 +1,4 @@ -{{- if .Values.node.enabled }} +{{- if and .Values.node.enabled .Values.node.hooks.postDelete.enabled }} {{- if .Values.node.image.registryConfigJSON }} {{- $registry := .Values.node.image.registryConfigJSON }} apiVersion: v1 diff --git a/charts/crowdstrike/falcon-sensor/templates/serviceaccount_cleanup.yaml b/charts/crowdstrike/falcon-sensor/templates/serviceaccount_cleanup.yaml index 828210c4e..46e4b9905 100644 --- a/charts/crowdstrike/falcon-sensor/templates/serviceaccount_cleanup.yaml +++ b/charts/crowdstrike/falcon-sensor/templates/serviceaccount_cleanup.yaml @@ -1,3 +1,4 @@ +{{- if and .Values.node.enabled .Values.node.hooks.postDelete.enabled }} apiVersion: v1 kind: ServiceAccount metadata: @@ -10,4 +11,5 @@ metadata: helm.sh/chart: {{ include "falcon-sensor.chart" . }} annotations: "helm.sh/hook": post-delete - "helm.sh/hook-weight": "0" \ No newline at end of file + "helm.sh/hook-weight": "0" +{{- end }} diff --git a/charts/crowdstrike/falcon-sensor/values.schema.json b/charts/crowdstrike/falcon-sensor/values.schema.json index a88395bde..0f87e334a 100644 --- a/charts/crowdstrike/falcon-sensor/values.schema.json +++ b/charts/crowdstrike/falcon-sensor/values.schema.json @@ -255,6 +255,20 @@ "type": "integer", "default": "30", "pattern": "^[0-9]+$" + }, + "hooks": { + "type": "object", + "properties": { + "postDelete": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": "true" + } + } + } + } } } }, diff --git a/charts/crowdstrike/falcon-sensor/values.yaml b/charts/crowdstrike/falcon-sensor/values.yaml index b5332eb07..566c74133 100644 --- a/charts/crowdstrike/falcon-sensor/values.yaml +++ b/charts/crowdstrike/falcon-sensor/values.yaml @@ -99,6 +99,11 @@ node: # How long to wait for Falcon pods to stop gracefully terminationGracePeriod: 30 + hooks: + # Settings for the node post-delete helm hook + postDelete: + enabled: true + container: # When enabled, Helm chart deploys the Falcon Container Sensor to Pods through Webhooks enabled: false @@ -188,7 +193,7 @@ container: # list. For example: # # namespaces: ns1,ns2,ns3 - namespaces: + namespaces: "" # Attempt to create the Falcon sensor pull secret in all Namespaces # instead of using "container.image.pullSecrets.namespaces" diff --git a/charts/haproxy/haproxy/Chart.yaml b/charts/haproxy/haproxy/Chart.yaml index 8cbb72999..148678631 100644 --- a/charts/haproxy/haproxy/Chart.yaml +++ b/charts/haproxy/haproxy/Chart.yaml @@ -1,6 +1,6 @@ annotations: artifacthub.io/changes: | - - Remove techdump toggle entirely + - Allow setting resources requests or limits on crdjob (#236) catalog.cattle.io/certified: partner catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller catalog.cattle.io/kube-version: '>=1.23.0-0' @@ -21,4 +21,4 @@ name: haproxy sources: - https://github.com/haproxytech/kubernetes-ingress type: application -version: 1.39.1 +version: 1.39.2 diff --git a/charts/haproxy/haproxy/templates/controller-crdjob.yaml b/charts/haproxy/haproxy/templates/controller-crdjob.yaml index daf231dfd..3b7d8f640 100644 --- a/charts/haproxy/haproxy/templates/controller-crdjob.yaml +++ b/charts/haproxy/haproxy/templates/controller-crdjob.yaml @@ -89,6 +89,8 @@ spec: seccompProfile: type: RuntimeDefault {{- end }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: diff --git a/charts/jenkins/jenkins/CHANGELOG.md b/charts/jenkins/jenkins/CHANGELOG.md index b138c35b1..6e04b3ce8 100644 --- a/charts/jenkins/jenkins/CHANGELOG.md +++ b/charts/jenkins/jenkins/CHANGELOG.md @@ -12,6 +12,10 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0. The changelog until v1.5.7 was auto-generated based on git commits. Those entries include a reference to the git commit to be able to get more details. +## 5.1.7 + +Update `kubernetes` to version `4208.v4017b_a_27a_d67` + ## 5.1.6 Update `jenkins/jenkins` to version `2.440.3-jdk17` diff --git a/charts/jenkins/jenkins/Chart.yaml b/charts/jenkins/jenkins/Chart.yaml index f33384d89..2c789af8a 100644 --- a/charts/jenkins/jenkins/Chart.yaml +++ b/charts/jenkins/jenkins/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/category: integration-delivery artifacthub.io/changes: | - - Update `jenkins/jenkins` to version `2.440.3-jdk17` + - Update `kubernetes` to version `4208.v4017b_a_27a_d67` artifacthub.io/images: | - name: jenkins image: docker.io/jenkins/jenkins:2.440.3-jdk17 @@ -50,4 +50,4 @@ sources: - https://github.com/maorfr/kube-tasks - https://github.com/jenkinsci/configuration-as-code-plugin type: application -version: 5.1.6 +version: 5.1.7 diff --git a/charts/jenkins/jenkins/VALUES.md b/charts/jenkins/jenkins/VALUES.md index a9a4f4738..2b74eef06 100644 --- a/charts/jenkins/jenkins/VALUES.md +++ b/charts/jenkins/jenkins/VALUES.md @@ -155,7 +155,7 @@ The following tables list the configurable parameters of the Jenkins chart and t | [controller.initializeOnce](./values.yaml#L414) | bool | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` | `false` | | [controller.installLatestPlugins](./values.yaml#L403) | bool | Download the minimum required version or latest version of all dependencies | `true` | | [controller.installLatestSpecifiedPlugins](./values.yaml#L406) | bool | Set to true to download the latest version of any plugin that is requested to have the latest version | `false` | -| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4203.v1dd44f5b_1cf9","workflow-aggregator:596.v8c21c963d92d","git:5.2.1","configuration-as-code:1775.v810dc950b_514"]` | +| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4208.v4017b_a_27a_d67","workflow-aggregator:596.v8c21c963d92d","git:5.2.1","configuration-as-code:1775.v810dc950b_514"]` | | [controller.javaOpts](./values.yaml#L156) | string | Append to `JAVA_OPTS` env var | `nil` | | [controller.jenkinsAdminEmail](./values.yaml#L96) | string | Email address for the administrator of the Jenkins instance | `nil` | | [controller.jenkinsHome](./values.yaml#L101) | string | Custom Jenkins home path | `"/var/jenkins_home"` | diff --git a/charts/jenkins/jenkins/values.yaml b/charts/jenkins/jenkins/values.yaml index 3f096e6f7..33636e189 100644 --- a/charts/jenkins/jenkins/values.yaml +++ b/charts/jenkins/jenkins/values.yaml @@ -393,7 +393,7 @@ controller: # Plugins will be installed during Jenkins controller start # -- List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` installPlugins: - - kubernetes:4203.v1dd44f5b_1cf9 + - kubernetes:4208.v4017b_a_27a_d67 - workflow-aggregator:596.v8c21c963d92d - git:5.2.1 - configuration-as-code:1775.v810dc950b_514 diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 9b47d715b..1ee4e6930 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -37,4 +37,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.8.0 +version: 5.8.2 diff --git a/charts/redpanda/redpanda/README.md b/charts/redpanda/redpanda/README.md index 0c82c077c..22eb6325c 100644 --- a/charts/redpanda/redpanda/README.md +++ b/charts/redpanda/redpanda/README.md @@ -3,7 +3,7 @@ description: Find the default values and descriptions of settings in the Redpanda Helm chart. --- -![Version: 5.8.0](https://img.shields.io/badge/Version-5.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v23.3.11](https://img.shields.io/badge/AppVersion-v23.3.11-informational?style=flat-square) +![Version: 5.8.2](https://img.shields.io/badge/Version-5.8.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v23.3.11](https://img.shields.io/badge/AppVersion-v23.3.11-informational?style=flat-square) This page describes the official Redpanda Helm Chart. In particular, this page describes the contents of the chart’s [`values.yaml` file](https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml). Each of the settings is listed and described on this page, along with any default values. @@ -1010,7 +1010,7 @@ Persistence settings. For details, see the [storage documentation](https://docs. **Default:** ``` -{"hostPath":"","persistentVolume":{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""},"tiered":{"config":{"cloud_storage_access_key":"","cloud_storage_api_endpoint":"","cloud_storage_azure_container":null,"cloud_storage_azure_shared_key":null,"cloud_storage_azure_storage_account":null,"cloud_storage_bucket":"","cloud_storage_cache_size":5368709120,"cloud_storage_credentials_source":"config_file","cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false,"cloud_storage_region":"","cloud_storage_secret_key":""},"credentialsSecretRef":{"accessKey":{"configurationKey":"cloud_storage_access_key"},"secretKey":{"configurationKey":"cloud_storage_secret_key"}},"hostPath":"","mountType":"emptyDir","persistentVolume":{"annotations":{},"labels":{},"storageClass":""}}} +{"hostPath":"","persistentVolume":{"annotations":{},"enabled":true,"labels":{},"nameOverwrite":"","size":"20Gi","storageClass":""},"tiered":{"config":{"cloud_storage_access_key":"","cloud_storage_api_endpoint":"","cloud_storage_azure_container":null,"cloud_storage_azure_managed_identity_id":null,"cloud_storage_azure_shared_key":null,"cloud_storage_azure_storage_account":null,"cloud_storage_bucket":"","cloud_storage_cache_size":5368709120,"cloud_storage_credentials_source":"config_file","cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false,"cloud_storage_region":"","cloud_storage_secret_key":""},"credentialsSecretRef":{"accessKey":{"configurationKey":"cloud_storage_access_key"},"secretKey":{"configurationKey":"cloud_storage_secret_key"}},"hostPath":"","mountType":"emptyDir","persistentVolume":{"annotations":{},"labels":{},"storageClass":""}}} ``` ### [storage.hostPath](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.hostPath) @@ -1060,7 +1060,7 @@ Tiered Storage settings Requires `enterprise.licenseKey` or `enterprised.license **Default:** ``` -{"cloud_storage_access_key":"","cloud_storage_api_endpoint":"","cloud_storage_azure_container":null,"cloud_storage_azure_shared_key":null,"cloud_storage_azure_storage_account":null,"cloud_storage_bucket":"","cloud_storage_cache_size":5368709120,"cloud_storage_credentials_source":"config_file","cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false,"cloud_storage_region":"","cloud_storage_secret_key":""} +{"cloud_storage_access_key":"","cloud_storage_api_endpoint":"","cloud_storage_azure_container":null,"cloud_storage_azure_managed_identity_id":null,"cloud_storage_azure_shared_key":null,"cloud_storage_azure_storage_account":null,"cloud_storage_bucket":"","cloud_storage_cache_size":5368709120,"cloud_storage_credentials_source":"config_file","cloud_storage_enable_remote_read":true,"cloud_storage_enable_remote_write":true,"cloud_storage_enabled":false,"cloud_storage_region":"","cloud_storage_secret_key":""} ``` ### [storage.tiered.config.cloud_storage_access_key](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_access_key) @@ -1107,7 +1107,7 @@ Maximum size of the disk cache used by Tiered Storage. Default is 20 GiB. See th ### [storage.tiered.config.cloud_storage_credentials_source](https://artifacthub.io/packages/helm/redpanda-data/redpanda?modal=values&path=storage.tiered.config.cloud_storage_credentials_source) -Source of credentials used to connect to cloud services (required for AWS and GCP authentication with IAM roles). * `config_file` * `aws_instance_metadata` * `sts` * `gcp_instance_metadata` See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). +Source of credentials used to connect to cloud services (required for AWS and GCP authentication with IAM roles). * `config_file` * `aws_instance_metadata` * `sts` * `gcp_instance_metadata` * `azure_aks_oidc_federation` * `azure_vm_instance_metadata` See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). **Default:** `"config_file"` diff --git a/charts/redpanda/redpanda/templates/_shims.tpl b/charts/redpanda/redpanda/templates/_shims.tpl index 917e682f3..fb0ca1c2c 100644 --- a/charts/redpanda/redpanda/templates/_shims.tpl +++ b/charts/redpanda/redpanda/templates/_shims.tpl @@ -1,4 +1,4 @@ -{{- /* Generated from "_shims.go" */ -}} +{{- /* Generated from "bootstrap.go" */ -}} {{- define "_shims.typetest" -}} {{- $typ := (index .a 0) -}} @@ -75,3 +75,29 @@ {{- end -}} {{- end -}} +{{- define "_shims.ptr_Deref" -}} +{{- $ptr := (index .a 0) -}} +{{- $def := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- if (ne $ptr (coalesce nil)) -}} +{{- (dict "r" $ptr) | toJson -}} +{{- break -}} +{{- end -}} +{{- (dict "r" $def) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + +{{- define "_shims.ptr_Equal" -}} +{{- $a := (index .a 0) -}} +{{- $b := (index .a 1) -}} +{{- range $_ := (list 1) -}} +{{- if (and (eq $a (coalesce nil)) (eq $b (coalesce nil))) -}} +{{- (dict "r" true) | toJson -}} +{{- break -}} +{{- end -}} +{{- (dict "r" (eq $a $b)) | toJson -}} +{{- break -}} +{{- end -}} +{{- end -}} + diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index d52f9c53d..d75631bb8 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -106,6 +106,7 @@ spec: args: - -c - 'trap "exit 0" TERM; exec /etc/secrets/fs-validator/scripts/fsValidator.sh {{ .Values.statefulset.initContainers.fsValidator.expectedFS }} & wait $!' + securityContext: {{ include "container-security-context" . | nindent 12 }} volumeMounts: {{ include "common-mounts" . | nindent 12 }} {{- if dig "initContainers" "fsValidator" "extraVolumeMounts" false .Values.statefulset -}} {{ tpl .Values.statefulset.initContainers.fsValidator.extraVolumeMounts . | nindent 12 }} diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index f7cf7bb71..5708b4a8d 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -530,6 +530,9 @@ storage: # Note that the container must belong to the account specified by `cloud_storage_azure_storage_account`. # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_container). cloud_storage_azure_container: null + # The managed identity ID to access the Azure storage account. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_managed_identity_id). + cloud_storage_azure_managed_identity_id: null # -- Name of the Azure storage account to use with Tiered Storage (required for ABS/ADLS). # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_storage_account). cloud_storage_azure_storage_account: null @@ -546,6 +549,8 @@ storage: # * `aws_instance_metadata` # * `sts` # * `gcp_instance_metadata` + # * `azure_aks_oidc_federation` + # * `azure_vm_instance_metadata` # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). cloud_storage_credentials_source: config_file diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index 9277e17b7..5d14d4011 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 2.1.270 +appVersion: 2.1.288 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 2.1.270 +version: 2.1.288 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index 4fd9ffc6e..97a522e89 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -8,7 +8,7 @@ the helm chart is installed. ## Prerequisites -- Kubernetes 1.16+ +- Kubernetes 1.20+ - Helm 3+ - Appropriate [network and firewall configuration](https://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic @@ -101,42 +101,6 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 2.1.270 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/2.1.270/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 1.1.0 - -BEFORE UPGRADE: - -```bash -kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey -kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator -kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator -``` - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.1.0/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 1.0.0 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 0.12.3 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml -``` - -### From version below 0.12.0 to 0.12.x -This upgrades speedscale-operator to v0.12.x. - -Uninstall the previous release and install the chart from scratch. ## Help diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index 4fd9ffc6e..97a522e89 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -8,7 +8,7 @@ the helm chart is installed. ## Prerequisites -- Kubernetes 1.16+ +- Kubernetes 1.20+ - Helm 3+ - Appropriate [network and firewall configuration](https://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic @@ -101,42 +101,6 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 2.1.270 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/2.1.270/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 1.1.0 - -BEFORE UPGRADE: - -```bash -kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey -kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator -kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator -``` - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.1.0/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 1.0.0 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml -``` - -### Upgrade to 0.12.3 - -```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml -``` - -### From version below 0.12.0 to 0.12.x -This upgrades speedscale-operator to v0.12.x. - -Uninstall the previous release and install the chart from scratch. ## Help diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index ffc08c163..8a8efd1f3 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v2.1.270 + tag: v2.1.288 pullPolicy: Always # Log level for Speedscale components. diff --git a/index.yaml b/index.yaml index b7868e38f..b24378036 100644 --- a/index.yaml +++ b/index.yaml @@ -19089,6 +19089,38 @@ entries: - assets/f5/f5-bigip-ctlr-0.0.1901.tgz version: 0.0.1901 falcon-sensor: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: CrowdStrike Falcon Platform + catalog.cattle.io/kube-version: '>1.22.0-0' + catalog.cattle.io/release-name: falcon-sensor + apiVersion: v2 + appVersion: 1.27.1 + created: "2024-04-30T00:53:38.234240674Z" + description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes + clusters. + digest: 997f78dfd3e9e0bb1995843e0bb7b42dab143d9b37c94cec24a4f71b18651504 + home: https://crowdstrike.com + icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg + keywords: + - CrowdStrike + - Falcon + - EDR + - kubernetes + - security + - monitoring + - alerting + kubeVersion: '>1.22.0-0' + maintainers: + - email: integrations@crowdstrike.com + name: CrowdStrike Solutions Architecture + name: falcon-sensor + sources: + - https://github.com/CrowdStrike/falcon-helm + type: application + urls: + - assets/crowdstrike/falcon-sensor-1.27.1.tgz + version: 1.27.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: CrowdStrike Falcon Platform @@ -22329,6 +22361,34 @@ entries: - assets/gopaddle/gopaddle-4.2.5.tgz version: 4.2.5 haproxy: + - annotations: + artifacthub.io/changes: | + - Allow setting resources requests or limits on crdjob (#236) + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller + catalog.cattle.io/kube-version: '>=1.23.0-0' + catalog.cattle.io/release-name: haproxy + apiVersion: v2 + appVersion: 1.11.3 + created: "2024-04-30T00:53:38.705652356Z" + description: A Helm chart for HAProxy Kubernetes Ingress Controller + digest: fd1118a7d9d18d00b9728fb0f4a97d35b2e300b9b8b43ae4a440aa1b8052c9a8 + home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress + icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png + keywords: + - ingress + - haproxy + kubeVersion: '>=1.23.0-0' + maintainers: + - email: dkorunic@haproxy.com + name: Dinko Korunic + name: haproxy + sources: + - https://github.com/haproxytech/kubernetes-ingress + type: application + urls: + - assets/haproxy/haproxy-1.39.2.tgz + version: 1.39.2 - annotations: artifacthub.io/changes: | - Remove techdump toggle entirely @@ -25827,6 +25887,63 @@ entries: - assets/jaeger/jaeger-operator-2.36.0.tgz version: 2.36.0 jenkins: + - annotations: + artifacthub.io/category: integration-delivery + artifacthub.io/changes: | + - Update `kubernetes` to version `4208.v4017b_a_27a_d67` + artifacthub.io/images: | + - name: jenkins + image: docker.io/jenkins/jenkins:2.440.3-jdk17 + - name: k8s-sidecar + image: docker.io/kiwigrid/k8s-sidecar:1.26.1 + - name: inbound-agent + image: jenkins/inbound-agent:3206.vb_15dcf73f6a_9-3 + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins + - name: Jenkins + url: https://www.jenkins.io/ + - name: support + url: https://github.com/jenkinsci/helm-charts/issues + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Jenkins + catalog.cattle.io/kube-version: '>=1.14-0' + catalog.cattle.io/release-name: jenkins + apiVersion: v2 + appVersion: 2.440.3 + created: "2024-04-30T00:53:39.160523445Z" + description: 'Jenkins - Build great things at any scale! As the leading open source + automation server, Jenkins provides over 1800 plugins to support building, deploying + and automating any project. ' + digest: e12fb3786294d6ebaac2419c27e68f6bb60b3b8808ab224283d15525745333ad + home: https://www.jenkins.io/ + icon: https://get.jenkins.io/art/jenkins-logo/logo.svg + keywords: + - jenkins + - ci + - devops + maintainers: + - email: maor.friedman@redhat.com + name: maorfr + - email: mail@torstenwalter.de + name: torstenwalter + - email: garridomota@gmail.com + name: mogaal + - email: wmcdona89@gmail.com + name: wmcdona89 + - email: timjacomb1@gmail.com + name: timja + name: jenkins + sources: + - https://github.com/jenkinsci/jenkins + - https://github.com/jenkinsci/docker-inbound-agent + - https://github.com/maorfr/kube-tasks + - https://github.com/jenkinsci/configuration-as-code-plugin + type: application + urls: + - assets/jenkins/jenkins-5.1.7.tgz + version: 5.1.7 - annotations: artifacthub.io/category: integration-delivery artifacthub.io/changes: | @@ -44560,6 +44677,50 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.3.11 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.10.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.3.11 + created: "2024-04-30T00:53:42.671295012Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 4ebb6ab6025e54a2ef957038f2d80b0ee6c7eafae4669deab5c1f38a4b202b99 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.8.2.tgz + version: 5.8.2 - annotations: artifacthub.io/images: | - name: redpanda @@ -49297,6 +49458,37 @@ entries: - assets/shipa/shipa-1.4.0.tgz version: 1.4.0 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 2.1.288 + created: "2024-04-30T00:53:42.757893324Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: 30b0d72fcb77fcd512b79a0b3943e933f3149208d6be5aee7607d0149bbc1266 + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-2.1.288.tgz + version: 2.1.288 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator