Skip to content

Commit

Permalink
chore: Prepare v3.19.0-beta.0 release (#3737)
Browse files Browse the repository at this point in the history
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: JaydipGabani <20255485+JaydipGabani@users.noreply.github.com>
  • Loading branch information
github-actions[bot] and JaydipGabani authored Dec 12, 2024
1 parent 929654f commit b10db1a
Show file tree
Hide file tree
Showing 59 changed files with 5,695 additions and 62 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ LOG_LEVEL ?= "INFO"
GENERATE_VAP ?= false
GENERATE_VAPBINDING ?= false

VERSION := v3.18.0-beta.0
VERSION := v3.19.0-beta.0

KIND_VERSION ?= 0.17.0
KIND_CLUSTER_FILE ?= test/bats/tests/kindcluster.yml
Expand Down
4 changes: 2 additions & 2 deletions charts/gatekeeper/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ name: gatekeeper
icon: https://open-policy-agent.github.io/gatekeeper/website/img/logo.svg
keywords:
- open policy agent
version: 3.18.0-beta.0
version: 3.19.0-beta.0
home: https://github.com/open-policy-agent/gatekeeper
sources:
- https://github.com/open-policy-agent/gatekeeper.git
appVersion: v3.18.0-beta.0
appVersion: v3.19.0-beta.0
28 changes: 17 additions & 11 deletions charts/gatekeeper/README.md

Large diffs are not rendered by default.

34 changes: 34 additions & 0 deletions charts/gatekeeper/crds/config-customresourcedefinition.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,41 @@ spec:
type: object
status:
description: ConfigStatus defines the observed state of Config.
properties:
byPod:
items:
properties:
configUID:
description: |-
UID is a type that holds unique ID values, including UUIDs. Because we
don't ONLY use UUIDs, this is an alias to string. Being a type captures
intent and helps make sure that UIDs and names do not get conflated.
type: string
errors:
items:
properties:
message:
type: string
type:
type: string
required:
- message
type: object
type: array
id:
type: string
observedGeneration:
format: int64
type: integer
operations:
items:
type: string
type: array
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
gatekeeper.sh/system: "yes"
name: configpodstatuses.status.gatekeeper.sh
spec:
group: status.gatekeeper.sh
names:
kind: ConfigPodStatus
listKind: ConfigPodStatusList
plural: configpodstatuses
singular: configpodstatus
preserveUnknownFields: false
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
status:
properties:
configUID:
description: |-
UID is a type that holds unique ID values, including UUIDs. Because we
don't ONLY use UUIDs, this is an alias to string. Being a type captures
intent and helps make sure that UIDs and names do not get conflated.
type: string
errors:
items:
properties:
message:
type: string
type:
type: string
required:
- message
type: object
type: array
id:
type: string
observedGeneration:
format: int64
type: integer
operations:
items:
type: string
type: array
type: object
type: object
served: true
storage: true
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,24 @@ spec:
type: string
enforced:
type: boolean
enforcementPointsStatus:
items:
description: EnforcementPointStatus represents the status of a single enforcement point.
properties:
enforcementPoint:
type: string
message:
type: string
observedGeneration:
format: int64
type: integer
state:
type: string
required:
- enforcementPoint
- state
type: object
type: array
errors:
items:
description: Error represents a single error caught while adding a constraint to engine.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,17 @@ spec:
don't ONLY use UUIDs, this is an alias to string. Being a type captures
intent and helps make sure that UIDs and names do not get conflated.
type: string
vapGenerationStatus:
description: VAPGenerationStatus represents the status of VAP generation.
properties:
observedGeneration:
format: int64
type: integer
state:
type: string
warning:
type: string
type: object
type: object
type: object
served: true
Expand Down
16 changes: 13 additions & 3 deletions charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
labels:
{{- include "gatekeeper.commonLabels" . | nindent 4 }}
app: '{{ template "gatekeeper.name" . }}'
chart: '{{ template "gatekeeper.name" . }}'
control-plane: audit-controller
Expand Down Expand Up @@ -62,15 +63,21 @@ spec:
- --validating-webhook-configuration-name={{ .Values.validatingWebhookName }}
- --mutating-webhook-configuration-name={{ .Values.mutatingWebhookName }}
- --audit-from-cache={{ .Values.auditFromCache }}
- --audit-chunk-size={{ .Values.auditChunkSize }}
{{ if hasKey .Values "auditChunkSize" }}- --audit-chunk-size={{ .Values.auditChunkSize }}{{- end }}
- --audit-match-kind-only={{ .Values.auditMatchKindOnly }}
- --emit-audit-events={{ .Values.emitAuditEvents }}
{{ if hasKey .Values "emitAuditEvents" }}- --emit-audit-events={{ .Values.emitAuditEvents }}{{- end }}
{{ if hasKey .Values "logStatsAudit" }}- --log-stats-audit={{ .Values.logStatsAudit }}{{- end }}
- --audit-events-involved-namespace={{ .Values.auditEventsInvolvedNamespace }}
- --operation=audit
- --operation=status
{{ if .Values.audit.enablePubsub}}
- --operation=generate
{{ if hasKey .Values.audit "enablePubsub" }}
- --enable-pub-sub={{ .Values.audit.enablePubsub }}
{{- end }}
{{ if hasKey .Values.audit "connection" }}
- --audit-connection={{ .Values.audit.connection }}
{{- end }}
{{ if hasKey .Values.audit "channel" }}
- --audit-channel={{ .Values.audit.channel }}
{{- end }}
{{ if not .Values.disableMutation}}- --operation=mutation-status{{- end }}
Expand Down Expand Up @@ -98,6 +105,9 @@ spec:
{{- if hasKey .Values "defaultCreateVAPBindingForConstraints"}}
- --default-create-vap-binding-for-constraints={{ .Values.defaultCreateVAPBindingForConstraints }}
{{- end }}
{{ if hasKey .Values "defaultWaitForVAPBGeneration"}}
- --default-wait-for-vapb-generation={{ .Values.defaultWaitForVAPBGeneration }}
{{- end }}
command:
- /manager
env:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
labels:
{{- include "gatekeeper.commonLabels" . | nindent 4 }}
app: '{{ template "gatekeeper.name" . }}'
chart: '{{ template "gatekeeper.name" . }}'
control-plane: controller-manager
Expand Down Expand Up @@ -63,7 +64,8 @@ spec:
- --prometheus-port={{ .Values.controllerManager.metricsPort }}
- --logtostderr
- --log-denies={{ .Values.logDenies }}
- --emit-admission-events={{ .Values.emitAdmissionEvents }}
{{ if hasKey .Values "emitAdmissionEvents" }}- --emit-admission-events={{ .Values.emitAdmissionEvents }}{{- end }}
{{ if hasKey .Values "logStatsAdmission" }}- --log-stats-admission={{ .Values.logStatsAdmission }}{{- end }}
- --admission-events-involved-namespace={{ .Values.admissionEventsInvolvedNamespace }}
- --log-level={{ (.Values.controllerManager.logLevel | empty | not) | ternary .Values.controllerManager.logLevel .Values.logLevel }}
- --exempt-namespace={{ .Release.Namespace }}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
---
{{- $v1 := .Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}}
{{- $v1beta1 := .Capabilities.APIVersions.Has "policy/v1beta1/PodDisruptionBudget" -}}
{{ $v1 := .Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}}
{{ $v1beta1 := .Capabilities.APIVersions.Has "policy/v1beta1/PodDisruptionBudget" -}}
apiVersion: policy/v1{{- if and (not $v1) $v1beta1 -}}beta1{{- end }}
kind: PodDisruptionBudget
metadata:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,18 @@ rules:
- patch
- update
- watch
- apiGroups:
- config.gatekeeper.sh
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- config.gatekeeper.sh
resources:
Expand Down
17 changes: 6 additions & 11 deletions charts/gatekeeper/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,6 @@ auditChunkSize: 500
logLevel: INFO
logDenies: false
logMutations: false
emitAdmissionEvents: false
emitAuditEvents: false
admissionEventsInvolvedNamespace: false
auditEventsInvolvedNamespace: false
resourceQuota: true
Expand All @@ -49,14 +47,14 @@ enableK8sNativeValidation: true
image:
repository: openpolicyagent/gatekeeper
crdRepository: openpolicyagent/gatekeeper-crds
release: v3.18.0-beta.0
release: v3.19.0-beta.0
pullPolicy: IfNotPresent
pullSecrets: []
preInstall:
crdRepository:
image:
repository: null
tag: v3.18.0-beta.0
tag: v3.19.0-beta.0
postUpgrade:
labelNamespace:
serviceAccount:
Expand All @@ -65,7 +63,7 @@ postUpgrade:
enabled: false
image:
repository: openpolicyagent/gatekeeper-crds
tag: v3.18.0-beta.0
tag: v3.19.0-beta.0
pullPolicy: IfNotPresent
pullSecrets: []
extraNamespaces: []
Expand Down Expand Up @@ -99,7 +97,7 @@ postInstall:
extraRules: []
image:
repository: openpolicyagent/gatekeeper-crds
tag: v3.18.0-beta.0
tag: v3.19.0-beta.0
pullPolicy: IfNotPresent
pullSecrets: []
extraNamespaces: []
Expand Down Expand Up @@ -143,7 +141,7 @@ preUninstall:
enabled: false
image:
repository: openpolicyagent/gatekeeper-crds
tag: v3.18.0-beta.0
tag: v3.19.0-beta.0
pullPolicy: IfNotPresent
pullSecrets: []
priorityClassName: ""
Expand Down Expand Up @@ -222,16 +220,13 @@ controllerManager:
extraRules: []
networkPolicy:
enabled: false
ingress: { }
ingress: []
# - from:
# - ipBlock:
# cidr: 0.0.0.0/0
audit:
serviceAccount:
name: gatekeeper-admin
enablePubsub: false
connection: audit-connection
channel: audit-channel
hostNetwork: false
dnsPolicy: ClusterFirst
metricsPort: 8888
Expand Down
4 changes: 2 additions & 2 deletions cmd/build/helmify/static/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ name: gatekeeper
icon: https://open-policy-agent.github.io/gatekeeper/website/img/logo.svg
keywords:
- open policy agent
version: 3.18.0-beta.0
version: 3.19.0-beta.0
home: https://github.com/open-policy-agent/gatekeeper
sources:
- https://github.com/open-policy-agent/gatekeeper.git
appVersion: v3.18.0-beta.0
appVersion: v3.19.0-beta.0
Loading

0 comments on commit b10db1a

Please sign in to comment.