Merge pull request #98 from sighupio/develop

Release v1.9.0
sighupio · Sep 18, 2023 · 7d174ba · 7d174ba
2 parents cc05033 + 269dd44
commit 7d174ba
Show file tree

Hide file tree

Showing 11 changed files with 478 additions and 97 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -8,10 +8,10 @@ type: docker
 
 steps:
   - name: check
-    image: docker.io/library/golang:1.16
+    image: docker.io/library/golang:1.20
     pull: always
     commands:
-      - go get -u github.com/google/addlicense
+      - go install github.com/google/addlicense@v1.1.1
       - addlicense -c "SIGHUP s.r.l" -v -l bsd -y "2017-present" --check .
 
 ---
@@ -44,7 +44,7 @@ steps:
       - clone
 
   - name: render
-    image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.20.7_3.8.7_2.4.1
+    image: quay.io/sighup/e2e-testing:1.1.0_0.11.0_3.1.1_1.9.4_1.26.3_3.5.3_4.33.3
     pull: always
     depends_on:
       - clone
@@ -58,10 +58,10 @@ steps:
       - render
     commands:
       # we use --ignore-deprecations because we don't want the CI to fail when the API has not been removed yet.
-      - /pluto detect gatekeeper.yml --target-versions=k8s=v1.25.0 --ignore-deprecations
+      - /pluto detect gatekeeper.yml --target-versions=k8s=v1.26.0 --ignore-deprecations
 
 ---
-name: e2e-kubernetes-1.22
+name: e2e-kubernetes-1.23
 kind: pipeline
 type: docker
 
@@ -80,6 +80,7 @@ trigger:
     include:
       - refs/heads/master
       - refs/heads/main
+      - refs/heads/develop
       - refs/tags/**
 
 steps:
@@ -91,10 +92,10 @@ steps:
         path: /shared
     depends_on: [clone]
     settings:
-      action: custom-cluster-122
-      pipeline_id: cluster-122
+      action: custom-cluster-123
+      pipeline_id: cluster-123
       local_kind_config_path: katalog/tests/kind/config.yml
-      cluster_version: "1.22.0"
+      cluster_version: "1.23.0"
       instance_path: /shared
       aws_default_region:
         from_secret: aws_region
@@ -116,14 +117,14 @@ steps:
         from_secret: dockerhub_password
 
   - name: e2e
-    image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.22.0_3.8.7_2.4.1
+    image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.23.0_3.8.7_2.4.1
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [init]
     commands:
-      - export KUBECONFIG=/shared/kube/kubeconfig-122
+      - export KUBECONFIG=/shared/kube/kubeconfig-123
       - bats -t katalog/tests/gatekeeper.sh
 
   - name: destroy
@@ -132,7 +133,7 @@ steps:
     depends_on: [e2e]
     settings:
       action: destroy
-      pipeline_id: cluster-122
+      pipeline_id: cluster-123
       aws_default_region:
         from_secret: aws_region
       aws_access_key_id:
@@ -161,7 +162,7 @@ volumes:
     temp: {}
 
 ---
-name: e2e-kubernetes-1.23
+name: e2e-kubernetes-1.24
 kind: pipeline
 type: docker
 
@@ -180,6 +181,7 @@ trigger:
     include:
       - refs/heads/master
       - refs/heads/main
+      - refs/heads/develop
       - refs/tags/**
 
 steps:
@@ -191,10 +193,10 @@ steps:
         path: /shared
     depends_on: [clone]
     settings:
-      action: custom-cluster-123
-      pipeline_id: cluster-123
+      action: custom-cluster-124
+      pipeline_id: cluster-124
       local_kind_config_path: katalog/tests/kind/config.yml
-      cluster_version: "1.23.0"
+      cluster_version: "1.24.0"
       instance_path: /shared
       aws_default_region:
         from_secret: aws_region
@@ -216,14 +218,14 @@ steps:
         from_secret: dockerhub_password
 
   - name: e2e
-    image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.23.0_3.8.7_2.4.1
+    image: quay.io/sighup/e2e-testing:1.1.0_0.7.0_3.1.1_1.9.4_1.24.1_3.8.7_4.21.1
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [init]
     commands:
-      - export KUBECONFIG=/shared/kube/kubeconfig-123
+      - export KUBECONFIG=/shared/kube/kubeconfig-124
       - bats -t katalog/tests/gatekeeper.sh
 
   - name: destroy
@@ -232,7 +234,7 @@ steps:
     depends_on: [e2e]
     settings:
       action: destroy
-      pipeline_id: cluster-123
+      pipeline_id: cluster-124
       aws_default_region:
         from_secret: aws_region
       aws_access_key_id:
@@ -259,9 +261,8 @@ steps:
 volumes:
   - name: shared
     temp: {}
-
 ---
-name: e2e-kubernetes-1.24
+name: e2e-kubernetes-1.25
 kind: pipeline
 type: docker
 
@@ -280,21 +281,22 @@ trigger:
     include:
       - refs/heads/master
       - refs/heads/main
+      - refs/heads/develop
       - refs/tags/**
 
 steps:
   - name: init
-    image: quay.io/sighup/e2e-testing-drone-plugin:v1.24.0
+    image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [clone]
     settings:
-      action: custom-cluster-124
-      pipeline_id: cluster-124
+      action: custom-cluster-125
+      pipeline_id: cluster-125
       local_kind_config_path: katalog/tests/kind/config.yml
-      cluster_version: "1.24.0"
+      cluster_version: "1.25.3"
       instance_path: /shared
       aws_default_region:
         from_secret: aws_region
@@ -316,23 +318,24 @@ steps:
         from_secret: dockerhub_password
 
   - name: e2e
-    image: quay.io/sighup/e2e-testing:1.1.0_0.7.0_3.1.1_1.9.4_1.24.1_3.8.7_4.21.1
+    # KUBECTL 1.25.3 - KUSTOMIZE 3.5.3 - HELM 3.1.1 - YQ 4.21.1 - ISTIOCTL 1.9.4 - FURYCTL 0.9.0 - BATS 1.1.0
+    image: quay.io/sighup/e2e-testing:1.1.0_0.9.0_3.1.1_1.9.4_1.25.3_3.5.3_4.21.1
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [init]
     commands:
-      - export KUBECONFIG=/shared/kube/kubeconfig-124
+      - export KUBECONFIG=/shared/kube/kubeconfig-125
       - bats -t katalog/tests/gatekeeper.sh
 
   - name: destroy
-    image: quay.io/sighup/e2e-testing-drone-plugin:v1.24.0
+    image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
     pull: always
     depends_on: [e2e]
     settings:
       action: destroy
-      pipeline_id: cluster-124
+      pipeline_id: cluster-125
       aws_default_region:
         from_secret: aws_region
       aws_access_key_id:
@@ -360,7 +363,7 @@ volumes:
   - name: shared
     temp: {}
 ---
-name: e2e-kubernetes-1.25
+name: e2e-kubernetes-1.26
 kind: pipeline
 type: docker
 
@@ -379,21 +382,22 @@ trigger:
     include:
       - refs/heads/master
       - refs/heads/main
+      - refs/heads/develop
       - refs/tags/**
 
 steps:
   - name: init
-    image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
+    image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [clone]
     settings:
-      action: custom-cluster-125
-      pipeline_id: cluster-125
+      action: custom-cluster-126
+      pipeline_id: cluster-126
       local_kind_config_path: katalog/tests/kind/config.yml
-      cluster_version: "1.25.3"
+      cluster_version: "1.26.4"
       instance_path: /shared
       aws_default_region:
         from_secret: aws_region
@@ -415,24 +419,23 @@ steps:
         from_secret: dockerhub_password
 
   - name: e2e
-    # KUBECTL 1.25.3 - KUSTOMIZE 3.5.3 - HELM 3.1.1 - YQ 4.21.1 - ISTIOCTL 1.9.4 - FURYCTL 0.9.0 - BATS 1.1.0
-    image: quay.io/sighup/e2e-testing:1.1.0_0.9.0_3.1.1_1.9.4_1.25.3_3.5.3_4.21.1
+    image: quay.io/sighup/e2e-testing:1.1.0_0.11.0_3.1.1_1.9.4_1.26.3_3.5.3_4.33.3
     pull: always
     volumes:
       - name: shared
         path: /shared
     depends_on: [init]
     commands:
-      - export KUBECONFIG=/shared/kube/kubeconfig-125
+      - export KUBECONFIG=/shared/kube/kubeconfig-126
       - bats -t katalog/tests/gatekeeper.sh
 
   - name: destroy
-    image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
+    image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
     pull: always
     depends_on: [e2e]
     settings:
       action: destroy
-      pipeline_id: cluster-125
+      pipeline_id: cluster-126
       aws_default_region:
         from_secret: aws_region
       aws_access_key_id:
@@ -466,10 +469,10 @@ kind: pipeline
 type: docker
 
 depends_on:
-  - e2e-kubernetes-1.22
   - e2e-kubernetes-1.23
   - e2e-kubernetes-1.24
   - e2e-kubernetes-1.25
+  - e2e-kubernetes-1.26
 
 platform:
   os: linux
@@ -481,17 +484,6 @@ trigger:
       - refs/tags/**
 
 steps:
-  - name: prepare-canonical-json
-    image: registry.sighup.io/poc/fury-repo-automations:v0.0.3
-    pull: always
-    depends_on: [clone]
-    commands:
-      - spock module-json -m=fury-kubernetes-opa -r=False -v=${DRONE_TAG}
-    when:
-      ref:
-        include:
-          - refs/tags/**
-
   - name: prepare-tar-gz
     image: alpine:latest
     pull: always
@@ -518,7 +510,6 @@ steps:
     image: plugins/github-release
     pull: always
     depends_on:
-      - prepare-canonical-json
       - prepare-tar-gz
       - prepare-release-notes
     settings:
@@ -527,7 +518,6 @@ steps:
       file_exists: overwrite
       files:
         - fury-kubernetes-opa-${DRONE_TAG}.tar.gz
-        - fury-kubernetes-opa-canonical-definition-${DRONE_TAG}.json
       prerelease: true
       overwrite: true
       title: "Preview ${DRONE_TAG}"
@@ -544,7 +534,6 @@ steps:
     image: plugins/github-release
     pull: always
     depends_on:
-      - prepare-canonical-json
       - prepare-tar-gz
       - prepare-release-notes
     settings:
@@ -553,7 +542,6 @@ steps:
       file_exists: overwrite
       files:
         - fury-kubernetes-opa-${DRONE_TAG}.tar.gz
-        - fury-kubernetes-opa-canonical-definition-${DRONE_TAG}.json
       prerelease: false
       overwrite: true
       title: "Release ${DRONE_TAG}"

diff --git a/README.md b/README.md
@@ -5,7 +5,7 @@
 </h1>
 <!-- markdownlint-enable MD033 -->
 
-![Release](https://img.shields.io/badge/Latest%20Release-v1.8.0-blue)
+![Release](https://img.shields.io/badge/Latest%20Release-v1.9.0-blue)
 ![License](https://img.shields.io/github/license/sighupio/fury-kubernetes-opa?label=License)
 ![Slack](https://img.shields.io/badge/slack-@kubernetes/fury-yellow.svg?logo=slack&label=Slack)
 
@@ -29,21 +29,21 @@ Fury Kubernetes OPA provides the following packages:
 
 | Package                                                | Version   | Description                                                       |
 | ------------------------------------------------------ | --------- | ----------------------------------------------------------------- |
-| [Gatekeeper Core](katalog/gatekeeper/core)             | `v3.11.0` | Gatekeeper deployment, ready to enforce rules.                    |
+| [Gatekeeper Core](katalog/gatekeeper/core)             | `v3.12.0` | Gatekeeper deployment, ready to enforce rules.                    |
 | [Gatekeeper Rules](katalog/gatekeeper/rules)           | `N.A.`    | A set of custom rules to get started with policy enforcement.     |
 | [Gatekeeper Monitoring](katalog/gatekeeper/monitoring) | `N.A.`    | Metrics, alerts and dashboard for monitoring Gatekeeper.          |
-| [Gatekeeper Policy Manager](katalog/gatekeeper/gpm)    | `v1.0.3`  | Gatekeeper Policy Manager, a simple to use web-ui for Gatekeeper. |
+| [Gatekeeper Policy Manager](katalog/gatekeeper/gpm)    | `v1.0.4`  | Gatekeeper Policy Manager, a simple to use web-ui for Gatekeeper. |
 
 Click on each package name to see its full documentation.
 
 ## Compatibility
 
 | Kubernetes Version |   Compatibility    | Notes            |
 | ------------------ | :----------------: | ---------------- |
-| `1.22.x`           | :white_check_mark: | No known issues  |
 | `1.23.x`           | :white_check_mark: | No known issues. |
 | `1.24.x`           | :white_check_mark: | No known issues. |
 | `1.25.x`           | :white_check_mark: | No known issues. |
+| `1.26.x`           | :white_check_mark: | No known issues  |
 
 Check the [compatibility matrix][compatibility-matrix] for additional information on previous releases of the module.
 
@@ -53,8 +53,8 @@ Check the [compatibility matrix][compatibility-matrix] for additional informatio
 
 | Tool                                    | Version    | Description                                                                                                                                                    |
 | --------------------------------------- | ---------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [furyctl][furyctl-repo]                 | `>=0.6.0`  | The recommended tool to download and manage KFD modules and their packages. To learn more about `furyctl` read the [official documentation][furyctl-repo].     |
-| [kustomize][kustomize-repo]             | `>=3.5.0`  | Packages are customized using `kustomize`. To learn how to create your customization layer with `kustomize`, please refer to the [repository][kustomize-repo]. |
+| [furyctl][furyctl-repo]                 | `>=0.25.0` | The recommended tool to download and manage KFD modules and their packages. To learn more about `furyctl` read the [official documentation][furyctl-repo].     |
+| [kustomize][kustomize-repo]             | `>=3.5.3`  | Packages are customized using `kustomize`. To learn how to create your customization layer with `kustomize`, please refer to the [repository][kustomize-repo]. |
 | [KFD Monitoring Module][kfd-monitoring] | `>v1.10.0` | Expose metrics to Prometheus *(optional)* and use Grafana Dashboards.                                                                                          |
 
 > You can comment out the service monitor in the [kustomization.yaml][core-kustomization] file if you don't want to install the monitoring module.
@@ -66,12 +66,12 @@ Check the [compatibility matrix][compatibility-matrix] for additional informatio
 ```yaml
 bases:
   - name: opa/gatekeeper
-    version: "1.8.0"
+    version: "1.9.0"
 ```
 
 > See `furyctl` [documentation][furyctl-repo] for additional details about `Furyfile.yml` format.
 
-2. Execute `furyctl vendor -H` to download the packages
+2. Execute `furyctl legacy vendor -H` to download the packages
 
 3. Inspect the download packages under `./vendor/katalog/opa/gatekeeper`.