Skip to content

Commit

Permalink
feat(tigera-operator): Updated image to v1.34.0 (#956)
Browse files Browse the repository at this point in the history 
Signed-off-by: Steve Hipwell <[email protected]>
  • Loading branch information
@stevehipwell
stevehipwell authored May 13, 2024
1 parent e723717 commit bffce23
Show file tree
Hide file tree
Showing 12 changed files with 309 additions and 143 deletions.
16 changes: 8 additions & 8 deletions charts/nexus3/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@

### Fixed

- Fixed incorrect behaviour when `rootPassword.key` is set due to the deprecated `config.rootPassword.key` incorrectly having a default value.
- Fixed incorrect behavior when `rootPassword.key` is set due to the deprecated `config.rootPassword.key` incorrectly having a default value.

## [v4.42.0] - 2024-04-03

Expand Down Expand Up @@ -74,9 +74,9 @@

### Added

- Added `license.enabled`, `license.secret` & `license.key` to configure the _Nexus3_ pro licence.
- Added `highAvailability.enabled` & `highAvailability.replicas` values to enable configuring [high availability](https://help.sonatype.com/repomanager3/planning-your-implementation/resiliency-and-high-availability/high-availability-deployment-options/option-1---manual-high-availability-deployment) when running _Nexus3_ as a `StatefulSet` with a pro licence.
- Added `storeProperties` value to configure a _PostgreSQl_ data store for _Nexus3_ with a pro licence.
- Added `license.enabled`, `license.secret` & `license.key` to configure the _Nexus3_ pro license.
- Added `highAvailability.enabled` & `highAvailability.replicas` values to enable configuring [high availability](https://help.sonatype.com/repomanager3/planning-your-implementation/resiliency-and-high-availability/high-availability-deployment-options/option-1---manual-high-availability-deployment) when running _Nexus3_ as a `StatefulSet` with a pro license.
- Added `storeProperties` value to configure a _PostgreSQl_ data store for _Nexus3_ with a pro license.

## [v4.37.0] - 2023-12-06

Expand Down Expand Up @@ -319,7 +319,7 @@

### Added

- Added `metrics.serviceMonitor.endpointConfig` to allow customisation of the `ServiceMonitor` endpoint.
- Added `metrics.serviceMonitor.endpointConfig` to allow customization of the `ServiceMonitor` endpoint.
- Added `config.anonymous.roles` to allow the anonymous user's roles to be configured.
- Added `config.users` to enable users to be configured, new users will get a random password.
- Added `imagePullSecrets` to replace `image.pullSecrets`.
Expand Down Expand Up @@ -430,7 +430,7 @@

### Removed

- Customisable ingress path (not actually supported)
- Customizable ingress path (not actually supported)

## v4.2.1 - 2021-04-23

Expand All @@ -454,7 +454,7 @@

### Changed

- Fixed regex when S3 blobstore is used
- Fixed regex when S3 blob store is used

## v4.0.2 - 2021-01-15

Expand Down Expand Up @@ -553,7 +553,7 @@

### Changed

- Use custom logback config with customizable retention
- Use custom Logback config with customizable retention

## v3.2.2- 2020-09-30

Expand Down
10 changes: 5 additions & 5 deletions charts/thanos/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
### Added

- Added built in support for automatically setting the `GOMEMLIMIT` env variable on all Thanos components via the `autoGomemlimit.enabled` & `autoGomemlimit.ratio` values.
- Added experimental support for configuring query to access store pods as a group via the `storeEndpointGroup` value, this switches to round-robin instead of fanout.
- Added experimental support for configuring query to access store pods as a group via the `storeEndpointGroup` value, this switches to round-robin instead of fan-out.
- Added experimental support for external endpoint groups via the `additionalEndpointGroups` value.

### Changed
Expand Down Expand Up @@ -147,7 +147,7 @@

- Added support for not providing a tag as part of the image by setting the value to `"-"`.
- Added support for using a digest as part of the image.
- Added support for customising the config reloader image.
- Added support for customizing the config reloader image.
- Added support for compact to deduplicate HA Prometheus replica metrics by setting `compact.replicaDeduplication` which will use the `penalty` deduplication function.

### Changed
Expand Down Expand Up @@ -341,7 +341,7 @@

### Added

- Added `serviceMonitor.endpointConfig` to allow customisation of the `ServiceMonitor` endpoint.
- Added `serviceMonitor.endpointConfig` to allow customization of the `ServiceMonitor` endpoint.

### Changed

Expand Down Expand Up @@ -413,7 +413,7 @@

### Changed

- Fix rule rules configmap support.
- Fix rule rules ConfigMap support.

## [v0.10.0] - 2021-09-17

Expand Down Expand Up @@ -446,7 +446,7 @@

### Changed

- Fixed compact service statefulset service name.
- Fixed compact service StatefulSet service name.

### Removed

Expand Down
11 changes: 11 additions & 0 deletions charts/tigera-operator/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,16 @@

## [UNRELEASED]

## [v2.10.0] - 2024-05-13

### Changed

- Updated the _Tigera Operator_ OCI image to [v1.34.0](https://github.com/tigera/operator/releases/tag/v1.34.0) (_Calico_ [v3.28.0](https://github.com/projectcalico/calico/releases/tag/v3.28.0)).

### Removed

- Removed unnecessary permissions for removed PSP resources.

### Fixed

- Fixed incorrect `ServiceMonitor` name via the `jobLabel` field.
Expand Down Expand Up @@ -495,6 +505,7 @@
RELEASE LINKS
-->
[UNRELEASED]: https://github.com/stevehipwell/helm-charts/tree/main/charts/tigera-operator
[v2.10.0]: https://github.com/stevehipwell/helm-charts/releases/tag/tigera-operator-2.10.0
[v2.9.3]: https://github.com/stevehipwell/helm-charts/releases/tag/tigera-operator-2.9.3
[v2.9.2]: https://github.com/stevehipwell/helm-charts/releases/tag/tigera-operator-2.9.2
[v2.9.1]: https://github.com/stevehipwell/helm-charts/releases/tag/tigera-operator-2.9.1
Expand Down
10 changes: 7 additions & 3 deletions charts/tigera-operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: tigera-operator
description: Helm chart to install the Tigera Operator for managing Calico.
type: application
version: 2.9.3
appVersion: 1.32.7
version: 2.10.0
appVersion: 1.34.0
keywords:
- kubernetes
- cni
Expand All @@ -26,4 +26,8 @@ annotations:
artifacthub.io/alternativeName: tigera
artifacthub.io/changes: |
- kind: changed
description: "Updated the _Tigera Operator_ OCI image to [v1.32.7](https://github.com/tigera/operator/releases/tag/v1.32.7) (_Calico_ [v3.27.3](https://github.com/projectcalico/calico/releases/tag/v3.27.3))."
description: "Updated the _Tigera Operator_ OCI image to [v1.34.0](https://github.com/tigera/operator/releases/tag/v1.34.0) (_Calico_ [v3.28.0](https://github.com/projectcalico/calico/releases/tag/v3.28.0))."
- kind: removed
description: "Removed unnecessary permissions for removed PSP resources."
- kind: fixed
description: "Fixed incorrect `ServiceMonitor` name via the `jobLabel` field."
8 changes: 4 additions & 4 deletions charts/tigera-operator/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# tigera-operator

![Version: 2.9.3](https://img.shields.io/badge/Version-2.9.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.32.7](https://img.shields.io/badge/AppVersion-1.32.7-informational?style=flat-square)
![Version: 2.10.0](https://img.shields.io/badge/Version-2.10.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.34.0](https://img.shields.io/badge/AppVersion-1.34.0-informational?style=flat-square)

The [Tigera Operator](https://www.tigera.io/) is a Kubernetes operator which manages the lifecycle of a [Calico](https://www.tigera.io/project-calico/) or [Calico Enterprise](https://www.tigera.io/tigera-products/calico-enterprise/) installation on Kubernetes. Its goal is to make installation, upgrades, and ongoing lifecycle management of _Calico_ and _Calico Enterprise_ as simple and reliable as possible.

Expand All @@ -27,15 +27,15 @@ It is possible to use the _Tigera Operator_ for other use-cases by installing ad
To install the chart using the recommended OCI method you can use the following command.

```shell
helm upgrade --install tigera-operator oci://ghcr.io/stevehipwell/helm-charts/tigera-operator --version 2.9.3
helm upgrade --install tigera-operator oci://ghcr.io/stevehipwell/helm-charts/tigera-operator --version 2.10.0
```

#### Verification

As the OCI chart release is signed by [Cosign](https://github.com/sigstore/cosign) you can verify the chart before installing it by running the following command.

```shell
cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github\.com/action-stars/helm-workflows/\.github/workflows/release\.yaml@.+' --certificate-github-workflow-repository stevehipwell/helm-charts --certificate-github-workflow-name Release ghcr.io/stevehipwell/helm-charts/tigera-operator:2.9.3
cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github\.com/action-stars/helm-workflows/\.github/workflows/release\.yaml@.+' --certificate-github-workflow-repository stevehipwell/helm-charts --certificate-github-workflow-name Release ghcr.io/stevehipwell/helm-charts/tigera-operator:2.10.0
```

### Non-OCI Repository
Expand All @@ -44,7 +44,7 @@ Alternatively you can use the legacy non-OCI method via the following commands.

```shell
helm repo add stevehipwell https://stevehipwell.github.io/helm-charts/
helm upgrade --install tigera-operator stevehipwell/tigera-operator --version 2.9.3
helm upgrade --install tigera-operator stevehipwell/tigera-operator --version 2.10.0
```

## Values
Expand Down
26 changes: 17 additions & 9 deletions charts/tigera-operator/crds/apiservers.operator.tigera.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1277,8 +1277,9 @@ spec:
properties:
name:
description:
Name is an enum which identifies
"Name is an enum which identifies
the API server Deployment container by name.
Supported values are: calico-apiserver, tigera-queryserver"
enum:
- calico-apiserver
- tigera-queryserver
Expand Down Expand Up @@ -1349,7 +1350,8 @@ spec:
If Requests is omitted for a container,
it defaults to Limits if that is explicitly
specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: object
type: object
required:
Expand All @@ -1370,9 +1372,9 @@ spec:
properties:
name:
description:
Name is an enum which identifies
"Name is an enum which identifies
the API server Deployment init container by
name.
name. Supported values are: calico-apiserver-certs-key-cert-provisioner"
enum:
- calico-apiserver-certs-key-cert-provisioner
type: string
Expand Down Expand Up @@ -1440,7 +1442,8 @@ spec:
If Requests is omitted for a container,
it defaults to Limits if that is explicitly
specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/"
type: object
type: object
required:
Expand Down Expand Up @@ -1602,16 +1605,21 @@ spec:
x-kubernetes-map-type: atomic
matchLabelKeys:
description:
MatchLabelKeys is a set of pod
"MatchLabelKeys is a set of pod
label keys to select the pods over which spreading
will be calculated. The keys are used to lookup
values from the incoming pod labels, those
key-value labels are ANDed with labelSelector
to select the group of existing pods over
which spreading will be calculated for the
incoming pod. Keys that don't exist in the
incoming pod labels will be ignored. A null
or empty list means only match against labelSelector.
incoming pod. The same key is forbidden to
exist in both MatchLabelKeys and LabelSelector.
MatchLabelKeys cannot be set when LabelSelector
isn't set. Keys that don't exist in the incoming
pod labels will be ignored. A null or empty
list means only match against labelSelector.
\n This is a beta field and requires the MatchLabelKeysInPodTopologySpread
feature gate to be enabled (enabled by default)."
items:
type: string
type: array
Expand Down
2 changes: 1 addition & 1 deletion charts/tigera-operator/crds/calico/bgppeers.crd.projectcalico.org.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ spec:
description:
Maximum number of local AS numbers that are allowed in
the AS path for received routes. This removes BGP loop prevention
and should only be used if absolutely necesssary.
and should only be used if absolutely necessary.
format: int32
type: integer
password:
Expand Down
44 changes: 33 additions & 11 deletions charts/tigera-operator/crds/calico/felixconfigurations.crd.projectcalico.org.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,14 +132,14 @@ spec:
Loose]"
pattern: ^(?i)(Disabled|Strict|Loose)?$
type: string
bpfExcludeCIDRsFromNAT:
description:
BPFExcludeCIDRsFromNAT is a list of CIDRs that are to
be excluded from NAT resolution so that host can handle them. A
typical usecase is node local DNS cache.
items:
type: string
type: array
bpfExcludeCIDRsFromNAT:
description:
BPFExcludeCIDRsFromNAT is a list of CIDRs that are to
be excluded from NAT resolution so that host can handle them. A
typical usecase is node local DNS cache.
items:
type: string
type: array
bpfExtToServiceConnmark:
description:
"BPFExtToServiceConnmark in BPF mode, control a 32bit
Expand Down Expand Up @@ -188,8 +188,9 @@ spec:
type: string
bpfKubeProxyEndpointSlicesEnabled:
description:
BPFKubeProxyEndpointSlicesEnabled in BPF mode, controls
whether Felix's embedded kube-proxy accepts EndpointSlices or not.
BPFKubeProxyEndpointSlicesEnabled is deprecated and has
no effect. BPF kube-proxy always accepts endpoint slices. This option
will be removed in the next release.
type: boolean
bpfKubeProxyIptablesCleanupEnabled:
description:
Expand Down Expand Up @@ -324,11 +325,25 @@ spec:
type: string
debugDisableLogDropping:
type: boolean
debugHost:
description:
DebugHost is the host IP or hostname to bind the debug
port to. Only used if DebugPort is set. [Default:localhost]
type: string
debugMemoryProfilePath:
type: string
debugPort:
description:
DebugPort if set, enables Felix's debug HTTP port, which
allows memory and CPU profiles to be retrieved. The debug port
is not secure, it should not be exposed to the internet.
type: integer
debugSimulateCalcGraphHangAfter:
pattern: ^([0-9]+(\\.[0-9]+)?(ms|s|m|h))*$
type: string
debugSimulateDataplaneApplyDelay:
pattern: ^([0-9]+(\\.[0-9]+)?(ms|s|m|h))*$
type: string
debugSimulateDataplaneHangAfter:
pattern: ^([0-9]+(\\.[0-9]+)?(ms|s|m|h))*$
type: string
Expand Down Expand Up @@ -372,6 +387,13 @@ spec:
type: string
endpointReportingEnabled:
type: boolean
endpointStatusPathPrefix:
description:
"EndpointStatusPathPrefix is the path to the directory
where endpoint status will be written. Endpoint status file reporting
is disabled if field is left empty. \n Chosen directory should match
the directory used by the CNI for PodStartupDelay. [Default: \"\"]"
type: string
externalNodesList:
description:
ExternalNodesCIDRList is a list of CIDR's of external-non-calico-nodes
Expand Down Expand Up @@ -676,7 +698,7 @@ spec:
"MetadataAddr is the IP address or domain name of the
server that can answer VM queries for cloud-init metadata. In OpenStack,
this corresponds to the machine running nova-api (or in Ubuntu,
nova-api-metadata). A value of none (case insensitive) means that
nova-api-metadata). A value of none (case-insensitive) means that
Felix should not set up any NAT rule for the metadata path. [Default:
127.0.0.1]"
type: string
Expand Down
Loading

0 comments on commit bffce23

Please sign in to comment.