Skip to content

Commit

Permalink
Merge pull request #13 from wansir/master
Browse files Browse the repository at this point in the history 
update version to 0.1.1
  • Loading branch information
@wansir
wansir authored Mar 12, 2024
2 parents baff544 + fb424d5 commit 5d93f9d
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 63 deletions.
15 changes: 0 additions & 15 deletions charts/gatekeeper/Chart.yaml
View file

This file was deleted.

22 changes: 1 addition & 21 deletions charts/gatekeeper/charts/agent/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
replicaCount: 1

image:
repository: docker.io/wansir/gatekeeper-extension-apiserver
repository: docker.io/kubesphere/gatekeeper-extension-apiserver
tag: "v0.1.0"
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
Expand All @@ -20,26 +20,6 @@ securityContext: {}
# runAsNonRoot: true
# runAsUser: 1000

service:
type: ClusterIP
port: 80

ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local

resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
Expand Down
2 changes: 1 addition & 1 deletion charts/gatekeeper/extension.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: kubesphere.io/v1alpha1
name: gatekeeper
version: 0.1.0
version: 0.1.1
displayName:
en: Gatekeeper
zh: Gatekeeper
Expand Down
66 changes: 40 additions & 26 deletions charts/gatekeeper/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,23 +62,26 @@ gatekeeper:
pullPolicy: IfNotPresent
pullSecrets: []
extraNamespaces: []
podSecurity: ["pod-security.kubernetes.io/audit=restricted",
"pod-security.kubernetes.io/audit-version=latest",
"pod-security.kubernetes.io/warn=restricted",
"pod-security.kubernetes.io/warn-version=latest",
"pod-security.kubernetes.io/enforce=privileged",
"pod-security.kubernetes.io/enforce-version=v1.24"]
podSecurity:
[
"pod-security.kubernetes.io/audit=restricted",
"pod-security.kubernetes.io/audit-version=latest",
"pod-security.kubernetes.io/warn=restricted",
"pod-security.kubernetes.io/warn-version=latest",
"pod-security.kubernetes.io/enforce=privileged",
"pod-security.kubernetes.io/enforce-version=v1.24",
]
extraAnnotations: {}
priorityClassName: ""
affinity: {}
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 999
runAsNonRoot: true
Expand All @@ -93,12 +96,15 @@ gatekeeper:
pullPolicy: IfNotPresent
pullSecrets: []
extraNamespaces: []
podSecurity: ["pod-security.kubernetes.io/audit=restricted",
"pod-security.kubernetes.io/audit-version=latest",
"pod-security.kubernetes.io/warn=restricted",
"pod-security.kubernetes.io/warn-version=latest",
"pod-security.kubernetes.io/enforce=privileged",
"pod-security.kubernetes.io/enforce-version=v1.24"]
podSecurity:
[
"pod-security.kubernetes.io/audit=restricted",
"pod-security.kubernetes.io/audit-version=latest",
"pod-security.kubernetes.io/warn=restricted",
"pod-security.kubernetes.io/warn-version=latest",
"pod-security.kubernetes.io/enforce=privileged",
"pod-security.kubernetes.io/enforce-version=v1.24",
]
extraAnnotations: {}
priorityClassName: ""
probeWebhook:
Expand All @@ -114,12 +120,12 @@ gatekeeper:
priorityClassName: ""
affinity: {}
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 999
runAsNonRoot: true
Expand All @@ -136,13 +142,13 @@ gatekeeper:
priorityClassName: ""
affinity: {}
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 999
runAsNonRoot: true
Expand Down Expand Up @@ -182,7 +188,7 @@ gatekeeper:
weight: 100
topologySpreadConstraints: []
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
resources:
limits:
memory: 512Mi
Expand All @@ -193,7 +199,7 @@ gatekeeper:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 999
runAsNonRoot: true
Expand All @@ -205,7 +211,8 @@ gatekeeper:
extraRules: []
networkPolicy:
enabled: false
ingress: { }
ingress:
{}
# - from:
# - ipBlock:
# cidr: 0.0.0.0/0
Expand All @@ -221,7 +228,7 @@ gatekeeper:
disableCertRotation: false
affinity: {}
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
resources:
limits:
memory: 512Mi
Expand All @@ -232,7 +239,7 @@ gatekeeper:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 999
runAsNonRoot: true
Expand All @@ -246,13 +253,13 @@ gatekeeper:
crds:
affinity: {}
tolerations: []
nodeSelector: {kubernetes.io/os: linux}
nodeSelector: { kubernetes.io/os: linux }
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65532
runAsNonRoot: true
Expand All @@ -272,4 +279,11 @@ gatekeeper:
create: true
externalCertInjection:
enabled: false
secretName: gatekeeper-webhook-server-cert
secretName: gatekeeper-webhook-server-cert

agent:
replicaCount: 1
image:
repository: docker.io/kubesphere/gatekeeper-extension-apiserver
tag: "v0.1.0"
pullPolicy: IfNotPresent

0 comments on commit 5d93f9d

Please sign in to comment.