release 1.0.0-rc.0

charts/gatekeeper/charts/agent/Chart.yaml

@@ -2,5 +2,4 @@ apiVersion: v2
 name: agent
 description: A Helm chart for Kubernetes
 type: application
-version: 0.1.0
-appVersion: "0.1.0"
+version: 1.0.0-rc.0

charts/gatekeeper/charts/agent/values.yaml

@@ -7,7 +7,7 @@ replicaCount: 1
 apiserver:
   image:
     repository: kubesphere/gatekeeper-extension-apiserver
-    tag: "v0.1.0"
+    tag: "v1.0.0-rc.0"
     pullPolicy: IfNotPresent
     # Overrides the image tag whose default is the chart appVersion.
 

charts/gatekeeper/charts/extension/Chart.yaml

@@ -2,5 +2,4 @@ apiVersion: v2
 name: extension
 description: A Helm chart for Kubernetes
 type: application
-version: 0.1.0
-appVersion: "0.1.0"
+version: 1.0.0-rc.0

charts/gatekeeper/extension.yaml

@@ -1,50 +1,56 @@
 apiVersion: kubesphere.io/v1alpha1
 name: gatekeeper
-version: 0.1.2
+version: 1.0.0-rc.0
 displayName:
   en: Gatekeeper
   zh: Gatekeeper
 description:
-  zh: Gatekeeper 是一个基于 OPA 的安全策略管理工具
-  en: Gatekeeper is a security policy management tool based on OPA
+  zh: |-
+    Gatekeeper 是一个基于 OPA 的安全策略管理工具
+  en: |-
+    Gatekeeper is a security policy management tool based on OPA
 category: security
 keywords:
-- security
-- gatekeeper
-- opa
-- admission webhook
+  - security
+  - gatekeeper
+  - opa
+  - admission webhook
 home: https://kubesphere.io
+docs: https://open-policy-agent.github.io/gatekeeper/website/docs/
 sources:
-- https://github.com/kubesphere-extensions/gatekeeper
-kubeVersion: ">=1.19.0-0"
-ksVersion: ">=4.0.0-0"
+  - https://github.com/kubesphere-extensions/gatekeeper
+  - https://github.com/open-policy-agent/gatekeeper
+kubeVersion: '>=1.19.0-0'
+ksVersion: '>=4.0.0-0'
 maintainers:
-- name: "hongming"
-  email: [email protected]
-provider:
-  en:
-    name: "hongming"
+  - name: KubeSphere
     email: [email protected]
+provider:
   zh:
     name: 北京青云科技股份有限公司
     email: [email protected]
-icon: https://open-policy-agent.github.io/gatekeeper/website/img/logo.svg
+    url: https://kubesphere.com.cn/
+  en:
+    name: QingCloud Technologies
+    email: [email protected]
+    url: https://kubesphere.co/
+icon: ./logo.svg
 dependencies:
-- name: gatekeeper
-  tags:
-  - agent
-- name: agent
-  tags:
-  - agent
-- name: extension
-  tags:
-  - extension
+  - name: gatekeeper
+    tags:
+      - agent
+  - name: agent
+    tags:
+      - agent
+  - name: extension
+    tags:
+      - extension
 # installationMode describes how to install subcharts, it can be HostOnly or Multicluster.
 # In Multicluster mode, the subchart with tag `extension` will only be deployed to the host cluster,
 # and the subchart with tag `agent` will be deployed to all selected clusters.
 installationMode: Multicluster
 images:
-- docker.io/kubesphere/gatekeeper-extension-apiserver:v0.1.0
-- docker.io/kubesphere/kubectl:v1.27.12
-- docker.io/openpolicyagent/gatekeeper:v3.14.0
-- docker.io/openpolicyagent/gatekeeper-crds:v3.14.0
+  - docker.io/kubesphere/gatekeeper-extension-apiserver:v1.0.0-rc.0
+  - docker.io/kubesphere/kubectl:v1.27.12
+  - docker.io/openpolicyagent/gatekeeper:v3.14.0
+  - docker.io/openpolicyagent/gatekeeper-crds:v3.14.0

charts/gatekeeper/values.yaml

@@ -74,7 +74,7 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 999
       runAsNonRoot: true
@@ -110,7 +110,7 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 999
       runAsNonRoot: true
@@ -133,7 +133,7 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 999
       runAsNonRoot: true
@@ -162,15 +162,15 @@ gatekeeper:
     affinity:
       podAntiAffinity:
         preferredDuringSchedulingIgnoredDuringExecution:
-        - podAffinityTerm:
-            labelSelector:
-              matchExpressions:
-              - key: gatekeeper.sh/operation
-                operator: In
-                values:
-                - webhook
-            topologyKey: kubernetes.io/hostname
-          weight: 100
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                  - key: gatekeeper.sh/operation
+                    operator: In
+                    values:
+                      - webhook
+              topologyKey: kubernetes.io/hostname
+            weight: 100
     topologySpreadConstraints: []
     tolerations: []
     nodeSelector: {kubernetes.io/os: linux}
@@ -184,15 +184,15 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 999
       runAsNonRoot: true
       runAsUser: 1000
     podSecurityContext:
       fsGroup: 999
       supplementalGroups:
-      - 999
+        - 999
     extraRules: []
     networkPolicy:
       enabled: false
@@ -223,15 +223,15 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 999
       runAsNonRoot: true
       runAsUser: 1000
     podSecurityContext:
       fsGroup: 999
       supplementalGroups:
-      - 999
+        - 999
     writeToRAMDisk: false
     extraRules: []
   crds:
@@ -243,7 +243,7 @@ gatekeeper:
       allowPrivilegeEscalation: false
       capabilities:
         drop:
-        - ALL
+          - ALL
       readOnlyRootFilesystem: true
       runAsGroup: 65532
       runAsNonRoot: true
@@ -267,10 +267,11 @@ gatekeeper:
 
 agent:
   replicaCount: 1
-  image:
-    repository: kubesphere/gatekeeper-extension-apiserver
-    tag: "v0.1.0"
-    pullPolicy: IfNotPresent
+  apiserver:
+    image:
+      repository: kubesphere/gatekeeper-extension-apiserver
+      tag: "v1.0.0-rc.0"
+      pullPolicy: IfNotPresent
   kubectl:
     image:
       repository: kubesphere/kubectl