liqotech · adamjensenbot · Sep 22, 2023 · Sep 22, 2023
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -29,3 +29,8 @@ updates:
     directory: "/build/liqonet"
     schedule:
       interval: "daily"
+
+  - package-ecosystem: "docker"
+    directory: "/build/proxy"
+    schedule:
+      interval: "daily"
diff --git a/build/proxy/Dockerfile b/build/proxy/Dockerfile
@@ -0,0 +1 @@
+FROM envoyproxy/envoy:v1.27.0
diff --git a/deployments/liqo/README.md b/deployments/liqo/README.md
@@ -115,7 +115,7 @@
 | openshiftConfig.enable | bool | `false` | Enable/Disable the OpenShift support, enabling Openshift-specific resources, and setting the pod security contexts in a way that is compatible with Openshift. |
 | openshiftConfig.virtualKubeletSCCs | list | `["anyuid"]` | Security context configurations granted to the virtual kubelet in the local cluster. The configuration of one or more SCCs for the virtual kubelet is not strictly required, and privileges can be reduced in production environments. Still, the default configuration (i.e., anyuid) is suggested to prevent problems (i.e., the virtual kubelet fails to add the appropriate labels) when attempting to offload pods not managed by higher-level abstractions (e.g., Deployments), and not associated with a properly privileged service account. Indeed, "anyuid" is the SCC automatically associated with pods created by cluster administrators. Any pod granted a more privileged SCC and not linked to an adequately privileged service account will fail to be offloaded. |
 | proxy.config.listeningPort | int | `8118` | Port used by the proxy pod. |
-| proxy.imageName | string | `"envoyproxy/envoy:v1.21.0"` | Image repository for the proxy pod. |
+| proxy.imageName | string | `"ghcr.io/liqotech/proxy"` | Image repository for the proxy pod. |
 | proxy.pod.annotations | object | `{}` | Annotations for the proxy pod. |
 | proxy.pod.extraArgs | list | `[]` | Extra arguments for the proxy pod. |
 | proxy.pod.labels | object | `{}` | Labels for the proxy pod. |

diff --git a/deployments/liqo/templates/liqo-proxy-configmap.yaml b/deployments/liqo/templates/liqo-proxy-configmap.yaml
@@ -56,6 +56,8 @@ data:
                                      {}
                    http_filters:
                      - name: envoy.filters.http.router
+                       typed_config:
+                         "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
      clusters:
        - name: api_server
          connect_timeout: 1.25s

diff --git a/deployments/liqo/templates/liqo-proxy-deployment.yaml b/deployments/liqo/templates/liqo-proxy-deployment.yaml
@@ -27,7 +27,7 @@ spec:
       securityContext:
         {{- include "liqo.podSecurityContext" . | nindent 8 }}
       containers:
-        - image: {{ .Values.proxy.imageName }}
+        - image: {{ .Values.proxy.imageName }}{{ include "liqo.suffix" $proxyConfig }}:{{ include "liqo.version" $proxyConfig }}
           imagePullPolicy: {{ .Values.pullPolicy }}
           name: {{ $proxyConfig.name }}
           securityContext:

diff --git a/deployments/liqo/values.yaml b/deployments/liqo/values.yaml
@@ -481,7 +481,7 @@ proxy:
       limits: {}
       requests: {}
   # -- Image repository for the proxy pod.
-  imageName: "envoyproxy/envoy:v1.21.0"
+  imageName: "ghcr.io/liqotech/proxy"
   service:
     type: "ClusterIP"
     annotations: {}