From 8507f6c0d44b9d98b57f3503bcf063440d33f331 Mon Sep 17 00:00:00 2001 From: Scott Cotton Date: Wed, 6 Mar 2024 17:20:58 +0100 Subject: [PATCH] changes for release v0.16.0 --- signadot/operator/Chart.yaml | 4 ++-- signadot/operator/templates/agent-deployment.yaml | 2 +- .../templates/io-context-server-deployment.yaml | 2 +- .../operator/templates/routeserver-deployment.yaml | 2 +- .../signadot-controller-manager-deployment.yaml | 12 ++++++------ ...kloads.signadot.com-customresourcedefinition.yaml | 3 --- ...dboxes.signadot.com-customresourcedefinition.yaml | 3 --- .../operator/templates/tunnel-api-clusterrole.yaml | 8 ++++++++ .../operator/templates/tunnel-api-deployment.yaml | 2 +- .../operator/templates/tunnel-proxy-deployment.yaml | 4 ++-- .../templates/tunnel-proxy-metrics-service.yaml | 3 ++- .../operator/templates/tunnel-proxy-service.yaml | 12 ++++++++---- 12 files changed, 32 insertions(+), 25 deletions(-) diff --git a/signadot/operator/Chart.yaml b/signadot/operator/Chart.yaml index cc3c133..29a75cb 100644 --- a/signadot/operator/Chart.yaml +++ b/signadot/operator/Chart.yaml @@ -6,10 +6,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "0.15.0" +version: "0.16.0" # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.15.0" +appVersion: "0.16.0" diff --git a/signadot/operator/templates/agent-deployment.yaml b/signadot/operator/templates/agent-deployment.yaml index d8525ca..9cac594 100644 --- a/signadot/operator/templates/agent-deployment.yaml +++ b/signadot/operator/templates/agent-deployment.yaml @@ -48,7 +48,7 @@ spec: secretKeyRef: key: token name: cluster-agent - image: {{ with .Values }}{{ with .agent }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/agent:v0.15.0{{- end }}{{- else -}}signadot/agent:v0.15.0{{- end }}{{- else -}}signadot/agent:v0.15.0{{- end }} + image: {{ with .Values }}{{ with .agent }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/agent:v0.16.0{{- end }}{{- else -}}signadot/agent:v0.16.0{{- end }}{{- else -}}signadot/agent:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .agent }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} livenessProbe: httpGet: diff --git a/signadot/operator/templates/io-context-server-deployment.yaml b/signadot/operator/templates/io-context-server-deployment.yaml index 951a038..6a16332 100644 --- a/signadot/operator/templates/io-context-server-deployment.yaml +++ b/signadot/operator/templates/io-context-server-deployment.yaml @@ -40,7 +40,7 @@ spec: - /app/io-context-server - -tls=secretns=signadot - -port=8443 - image: {{ with .Values }}{{ with .ioContextServer }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-context-server:v0.15.0{{- end }}{{- else -}}signadot/io-context-server:v0.15.0{{- end }}{{- else -}}signadot/io-context-server:v0.15.0{{- end }} + image: {{ with .Values }}{{ with .ioContextServer }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-context-server:v0.16.0{{- end }}{{- else -}}signadot/io-context-server:v0.16.0{{- end }}{{- else -}}signadot/io-context-server:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .ioContextServer }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} name: io-context-server ports: diff --git a/signadot/operator/templates/routeserver-deployment.yaml b/signadot/operator/templates/routeserver-deployment.yaml index 852c040..7272225 100644 --- a/signadot/operator/templates/routeserver-deployment.yaml +++ b/signadot/operator/templates/routeserver-deployment.yaml @@ -36,7 +36,7 @@ spec: {{- end }} spec: containers: - - image: {{ with .Values }}{{ with .routeServer }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-server:v0.15.0{{- end }}{{- else -}}signadot/route-server:v0.15.0{{- end }}{{- else -}}signadot/route-server:v0.15.0{{- end }} + - image: {{ with .Values }}{{ with .routeServer }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-server:v0.16.0{{- end }}{{- else -}}signadot/route-server:v0.16.0{{- end }}{{- else -}}signadot/route-server:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .routeServer }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} name: routeserver ports: diff --git a/signadot/operator/templates/signadot-controller-manager-deployment.yaml b/signadot/operator/templates/signadot-controller-manager-deployment.yaml index 3dbb32b..88f8504 100644 --- a/signadot/operator/templates/signadot-controller-manager-deployment.yaml +++ b/signadot/operator/templates/signadot-controller-manager-deployment.yaml @@ -67,18 +67,18 @@ spec: - name: ISTIO_ADDITIONAL_ANNOTATIONS value: {{ with .Values }}{{ with .istio }}{{ with .additionalAnnotations }}{{ mustToJson . | quote}}{{- else -}}""{{- end }}{{- else -}}""{{- end }}{{- else -}}""{{- end }} - name: SIDECAR_INIT_IMAGE - value: {{ with .Values }}{{ with .routeInit }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar-init:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar-init:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar-init:v0.15.0{{- end }} + value: {{ with .Values }}{{ with .routeInit }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar-init:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar-init:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar-init:v0.16.0{{- end }} - name: LEGACY_SIDECAR_INIT_IMAGE value: {{ with .Values }}{{ with .routeInit }}{{ with .legacy }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/sd-init-networking:latest{{- end }}{{- else -}}signadot/sd-init-networking:latest{{- end }}{{- else -}}signadot/sd-init-networking:latest{{- end }}{{- else -}}signadot/sd-init-networking:latest{{- end }} - name: ROUTE_SIDECAR_IMAGE - value: {{ with .Values }}{{ with .routeSidecar }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar:v0.15.0{{- end }} + value: {{ with .Values }}{{ with .routeSidecar }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar:v0.16.0{{- end }} - name: LEGACY_ROUTE_SIDECAR_IMAGE - value: {{ with .Values }}{{ with .routeSidecar }}{{ with .legacy }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar-legacy:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.15.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.15.0{{- end }} + value: {{ with .Values }}{{ with .routeSidecar }}{{ with .legacy }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/route-sidecar-legacy:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.16.0{{- end }}{{- else -}}signadot/route-sidecar-legacy:v0.16.0{{- end }} - name: IO_INIT_IMAGE - value: {{ with .Values }}{{ with .ioInit }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-init:v0.15.0{{- end }}{{- else -}}signadot/io-init:v0.15.0{{- end }}{{- else -}}signadot/io-init:v0.15.0{{- end }} + value: {{ with .Values }}{{ with .ioInit }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-init:v0.16.0{{- end }}{{- else -}}signadot/io-init:v0.16.0{{- end }}{{- else -}}signadot/io-init:v0.16.0{{- end }} - name: IO_SIDECAR_IMAGE - value: {{ with .Values }}{{ with .ioSidecar }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-sidecar:v0.15.0{{- end }}{{- else -}}signadot/io-sidecar:v0.15.0{{- end }}{{- else -}}signadot/io-sidecar:v0.15.0{{- end }} - image: {{ with .Values }}{{ with .operator }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/operator:v0.15.0{{- end }}{{- else -}}signadot/operator:v0.15.0{{- end }}{{- else -}}signadot/operator:v0.15.0{{- end }} + value: {{ with .Values }}{{ with .ioSidecar }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/io-sidecar:v0.16.0{{- end }}{{- else -}}signadot/io-sidecar:v0.16.0{{- end }}{{- else -}}signadot/io-sidecar:v0.16.0{{- end }} + image: {{ with .Values }}{{ with .operator }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/operator:v0.16.0{{- end }}{{- else -}}signadot/operator:v0.16.0{{- end }}{{- else -}}signadot/operator:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .operator }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} livenessProbe: httpGet: diff --git a/signadot/operator/templates/signadotexternalworkloads.signadot.com-customresourcedefinition.yaml b/signadot/operator/templates/signadotexternalworkloads.signadot.com-customresourcedefinition.yaml index 732f275..6a3e575 100644 --- a/signadot/operator/templates/signadotexternalworkloads.signadot.com-customresourcedefinition.yaml +++ b/signadot/operator/templates/signadotexternalworkloads.signadot.com-customresourcedefinition.yaml @@ -95,8 +95,6 @@ spec: - localAddress type: object type: array - required: - - baselineToLocals type: object workloadID: description: 'DEPRECATED: this field is no longer needed.' @@ -278,7 +276,6 @@ spec: - controlPort - tunnelProxyPodIP - tunnelProxyPodName - - workloadPorts type: object type: object type: object diff --git a/signadot/operator/templates/signadotsandboxes.signadot.com-customresourcedefinition.yaml b/signadot/operator/templates/signadotsandboxes.signadot.com-customresourcedefinition.yaml index ec21e83..80da809 100644 --- a/signadot/operator/templates/signadotsandboxes.signadot.com-customresourcedefinition.yaml +++ b/signadot/operator/templates/signadotsandboxes.signadot.com-customresourcedefinition.yaml @@ -238,8 +238,6 @@ spec: - localAddress type: object type: array - required: - - baselineToLocals type: object required: - baseline @@ -7256,7 +7254,6 @@ spec: - controlPort - tunnelProxyPodIP - tunnelProxyPodName - - workloadPorts type: object type: object required: diff --git a/signadot/operator/templates/tunnel-api-clusterrole.yaml b/signadot/operator/templates/tunnel-api-clusterrole.yaml index 351f232..f12b099 100644 --- a/signadot/operator/templates/tunnel-api-clusterrole.yaml +++ b/signadot/operator/templates/tunnel-api-clusterrole.yaml @@ -20,6 +20,14 @@ rules: - get - list - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch - apiGroups: - signadot.com resources: diff --git a/signadot/operator/templates/tunnel-api-deployment.yaml b/signadot/operator/templates/tunnel-api-deployment.yaml index eb4299b..8987ea4 100644 --- a/signadot/operator/templates/tunnel-api-deployment.yaml +++ b/signadot/operator/templates/tunnel-api-deployment.yaml @@ -45,7 +45,7 @@ spec: {{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }} {{ with .Values }}{{ with .tunnel }}{{ with .config }}{{ with .externalDNS }}{{ with .syncInterval }} - --external-dns-resync-interval={{ . }} {{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }}{{- else -}}{{- end }} - image: {{ with .Values }}{{ with .tunnel }}{{ with .api }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-api:v0.15.0{{- end }}{{- else -}}signadot/tunnel-api:v0.15.0{{- end }}{{- else -}}signadot/tunnel-api:v0.15.0{{- end }}{{- else -}}signadot/tunnel-api:v0.15.0{{- end }} + image: {{ with .Values }}{{ with .tunnel }}{{ with .api }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-api:v0.16.0{{- end }}{{- else -}}signadot/tunnel-api:v0.16.0{{- end }}{{- else -}}signadot/tunnel-api:v0.16.0{{- end }}{{- else -}}signadot/tunnel-api:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .tunnel }}{{ with .api }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} name: tunnel-api ports: diff --git a/signadot/operator/templates/tunnel-proxy-deployment.yaml b/signadot/operator/templates/tunnel-proxy-deployment.yaml index 646bc78..302fb32 100644 --- a/signadot/operator/templates/tunnel-proxy-deployment.yaml +++ b/signadot/operator/templates/tunnel-proxy-deployment.yaml @@ -60,7 +60,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - image: {{ with .Values }}{{ with .tunnel }}{{ with .proxy }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-proxy:v0.15.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.15.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.15.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.15.0{{- end }} + image: {{ with .Values }}{{ with .tunnel }}{{ with .proxy }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-proxy:v0.16.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.16.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.16.0{{- end }}{{- else -}}signadot/tunnel-proxy:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .tunnel }}{{ with .proxy }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }} name: tunnel-proxy ports: @@ -108,7 +108,7 @@ spec: value: "10000" - name: OUTBOUND_AUDITOR_PORT value: "10001" - image: {{ with .Values }}{{ with .tunnel }}{{ with .auditor }}{{ with .init }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-auditor-init:v0.15.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.15.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.15.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.15.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.15.0{{- end }} + image: {{ with .Values }}{{ with .tunnel }}{{ with .auditor }}{{ with .init }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/tunnel-auditor-init:v0.16.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.16.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.16.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.16.0{{- end }}{{- else -}}signadot/tunnel-auditor-init:v0.16.0{{- end }} imagePullPolicy: {{ with .Values }}{{ with .tunnel }}{{ with .auditor }}{{ with .init }}{{ with .imagePullPolicy }}{{ . }}{{- else -}}"IfNotPresent"{{- end }}{{- else -}}"IfNotPresent"{{- end }}{{- else -}}"IfNotPresent"{{- end }}{{- else -}}"IfNotPresent"{{- end }}{{- else -}}"IfNotPresent"{{- end }} name: auditor-init securityContext: diff --git a/signadot/operator/templates/tunnel-proxy-metrics-service.yaml b/signadot/operator/templates/tunnel-proxy-metrics-service.yaml index 25ff126..9c36f24 100644 --- a/signadot/operator/templates/tunnel-proxy-metrics-service.yaml +++ b/signadot/operator/templates/tunnel-proxy-metrics-service.yaml @@ -21,7 +21,8 @@ metadata: namespace: signadot spec: ports: - - name: metrics + - appProtocol: http + name: metrics port: 9090 protocol: TCP targetPort: 8001 diff --git a/signadot/operator/templates/tunnel-proxy-service.yaml b/signadot/operator/templates/tunnel-proxy-service.yaml index 1f668e4..cd52051 100644 --- a/signadot/operator/templates/tunnel-proxy-service.yaml +++ b/signadot/operator/templates/tunnel-proxy-service.yaml @@ -20,13 +20,17 @@ metadata: namespace: signadot spec: ports: - - name: als + - appProtocol: grpc + name: grpc-als port: 5000 - - name: socks5 + - appProtocol: tcp + name: tcp-socks5 port: 1080 - - name: revtun-ssh + - appProtocol: tcp + name: tcp-revtun-ssh port: 2222 - - name: revtun-xap + - appProtocol: tcp + name: tcp-revtun-xap port: 7777 selector: app: tunnel-proxy