Skip to content

Commit

Permalink
Merge pull request #57 from signadot/release-v0.14.0
Browse files Browse the repository at this point in the history 
Release v0.14.0
  • Loading branch information
@daniel-de-vera
daniel-de-vera authored Oct 12, 2023
2 parents 6fd623a + 266c3a3 commit ae3344a
Show file tree
Hide file tree
Showing 18 changed files with 1,049 additions and 76 deletions.
4 changes: 2 additions & 2 deletions signadot/operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: "0.13.3"
version: "0.14.0"

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.13.3"
appVersion: "0.14.0"
77 changes: 44 additions & 33 deletions signadot/operator/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,41 +77,43 @@ their name. Additionally, the `execpod-` images are for compatibility with old
style resources and are not needed in an installation which uses the new
[resource plugins](https://www.signadot.com/docs/resourceplugins).

| Name | Description | Default |
| ------------------------------------- | ------------------------------------------------------- | -------------- |
| `operator.image` | Operator image override | `signadot/operator:vX.Y.Z` |
| `operator.imagePullPolicy` | Operator image pull policy | `IfNotPresent` |
| `agent.image` | Agent image override | `signadot/agent:vX.Y.Z` |
| `agent.imagePullPolicy` | Agent image pull policy | `IfNotPresent` |
| `routeServer.image` | Route Server image override | `signadot/route-server:vX.Y.Z` |
| `routeServer.imagePullPolicy` | Route Server image pull policy | `IfNotPresent` |
| `ioContextServer.image` | IO Context Server image override | `signadot/io-context-server:vX.Y.Z` |
| `ioContextServer.imagePullPolicy` | IO Context Server image pull policy | `IfNotPresent` |
| `kubeRBACProxy.image` | Kube-rbac-proxy image override | `""` |
| `kubeRBACProxy.imagePullPolicy` | Kube-rbac-proxy image pull policy | `IfNotPresent` |
| `routeInit.image` | Route Init container image override | `signadot/route-sidecar-init:vX.Y.Z` |
| `routeInit.legacy.image` | Route Init container image override (legacy version) | `signadot/sd-init-networking:latest` |
| `routeInit.imagePullPolicy` | Route Init container image pull policy | `IfNotPresent` |
| `routeInit.imagePullSecret` | Route Init container image pull secret | `""` |
| `routeSidecar.image` | Route Sidecar container image override | `signadot/route-sidecar:vX.Y.Z` |
| `routeSidecar.legacy.image` | Route Sidecar container image override (legacy version) | `signadot/route-sidecar-legacy:vX.Y.Z` |
| `routeSidecar.imagePullPolicy` | Route Sidecar container image pull policy | `IfNotPresent` |
| `routeSidecar.imagePullSecret` | Route Sidecar container image pull secret | `""` |
| `ioInit.image` | IO Init container image override | `signadot/io-init:vX.Y.Z` |
| `ioInit.imagePullPolicy` | IO Init container image pull policy | `IfNotPresent` |
| `ioInit.imagePullSecret` | IO Init container image pull secret | `""` |
| Name | Description | Default |
| ------------------------------------- | ------------------------------------------------------- | -------------------------------------- |
| `operator.image` | Operator image override | `signadot/operator:vX.Y.Z` |
| `operator.imagePullPolicy` | Operator image pull policy | `IfNotPresent` |
| `agent.image` | Agent image override | `signadot/agent:vX.Y.Z` |
| `agent.imagePullPolicy` | Agent image pull policy | `IfNotPresent` |
| `routeServer.image` | Route Server image override | `signadot/route-server:vX.Y.Z` |
| `routeServer.imagePullPolicy` | Route Server image pull policy | `IfNotPresent` |
| `ioContextServer.image` | IO Context Server image override | `signadot/io-context-server:vX.Y.Z` |
| `ioContextServer.imagePullPolicy` | IO Context Server image pull policy | `IfNotPresent` |
| `kubeRBACProxy.image` | Kube-rbac-proxy image override | `""` |
| `kubeRBACProxy.imagePullPolicy` | Kube-rbac-proxy image pull policy | `IfNotPresent` |
| `routeInit.image` | Route Init container image override | `signadot/route-sidecar-init:vX.Y.Z` |
| `routeInit.legacy.image` | Route Init container image override (legacy version) | `signadot/sd-init-networking:latest` |
| `routeInit.imagePullPolicy` | Route Init container image pull policy | `IfNotPresent` |
| `routeInit.imagePullSecret` | Route Init container image pull secret | `""` |
| `routeSidecar.image` | Route Sidecar container image override | `signadot/route-sidecar:vX.Y.Z` |
| `routeSidecar.legacy.image` | Route Sidecar container image override (legacy version) | `signadot/route-sidecar-legacy:vX.Y.Z` |
| `routeSidecar.imagePullPolicy` | Route Sidecar container image pull policy | `IfNotPresent` |
| `routeSidecar.imagePullSecret` | Route Sidecar container image pull secret | `""` |
| `ioInit.image` | IO Init container image override | `signadot/io-init:vX.Y.Z` |
| `ioInit.imagePullPolicy` | IO Init container image pull policy | `IfNotPresent` |
| `ioInit.imagePullSecret` | IO Init container image pull secret | `""` |
| `ioSidecar.image` | IO Sidecar container image override | `signadot/io-sidecar:vX.Y.Z` |
| `ioSidecar.imagePullPolicy` | IO Sidecar container image pull policy | `IfNotPresent` |
| `ioSidecar.imagePullSecret` | IO Sidecar container image pull secret | `""` |
| `execpodSidecar.image` | ExecPod Sidecar container image override | `signadot/execpod-sidecar:vX.Y.Z` |
| `execpodSidecar.imagePullPolicy` | ExecPod Sidecar container image pull policy | `IfNotPresent` |
| `execpodSidecar.imagePullSecret` | ExecPod Sidecar container image pull secret | `""` |
| `ioSidecar.imagePullPolicy` | IO Sidecar container image pull policy | `IfNotPresent` |
| `ioSidecar.imagePullSecret` | IO Sidecar container image pull secret | `""` |
| `execpodSidecar.image` | ExecPod Sidecar container image override | `signadot/execpod-sidecar:vX.Y.Z` |
| `execpodSidecar.imagePullPolicy` | ExecPod Sidecar container image pull policy | `IfNotPresent` |
| `execpodSidecar.imagePullSecret` | ExecPod Sidecar container image pull secret | `""` |
| `tunnel.api.image` | Tunnel API image override | `signadot/tunnel-api:vX.Y.Z` |
| `tunnel.api.imagePullPolicy` | Tunnel API image pull policy | `IfNotPresent` |
| `tunnel.proxy.image` | Tunnel Proxy image override | `signadot/tunnel-proxy:vX.Y.Z` |
| `tunnel.proxy.imagePullPolicy` | Tunnel Proxy image pull policy | `IfNotPresent` |
| `tunnel.auditor.init.image` | Tunnel Auditor init image override | `signadot/tunnel-auditor-init:vX.Y.Z` |
| `tunnel.auditor.init.imagePullPolicy` | Tunnel Auditor init image pull policy | `IfNotPresent` |
| `tunnel.api.imagePullPolicy` | Tunnel API image pull policy | `IfNotPresent` |
| `tunnel.proxy.image` | Tunnel Proxy image override | `signadot/tunnel-proxy:vX.Y.Z` |
| `tunnel.proxy.imagePullPolicy` | Tunnel Proxy image pull policy | `IfNotPresent` |
| `tunnel.auditor.image` | Tunnel Auditor image override | `envoyproxy/envoy:v1.26.1` |
| `tunnel.auditor.imagePullPolicy` | Tunnel Auditor image pull policy | `IfNotPresent` |
| `tunnel.auditor.init.image` | Tunnel Auditor init image override | `signadot/tunnel-auditor-init:vX.Y.Z` |
| `tunnel.auditor.init.imagePullPolicy` | Tunnel Auditor init image pull policy | `IfNotPresent` |

### Tunnel parameters

Expand All @@ -132,3 +134,12 @@ style resources and are not needed in an installation which uses the new
| `tunnel.auditor.inboundRulesLuaScript` | All inbound traffic (from cluster to workstation) will pass thru this script (if defined) in the Envoy auditor, check [HTTP Lua filter](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#stream-handle-api) documentation for details | `""` |
| `tunnel.auditor.outboundRulesLuaScript` | All outbound traffic (from workstation to cluster) will pass thru this script (if defined) in the Envoy auditor, check [HTTP Lua filter](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#stream-handle-api) documentation for details | `""` |
| | | |
### Istio Parameters

When Istio is enabled (`istio.enabled: true`), the Signadot Operator manipulates Istio VirtualServices by applying new HTTPRoutes where appropriate to direct traffic to sandboxed workloads. You can configure the operator to add labels and annotations to these objects when they are in use by the operator. Note that these labels and annotations are only added when the object comes into use. This can be useful for temporarily disabling CI sync, amongst other possibilities.

| Name | Description | Default |
| ----------------------------- | --------------------------------------------------------- | ------- |
| `istio.enabled` | Enable Istio integration | `false` |
| `istio.additionalAnnotations` | Annotations to add to istio VirtualServices if not present | `{}` |
| `istio.additionalLabels` | Labels to add to istio VirtualServices if not present | `{}` |
2 changes: 1 addition & 1 deletion signadot/operator/templates/agent-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ spec:
secretKeyRef:
key: token
name: cluster-agent
image: {{ with .Values }}{{ with .agent }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/agent:v0.13.3{{- end }}{{- else -}}signadot/agent:v0.13.3{{- end }}{{- else -}}signadot/agent:v0.13.3{{- end }}
image: {{ with .Values }}{{ with .agent }}{{ with .image }}{{ . | quote}}{{- else -}}signadot/agent:v0.14.0{{- end }}{{- else -}}signadot/agent:v0.14.0{{- end }}{{- else -}}signadot/agent:v0.14.0{{- end }}
imagePullPolicy: {{ with .Values }}{{ with .agent }}{{ with .imagePullPolicy }}{{ . | quote}}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}{{- else -}}IfNotPresent{{- end }}
livenessProbe:
httpGet:
Expand Down
Loading

0 comments on commit ae3344a

Please sign in to comment.