diff --git a/charts/account-operator/Chart.lock b/charts/account-operator/Chart.lock index 9f56e5ad2..fc1df8f17 100644 --- a/charts/account-operator/Chart.lock +++ b/charts/account-operator/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 0.1.9 - name: common repository: oci://ghcr.io/openmfp/helm-charts - version: 0.1.9 -digest: sha256:251b9de38323229efb7732e143e7c5208f0f897eb4baf02654660afb74ef1de4 -generated: "2024-12-10T13:41:52.731639377Z" + version: 0.2.4 +digest: sha256:f5517b37743d69737ac4f12297bf7762ed16402f3f4f83d055910d24555d48e5 +generated: "2024-12-23T15:27:50.327364112+02:00" diff --git a/charts/account-operator/Chart.yaml b/charts/account-operator/Chart.yaml index bf6b6e254..9bd9f4eb0 100644 --- a/charts/account-operator/Chart.yaml +++ b/charts/account-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: account-operator description: A Helm chart to deploy OpenMFP Account-Operator type: application -version: 0.5.26 +version: 0.5.27 appVersion: "0.124.0" dependencies: - name: account-operator-crds @@ -10,5 +10,5 @@ dependencies: condition: crds.enabled repository: oci://ghcr.io/openmfp/helm-charts - name: common - version: 0.1.9 + version: 0.2.4 repository: oci://ghcr.io/openmfp/helm-charts diff --git a/charts/account-operator/charts/common-0.1.9.tgz b/charts/account-operator/charts/common-0.1.9.tgz deleted file mode 100644 index c48f713f0..000000000 Binary files a/charts/account-operator/charts/common-0.1.9.tgz and /dev/null differ diff --git a/charts/account-operator/charts/common-0.2.4.tgz b/charts/account-operator/charts/common-0.2.4.tgz new file mode 100644 index 000000000..bf82fcd22 Binary files /dev/null and b/charts/account-operator/charts/common-0.2.4.tgz differ diff --git a/charts/account-operator/templates/deployment.yaml b/charts/account-operator/templates/deployment.yaml index c9876e6a7..597e1a014 100644 --- a/charts/account-operator/templates/deployment.yaml +++ b/charts/account-operator/templates/deployment.yaml @@ -27,7 +27,7 @@ spec: traffic.sidecar.istio.io/excludeInboundPorts: "9443" {{- end }} spec: - {{ include "common.container.securityContext" . | nindent 6 }} + {{- include "common.pod.securityContext" . | nindent 6 }} containers: - args: - operator @@ -36,15 +36,16 @@ spec: - '--health-probe-bind-address=:{{ include "common.getKeyValue" (dict "Values" .Values "key" "health.port") }}' image: {{ .Values.image.name }}:{{ .Chart.AppVersion }} name: manager + {{- include "common.container.securityContext" . | nindent 10 }} ports: - {{ include "common.PortsMetricsHealth" . | nindent 10 }} + {{- include "common.PortsMetricsHealth" . | nindent 10 -}} {{- if .Values.webhooks.enabled }} - name: webhook-port containerPort: 9443 protocol: TCP {{- end }} - {{ include "common.operatorHealthAndReadyness" . | nindent 10 }} - {{ include "common.resources" . | nindent 10 }} + {{- include "common.operatorHealthAndReadyness" . | nindent 10 -}} + {{- include "common.resources" . | nindent 10 }} env: - name: SUBROUTINES_NAMESPACE_ENABLED value: "{{ .Values.subroutines.namespace.enabled }}" @@ -99,6 +100,3 @@ spec: defaultMode: 420 secretName: {{ include "common.entity.name" . }}-webhook-server-cert {{- end }} - - - diff --git a/charts/account-operator/tests/__snapshot__/deployment_test.yaml.snap b/charts/account-operator/tests/__snapshot__/deployment_test.yaml.snap index 7826179cd..c53483500 100644 --- a/charts/account-operator/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/account-operator/tests/__snapshot__/deployment_test.yaml.snap @@ -353,6 +353,11 @@ operator match the snapshot: requests: cpu: 150m memory: 128Mi + securityContext: + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault startupProbe: failureThreshold: 30 httpGet: @@ -361,7 +366,6 @@ operator match the snapshot: periodSeconds: 10 volumeMounts: null securityContext: - readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -732,6 +736,11 @@ operator match the snapshot (with kubeconfigSecret): requests: cpu: 40m memory: 50Mi + securityContext: + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault startupProbe: failureThreshold: 30 httpGet: @@ -742,7 +751,6 @@ operator match the snapshot (with kubeconfigSecret): - mountPath: /api-kubeconfig name: external-api-server securityContext: - readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -1120,6 +1128,11 @@ operator match the snapshot with webhook enabled: requests: cpu: 150m memory: 128Mi + securityContext: + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault startupProbe: failureThreshold: 30 httpGet: @@ -1131,7 +1144,6 @@ operator match the snapshot with webhook enabled: name: cert readOnly: true securityContext: - readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault diff --git a/charts/account-operator/tests/deployment_test.yaml b/charts/account-operator/tests/deployment_test.yaml index 05d39253e..a1cae313f 100644 --- a/charts/account-operator/tests/deployment_test.yaml +++ b/charts/account-operator/tests/deployment_test.yaml @@ -57,7 +57,6 @@ tests: path: spec.template.spec.securityContext value: runAsNonRoot: true - readOnlyRootFilesystem: true seccompProfile: type: RuntimeDefault - equal: diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml index fc1a3f45b..2e81b0c60 100644 --- a/charts/common/Chart.yaml +++ b/charts/common/Chart.yaml @@ -4,4 +4,4 @@ description: A Helm chart containing reuse templates type: library -version: 0.2.4 +version: 0.2.5 diff --git a/charts/common/test-chart/Chart.yaml b/charts/common/test-chart/Chart.yaml index 9df319cc0..50cc8deb1 100644 --- a/charts/common/test-chart/Chart.yaml +++ b/charts/common/test-chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.2 +version: 0.1.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "1.16.0" dependencies: - name: common - version: 0.2.1 + version: 0.2.4 repository: file://.. diff --git a/charts/example-content/Chart.lock b/charts/example-content/Chart.lock index 0f9b158df..6b93cdb93 100644 --- a/charts/example-content/Chart.lock +++ b/charts/example-content/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://ghcr.io/openmfp/helm-charts - version: 0.1.9 -digest: sha256:6577fd73184b0969a73a585bf2f488c01d1433d706d7efc13320228988ce3ee4 -generated: "2024-12-10T13:42:01.113934126Z" + version: 0.2.4 +digest: sha256:e249f7620a7660782e24b70acbad92555e1ebb5b40695c8ae5d32e1bf1da710b +generated: "2024-12-23T15:27:57.140958797+02:00" diff --git a/charts/example-content/Chart.yaml b/charts/example-content/Chart.yaml index 66683332b..2e1b8d785 100644 --- a/charts/example-content/Chart.yaml +++ b/charts/example-content/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 appVersion: "0.130.0" description: Helm Chart for the openmfp Portal name: example-content -version: 0.111.2 +version: 0.111.3 dependencies: - name: common - version: 0.1.9 + version: 0.2.4 repository: oci://ghcr.io/openmfp/helm-charts diff --git a/charts/example-content/charts/common-0.1.9.tgz b/charts/example-content/charts/common-0.1.9.tgz deleted file mode 100644 index c48f713f0..000000000 Binary files a/charts/example-content/charts/common-0.1.9.tgz and /dev/null differ diff --git a/charts/example-content/charts/common-0.2.4.tgz b/charts/example-content/charts/common-0.2.4.tgz new file mode 100644 index 000000000..bf82fcd22 Binary files /dev/null and b/charts/example-content/charts/common-0.2.4.tgz differ diff --git a/charts/example-content/tests/__snapshot__/snapshot_test.yaml.snap b/charts/example-content/tests/__snapshot__/snapshot_test.yaml.snap index 5940392e7..d3a36823d 100644 --- a/charts/example-content/tests/__snapshot__/snapshot_test.yaml.snap +++ b/charts/example-content/tests/__snapshot__/snapshot_test.yaml.snap @@ -80,8 +80,7 @@ matches the snapshot: app: RELEASE-NAME-example-content spec: containers: - - automountServiceAccountToken: true - env: + - env: - name: PORT value: "8080" image: ghcr.io/openmfp/example-content:1.0.0 @@ -109,7 +108,6 @@ matches the snapshot: runAsNonRoot: true seccompProfile: type: RuntimeDefault - serviceAccountName: RELEASE-NAME volumeMounts: - mountPath: /var/cache/nginx name: tmp-volume diff --git a/charts/extension-manager-operator/Chart.lock b/charts/extension-manager-operator/Chart.lock index f54f2e329..69f969864 100644 --- a/charts/extension-manager-operator/Chart.lock +++ b/charts/extension-manager-operator/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 0.1.6 - name: common repository: oci://ghcr.io/openmfp/helm-charts - version: 0.1.9 -digest: sha256:51d71eee3c276b729ec8e5b47190cbff35795c873f20db80203f64a44c3c1d2c -generated: "2024-12-10T14:35:41.728181626Z" + version: 0.2.4 +digest: sha256:221ad9127f8b00ef4e4ed4c37f845ace3e45ba5c416c5b25b713987c8c0a8aa1 +generated: "2024-12-23T15:28:02.601836809+02:00" diff --git a/charts/extension-manager-operator/Chart.yaml b/charts/extension-manager-operator/Chart.yaml index ce091f0c3..2757e120f 100644 --- a/charts/extension-manager-operator/Chart.yaml +++ b/charts/extension-manager-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: extension-manager-operator description: A Helm chart for extension-manager-operator which manages resources like ContentConfigurations and exposes REST `/validate` endpoint type: application -version: 0.22.61 +version: 0.22.62 appVersion: "0.87.0" dependencies: - name: extension-manager-operator-crds @@ -10,5 +10,5 @@ dependencies: condition: crds.enabled repository: oci://ghcr.io/openmfp/helm-charts - name: common - version: 0.1.9 + version: 0.2.4 repository: oci://ghcr.io/openmfp/helm-charts diff --git a/charts/extension-manager-operator/charts/common-0.1.9.tgz b/charts/extension-manager-operator/charts/common-0.1.9.tgz deleted file mode 100644 index c48f713f0..000000000 Binary files a/charts/extension-manager-operator/charts/common-0.1.9.tgz and /dev/null differ diff --git a/charts/extension-manager-operator/charts/common-0.2.4.tgz b/charts/extension-manager-operator/charts/common-0.2.4.tgz new file mode 100644 index 000000000..bf82fcd22 Binary files /dev/null and b/charts/extension-manager-operator/charts/common-0.2.4.tgz differ diff --git a/charts/extension-manager-operator/tests/__snapshot__/deployment_test.yaml.snap b/charts/extension-manager-operator/tests/__snapshot__/deployment_test.yaml.snap index e579e0715..11172e7b9 100644 --- a/charts/extension-manager-operator/tests/__snapshot__/deployment_test.yaml.snap +++ b/charts/extension-manager-operator/tests/__snapshot__/deployment_test.yaml.snap @@ -81,7 +81,6 @@ operator match the snapshot: app: extension-manager-operator service: extension-manager-operator spec: - automountServiceAccountToken: true containers: - args: - operator @@ -128,7 +127,6 @@ operator match the snapshot: runAsNonRoot: true seccompProfile: type: RuntimeDefault - serviceAccountName: extension-manager-operator terminationGracePeriodSeconds: 10 4: | apiVersion: v1 diff --git a/charts/infra/Chart.lock b/charts/infra/Chart.lock index 25635ce92..391b9a071 100644 --- a/charts/infra/Chart.lock +++ b/charts/infra/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://ghcr.io/openmfp/helm-charts - version: 0.1.9 -digest: sha256:6577fd73184b0969a73a585bf2f488c01d1433d706d7efc13320228988ce3ee4 -generated: "2024-12-10T13:42:19.547888751Z" + version: 0.2.4 +digest: sha256:e249f7620a7660782e24b70acbad92555e1ebb5b40695c8ae5d32e1bf1da710b +generated: "2024-12-23T15:28:09.337735641+02:00" diff --git a/charts/infra/Chart.yaml b/charts/infra/Chart.yaml index 87301468d..3ac395e6b 100644 --- a/charts/infra/Chart.yaml +++ b/charts/infra/Chart.yaml @@ -2,10 +2,10 @@ apiVersion: v2 name: infra description: The infra openmfp chart configures a number of common infrastructure components for the OpenMFP platform. type: application -version: 0.60.2 +version: 0.60.3 appVersion: "0.0.0" dependencies: - name: common - version: 0.1.9 + version: 0.2.4 repository: oci://ghcr.io/openmfp/helm-charts diff --git a/charts/infra/charts/common-0.1.9.tgz b/charts/infra/charts/common-0.1.9.tgz deleted file mode 100644 index c48f713f0..000000000 Binary files a/charts/infra/charts/common-0.1.9.tgz and /dev/null differ diff --git a/charts/infra/charts/common-0.2.4.tgz b/charts/infra/charts/common-0.2.4.tgz new file mode 100644 index 000000000..bf82fcd22 Binary files /dev/null and b/charts/infra/charts/common-0.2.4.tgz differ