From 79af377bc657ffae3c6c3b945b69245221eab6ad Mon Sep 17 00:00:00 2001 From: Marco Ebert Date: Fri, 2 Feb 2024 00:36:03 +0100 Subject: [PATCH] Chart: Sync from `main`. (#10958) --- charts/ingress-nginx/Chart.yaml | 7 +- charts/ingress-nginx/README.md | 12 ++-- .../changelog/helm-chart-4.9.0.md | 13 ++++ .../changelog/helm-chart-4.9.1.md | 10 +++ charts/ingress-nginx/values.yaml | 69 ++++++------------- 5 files changed, 53 insertions(+), 58 deletions(-) create mode 100644 charts/ingress-nginx/changelog/helm-chart-4.9.0.md create mode 100644 charts/ingress-nginx/changelog/helm-chart-4.9.1.md diff --git a/charts/ingress-nginx/Chart.yaml b/charts/ingress-nginx/Chart.yaml index 30ca8afaa..df4f6fe63 100644 --- a/charts/ingress-nginx/Chart.yaml +++ b/charts/ingress-nginx/Chart.yaml @@ -1,9 +1,10 @@ annotations: artifacthub.io/changes: |- - - "Update Ingress-Nginx version controller-v1.9.4" + - "update web hook cert gen to latest release v20231226-1a7112e06" + - "Update Ingress-Nginx version controller-v1.9.6" artifacthub.io/prerelease: "false" apiVersion: v2 -appVersion: 1.9.4 +appVersion: 1.9.6 description: Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer home: https://github.com/kubernetes/ingress-nginx @@ -19,4 +20,4 @@ maintainers: name: ingress-nginx sources: - https://github.com/kubernetes/ingress-nginx -version: 4.8.3 +version: 4.9.1 diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index e63b143b8..44bb10bd7 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -2,7 +2,7 @@ [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer -![Version: 4.8.3](https://img.shields.io/badge/Version-4.8.3-informational?style=flat-square) ![AppVersion: 1.9.4](https://img.shields.io/badge/AppVersion-1.9.4-informational?style=flat-square) +![Version: 4.9.1](https://img.shields.io/badge/Version-4.9.1-informational?style=flat-square) ![AppVersion: 1.9.6](https://img.shields.io/badge/AppVersion-1.9.6-informational?style=flat-square) To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. @@ -253,11 +253,11 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.admissionWebhooks.namespaceSelector | object | `{}` | | | controller.admissionWebhooks.objectSelector | object | `{}` | | | controller.admissionWebhooks.patch.enabled | bool | `true` | | -| controller.admissionWebhooks.patch.image.digest | string | `"sha256:a7943503b45d552785aa3b5e457f169a5661fb94d82b8a3373bcd9ebaf9aac80"` | | +| controller.admissionWebhooks.patch.image.digest | string | `"sha256:25d6a5f11211cc5c3f9f2bf552b585374af287b4debf693cacbe2da47daa5084"` | | | controller.admissionWebhooks.patch.image.image | string | `"ingress-nginx/kube-webhook-certgen"` | | | controller.admissionWebhooks.patch.image.pullPolicy | string | `"IfNotPresent"` | | | controller.admissionWebhooks.patch.image.registry | string | `"registry.k8s.io"` | | -| controller.admissionWebhooks.patch.image.tag | string | `"v20231011-8b53cabe0"` | | +| controller.admissionWebhooks.patch.image.tag | string | `"v20231226-1a7112e06"` | | | controller.admissionWebhooks.patch.labels | object | `{}` | Labels to be added to patch job resources | | controller.admissionWebhooks.patch.networkPolicy.enabled | bool | `false` | Enable 'networkPolicy' or not | | controller.admissionWebhooks.patch.nodeSelector."kubernetes.io/os" | string | `"linux"` | | @@ -317,8 +317,8 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.hostname | object | `{}` | Optionally customize the pod hostname. | | controller.image.allowPrivilegeEscalation | bool | `false` | | | controller.image.chroot | bool | `false` | | -| controller.image.digest | string | `"sha256:5b161f051d017e55d358435f295f5e9a297e66158f136321d9b04520ec6c48a3"` | | -| controller.image.digestChroot | string | `"sha256:5976b1067cfbca8a21d0ba53d71f83543a73316a61ea7f7e436d6cf84ddf9b26"` | | +| controller.image.digest | string | `"sha256:1405cc613bd95b2c6edd8b2a152510ae91c7e62aea4698500d23b2145960ab9c"` | | +| controller.image.digestChroot | string | `"sha256:7eb46ff733429e0e46892903c7394aff149ac6d284d92b3946f3baf7ff26a096"` | | | controller.image.image | string | `"ingress-nginx/controller"` | | | controller.image.pullPolicy | string | `"IfNotPresent"` | | | controller.image.readOnlyRootFilesystem | bool | `false` | | @@ -326,7 +326,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.image.runAsNonRoot | bool | `true` | | | controller.image.runAsUser | int | `101` | | | controller.image.seccompProfile.type | string | `"RuntimeDefault"` | | -| controller.image.tag | string | `"v1.9.4"` | | +| controller.image.tag | string | `"v1.9.6"` | | | controller.ingressClass | string | `"nginx"` | For backwards compatibility with ingress.class annotation, use ingressClass. Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation | | controller.ingressClassByName | bool | `false` | Process IngressClass per name (additionally as per spec.controller). | | controller.ingressClassResource.controllerValue | string | `"k8s.io/ingress-nginx"` | Controller-value of the controller that is processing this ingressClass | diff --git a/charts/ingress-nginx/changelog/helm-chart-4.9.0.md b/charts/ingress-nginx/changelog/helm-chart-4.9.0.md new file mode 100644 index 000000000..5c7729866 --- /dev/null +++ b/charts/ingress-nginx/changelog/helm-chart-4.9.0.md @@ -0,0 +1,13 @@ +# Changelog + +This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +### 4.9.0 + +* - "Add controller.metrics.serviceMonitor.annotations in Helm chart" +* - "fix(labels): use complete labels variable on default-backend deployment" +* - "chart: allow setting allocateLoadBalancerNodePorts (#10693)" +* - "[release-1.9] feat(helm): add documentation about metric args (#10695)" +* - "Update Ingress-Nginx version controller-v1.9.5" + +**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/helm-chart-4.8.3...helm-chart-4.9.0 diff --git a/charts/ingress-nginx/changelog/helm-chart-4.9.1.md b/charts/ingress-nginx/changelog/helm-chart-4.9.1.md new file mode 100644 index 000000000..c6120e736 --- /dev/null +++ b/charts/ingress-nginx/changelog/helm-chart-4.9.1.md @@ -0,0 +1,10 @@ +# Changelog + +This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +### 4.9.1 + +* - "update web hook cert gen to latest release v20231226-1a7112e06" +* - "Update Ingress-Nginx version controller-v1.9.6" + +**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/helm-chart-4.9.0...helm-chart-4.9.1 diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index 0ae2a1e7e..5e76d2fb4 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -9,7 +9,6 @@ # -- Override the deployment namespace; defaults to .Release.Namespace namespaceOverride: "" - ## Labels to apply to all resources ## commonLabels: {} @@ -27,9 +26,9 @@ controller: ## for backwards compatibility consider setting the full image url via the repository value below ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail ## repository: - tag: "v1.9.4" - digest: sha256:5b161f051d017e55d358435f295f5e9a297e66158f136321d9b04520ec6c48a3 - digestChroot: sha256:5976b1067cfbca8a21d0ba53d71f83543a73316a61ea7f7e436d6cf84ddf9b26 + tag: "v1.9.6" + digest: sha256:1405cc613bd95b2c6edd8b2a152510ae91c7e62aea4698500d23b2145960ab9c + digestChroot: sha256:7eb46ff733429e0e46892903c7394aff149ac6d284d92b3946f3baf7ff26a096 pullPolicy: IfNotPresent runAsNonRoot: true # www-data -> uid 101 @@ -140,7 +139,6 @@ controller: # "net.core.somaxconn": "8192" # -- Security context for controller containers containerSecurityContext: {} - # -- Allows customization of the source of the IP address or FQDN to report # in the ingress status field. By default, it reads the information provided # by the service. If disable, the status field reports the IP address of the @@ -444,33 +442,26 @@ controller: customTemplate: configMapName: "" configMapKey: "" - service: # -- Enable controller services or not. This does not influence the creation of either the admission webhook or the metrics service. enabled: true - external: # -- Enable the external controller service or not. Useful for internal-only deployments. enabled: true - # -- Annotations to be added to the external controller service. See `controller.service.internal.annotations` for annotations to be added to the internal controller service. annotations: {} # -- Labels to be added to both controller services. labels: {} - # -- Type of the external controller service. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: LoadBalancer - # -- Pre-defined cluster internal IP address of the external controller service. Take care of collisions with existing services. # This value is immutable. Set once, it can not be changed without deleting and re-creating the service. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address clusterIP: "" - # -- List of node IP addresses at which the external controller service is available. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips externalIPs: [] - # -- Deprecated: Pre-defined IP address of the external controller service. Used by cloud providers to connect the resulting load balancer service to a pre-existing static IP. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer loadBalancerIP: "" @@ -479,7 +470,6 @@ controller: # -- Load balancer class of the external controller service. Used by cloud providers to select a load balancer implementation other than the cloud provider default. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class loadBalancerClass: "" - # -- Enable node port allocation for the external controller service or not. Applies to type `LoadBalancer` only. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation # allocateLoadBalancerNodePorts: true @@ -487,11 +477,9 @@ controller: # -- External traffic policy of the external controller service. Set to "Local" to preserve source IP on providers supporting it. # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip externalTrafficPolicy: "" - # -- Session affinity of the external controller service. Must be either "None" or "ClientIP" if set. Defaults to "None". # Ref: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity sessionAffinity: "" - # -- Specifies the health check node port (numeric port number) for the external controller service. # If not specified, the service controller allocates a port from your cluster's node port range. # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip @@ -505,28 +493,23 @@ controller: # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services ipFamilies: - IPv4 - # -- Enable the HTTP listener on both controller services or not. enableHttp: true # -- Enable the HTTPS listener on both controller services or not. enableHttps: true - ports: # -- Port the external HTTP listener is published with. http: 80 # -- Port the external HTTPS listener is published with. https: 443 - targetPorts: # -- Port of the ingress controller the external HTTP listener is mapped to. http: http # -- Port of the ingress controller the external HTTPS listener is mapped to. https: https - # -- Declare the app protocol of the external HTTP and HTTPS listeners or not. Supersedes provider-specific annotations for declaring the backend protocol. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol appProtocol: true - nodePorts: # -- Node port allocated for the external HTTP listener. If left empty, the service controller allocates one from the configured node port range. http: "" @@ -542,29 +525,23 @@ controller: # udp: # 53: 30053 udp: {} - internal: # -- Enable the internal controller service or not. Remember to configure `controller.service.internal.annotations` when enabling this. enabled: false - # -- Annotations to be added to the internal controller service. Mandatory for the internal controller service to be created. Varies with the cloud service. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer annotations: {} - # -- Type of the internal controller service. # Defaults to the value of `controller.service.type`. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: "" - # -- Pre-defined cluster internal IP address of the internal controller service. Take care of collisions with existing services. # This value is immutable. Set once, it can not be changed without deleting and re-creating the service. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address clusterIP: "" - # -- List of node IP addresses at which the internal controller service is available. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips externalIPs: [] - # -- Deprecated: Pre-defined IP address of the internal controller service. Used by cloud providers to connect the resulting load balancer service to a pre-existing static IP. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer loadBalancerIP: "" @@ -573,7 +550,6 @@ controller: # -- Load balancer class of the internal controller service. Used by cloud providers to select a load balancer implementation other than the cloud provider default. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class loadBalancerClass: "" - # -- Enable node port allocation for the internal controller service or not. Applies to type `LoadBalancer` only. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation # allocateLoadBalancerNodePorts: true @@ -581,11 +557,9 @@ controller: # -- External traffic policy of the internal controller service. Set to "Local" to preserve source IP on providers supporting it. # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip externalTrafficPolicy: "" - # -- Session affinity of the internal controller service. Must be either "None" or "ClientIP" if set. Defaults to "None". # Ref: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity sessionAffinity: "" - # -- Specifies the health check node port (numeric port number) for the internal controller service. # If not specified, the service controller allocates a port from your cluster's node port range. # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip @@ -599,27 +573,25 @@ controller: # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services ipFamilies: - IPv4 - ports: {} - # -- Port the internal HTTP listener is published with. - # Defaults to the value of `controller.service.ports.http`. - # http: 80 - # -- Port the internal HTTPS listener is published with. - # Defaults to the value of `controller.service.ports.https`. - # https: 443 + # -- Port the internal HTTP listener is published with. + # Defaults to the value of `controller.service.ports.http`. + # http: 80 + # -- Port the internal HTTPS listener is published with. + # Defaults to the value of `controller.service.ports.https`. + # https: 443 targetPorts: {} - # -- Port of the ingress controller the internal HTTP listener is mapped to. - # Defaults to the value of `controller.service.targetPorts.http`. - # http: http - # -- Port of the ingress controller the internal HTTPS listener is mapped to. - # Defaults to the value of `controller.service.targetPorts.https`. - # https: https + # -- Port of the ingress controller the internal HTTP listener is mapped to. + # Defaults to the value of `controller.service.targetPorts.http`. + # http: http + # -- Port of the ingress controller the internal HTTPS listener is mapped to. + # Defaults to the value of `controller.service.targetPorts.https`. + # https: https # -- Declare the app protocol of the internal HTTP and HTTPS listeners or not. Supersedes provider-specific annotations for declaring the backend protocol. # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol appProtocol: true - nodePorts: # -- Node port allocated for the internal HTTP listener. If left empty, the service controller allocates one from the configured node port range. http: "" @@ -635,7 +607,6 @@ controller: # udp: # 53: 30053 udp: {} - # shareProcessNamespace enables process namespace sharing within the pod. # This can be used for example to signal log rotation using `kill -USR1` from a sidecar. shareProcessNamespace: false @@ -728,7 +699,7 @@ controller: type: RuntimeDefault capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true resources: {} admissionWebhooks: @@ -779,7 +750,7 @@ controller: type: RuntimeDefault capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true resources: {} # limits: @@ -799,7 +770,7 @@ controller: type: RuntimeDefault capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true resources: {} patch: @@ -810,8 +781,8 @@ controller: ## for backwards compatibility consider setting the full image url via the repository value below ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail ## repository: - tag: v20231011-8b53cabe0 - digest: sha256:a7943503b45d552785aa3b5e457f169a5661fb94d82b8a3373bcd9ebaf9aac80 + tag: v20231226-1a7112e06 + digest: sha256:25d6a5f11211cc5c3f9f2bf552b585374af287b4debf693cacbe2da47daa5084 pullPolicy: IfNotPresent # -- Provide a priority class name to the webhook patching job ##