DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6400 commits 4 branches 217 tags 166 MiB
Commit graph

35 commits

Author SHA1 Message Date
dylan-bitovi
4ecb3520c8
Add fsGroup value to admission-webhooks/job-patch charts (#8267) 
* added fsGroup to admission createSecret and patchWebhook job

* added fsGroup to admission createSecret and patchWebhook job

* modified helm/README.md to add value for fsGroup

* fixed patch job values ordering

* remove manually edited README for replacement with helm-docs generated version

* re-adding charts/README.md generated by helm-docs
 2022-02-28 07:10:57 -08:00
Alex Sears
84db822a94
Add newline indenting to admission webhook annotations (#8015) 
Signed-off-by: Alex Sears <me@alexsears.com>
 2021-12-07 11:26:37 -08:00
Alex Co
ea1099abc9
allow set annotations for admission Jobs (#7979) 
* allow set annotations for admission Jobs

Signed-off-by: Alex Co <tuanclq@gmail.com>

* Bump chart version & update CHANGELOG

Signed-off-by: Alex Co <tuanclq@gmail.com>

* Bump chart version again

Signed-off-by: Alex Co <tuanclq@gmail.com>

* Add example

Signed-off-by: Alex Co <tuanclq@gmail.com>
 2021-11-29 03:33:22 -08:00
Steve Griffith
e57d2f63fa
applied allowPrivilegeEscalation=false (#7948) 2021-11-20 12:52:59 -08:00
Muhammad Hamza Zaib
30c0d2260d
[Helm] Add labels to resources (#6992) 
* Add labels to RBAC resources

* Add labels to all resources

* Fix labels indentaton in patch jobs

* Add controller and default backend labels to pods

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>

* Bump chart version and update changelog

Signed-off-by: Muhammad Hamza Zaib <hamzazaib3202@gmail.com>
 2021-11-19 06:52:52 -08:00
Ricardo Katz
90c79689c4
Release v1 (#7470) 
* Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix intorstr logic in controller

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* fixing admission

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* more intorstr fixing

* correct template rendering

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix e2e tests for v1 api

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix gofmt errors

* This is finally working...almost there...

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Re-add removed validation of AdmissionReview

* Prepare for v1.0.0-alpha.1 release

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Update changelog and matrix table for v1.0.0-alpha.1 (#7274)

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* add docs for syslog feature (#7219)

* Fix link to e2e-tests.md in developer-guide (#7201)

* Use ENV expansion for namespace in args (#7146)

Update the DaemonSet namespace references to use the `POD_NAMESPACE` environment variable in the same way that the Deployment does.

* chart: using Helm builtin capabilities check (#7190)

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

* Update proper default value for HTTP2MaxConcurrentStreams in Docs (#6944)

It should be 128 as documented in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/config/config.go#L780

* Fix MaxWorkerOpenFiles calculation on high cores nodes (#7107)

* Fix MaxWorkerOpenFiles calculation on high cores nodes

* Add e2e test for rlimit_nofile

* Fix doc for max-worker-open-files

* ingress/tcp: add additional error logging on failed (#7208)

* Add file containing stable release (#7313)

* Handle named (non-numeric) ports correctly (#7311)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Updated v1beta1 to v1 as its deprecated (#7308)

* remove mercurial from build (#7031)

* Retry to download maxmind DB if it fails (#7242)

* Retry to download maxmind DB if it fails.

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Add retries count arg, move retry logic into DownloadGeoLite2DB function

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Reorder parameters in DownloadGeoLite2DB

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Remove hardcoded value

Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>

* Release v1.0.0-alpha.1

* Add changelog for v1.0.0-alpha.2

* controller: ignore non-service backends (#7332)

* controller: ignore non-service backends

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* update per feedback

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* fix: allow scope/tcp/udp configmap namespace to altered (#7161)

* Lower webhook timeout for digital ocean (#7319)

* Lower webhook timeout for digital ocean

* Set Digital Ocean value controller.admissionWebhooks.timeoutSeconds to 29

* update OWNERS and aliases files (#7365) (#7366)

Signed-off-by: Carlos Panato <ctadeu@gmail.com>

* Downgrade Lua modules for s390x (#7355)

Downgrade Lua modules to last known working version.

* Fix IngressClass logic for newer releases (#7341)

* Fix IngressClass logic for newer releases

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Change e2e tests for the new IngressClass presence

* Fix chart and admission tests

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix helm chart test

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Fix reviews

* Remove ingressclass code from admission

* update tag to v1.0.0-beta.1

* update readme and changelog for v1.0.0-beta.1

* Release v1.0.0-beta.1 - helm and manifests (#7422)

* Change the order of annotation just to trigger a new helm release (#7425)

* [cherry-pick] Add dev-v1 branch into helm releaser (#7428)

* Add dev-v1 branch into helm releaser (#7424)

* chore: add link for artifacthub.io/prerelease annotations

Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>

* k8s job ci pipeline for dev-v1 br v1.22.0 (#7453)

* k8s job ci pipeline for dev-v1 br v1.22.0

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* k8s job ci pipeline for dev-v1 br v1.21.2

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* remove v1.21.1 version

Signed-off-by: Neha Lohia <nehapithadiya444@gmail.com>

* Add controller.watchIngressWithoutClass config option (#7459)

Signed-off-by: Akshit Grover <akshit.grover2016@gmail.com>

* Release new helm chart with certgen fixed (#7478)

* Update go version, modules and remove ioutil

* Release new helm chart with certgen fixed

* changed appversion, chartversion, TAG, image (#7490)

* Fix CI conflict

* Fix CI conflict

* Fix build.sh from rebase process

* Fix controller_test post rebase

Co-authored-by: Tianhao Guo <rggth09@gmail.com>
Co-authored-by: Ray <61553+rctay@users.noreply.github.com>
Co-authored-by: Bill Cassidy <cassid4@gmail.com>
Co-authored-by: Jintao Zhang <tao12345666333@163.com>
Co-authored-by: Sathish Ramani <rsathishx87@gmail.com>
Co-authored-by: Mansur Marvanov <nanorobocop@gmail.com>
Co-authored-by: Matt1360 <568198+Matt1360@users.noreply.github.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>
Co-authored-by: Kundan Kumar <kundan.kumar@india.nec.com>
Co-authored-by: Tom Hayward <thayward@infoblox.com>
Co-authored-by: Sergey Shakuto <sshakuto@infoblox.com>
Co-authored-by: Tore <tore.lonoy@gmail.com>
Co-authored-by: Bouke Versteegh <info@boukeversteegh.nl>
Co-authored-by: Shahid <shahid@us.ibm.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Long Wu Yuan <longwuyuan@gmail.com>
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
Co-authored-by: Neha Lohia <nehapithadiya444@gmail.com>
Co-authored-by: Akshit Grover <akshit.grover2016@gmail.com>
 2021-08-21 13:42:00 -07:00
Bhumij Gupta
6f0401fc73
Helm - Enable configuring request and limit for containers in webhook jobs (#7434) 
* helm: add feature to configure request and limit for container in createSecret and patchWebhook job

Signed-off-by: Bhumij Gupta <bhumijgupta@gmail.com>

* Remove empty line in helm template

Signed-off-by: Bhumij Gupta <bhumijgupta@gmail.com>

* Add test for admission webhook job container resources

Signed-off-by: Bhumij Gupta <bhumijgupta@gmail.com>

* Add new line character at the end of charts ci file

Signed-off-by: Bhumij Gupta <bhumijgupta@gmail.com>
 2021-08-05 15:31:41 -07:00
Long
2a190d2657
added namespace field in the namespace scoped resource templates of helm chart (#7256) 
* added namespace field in the namespace scoped resource templates of helm chart

* moved namespace field from roleRef to metadata
 2021-06-21 04:56:51 -07:00
Zach Rhoads
f6dbd93865
updated values.yaml and templates to have separate values for registry and image with container images, left repository value for backwards compatability (#7095) 2021-05-23 09:07:38 -07:00
Eric Bailey
63e35ac32b Support existing PSPs in Helm chart 2021-04-07 13:04:02 -05:00
Manuel Alejandro de Brito Fontes
175f97dce5 Allow use of numeric namespaces in helm chart 2021-01-28 09:29:53 -03:00
Mark Pundsack
c64c691335 Alternate to respecting setting admissionWebhooks.failurePolicy in values.yaml 2020-11-04 21:18:30 -06:00
Manuel Alejandro de Brito Fontes
703c2d6f8e Enable validation of ingress definitions from extensions package 2020-10-26 10:50:44 -03:00
Kewei Ma
c8294eaf4e Allow Helm Chart to customize admission webhook's annotations, timeoutSeconds, namespaceSelector, objectSelector and cert files locations 2020-10-08 14:37:15 -05:00
Manuel Alejandro de Brito Fontes
4632497a95 Update helm chart 2020-10-02 15:30:09 -03:00
Manuel Alejandro de Brito Fontes
7722fa38aa Add admission controller e2e test 2020-09-26 16:06:58 -03:00
Manuel Alejandro de Brito Fontes
370bc45ef6 Fix helm chart admissionReviewVersions regression 2020-09-16 10:14:06 -03:00
Manuel Alejandro de Brito Fontes
27598b5f90 Update chart requirements 2020-09-15 14:50:32 -03:00
Philipp Strube
59b16c4e92 Use Env expansion for namespace in args 
When deploying the controller to a custom namespace, users have to
overwrite the namespace attribute as well as the hardcoded namespace
values in a number of args for the Deployment and the admission
controller Jobs.

Instead, this commit, uses the namespace name from the DownwardAPI,
and allows users to simply change the namespace attribute without
having to worry about the container args.
 2020-07-29 11:44:08 +02:00
Manuel Alejandro de Brito Fontes
6c73d66ae6 Update helm chart for v0.34.0 2020-07-10 08:57:40 -04:00
Manuel Alejandro de Brito Fontes
a57d912ea4
Use admissionregistration.k8s.io/v1beta1 to be k8s < 1.16 compatible 2020-06-24 10:03:10 -04:00
Tobias Wolf
be5c29daef Update ValidatingWebhook for Ingress to support --dry-run=server 2020-06-21 10:11:00 +02:00
Graham McGregor
2205edb16b Allow pulling images by digest 
The digest uniquely identifies a specific version of the image, so it is
never updated by Kubernetes unless you change the digest value. This is
desirable for security to gain confidence that no unvetted changes are
pulled to a deployment.
 2020-05-20 12:05:43 -04:00
Tuan Anh Nguyen
e6d570d30b add toleration support for admission webhooks 
Update charts/ingress-nginx/Chart.yaml

Co-authored-by: Alex Harder <13860012+ChiefAlexander@users.noreply.github.com>
 2020-05-20 09:26:59 +07:00
Kubernetes Prow Robot
4b62da824e
Merge pull request #5494 from janosi/wh_runasuser 
Add configuration option for the runAsUser parameter of the webhook patch job
 2020-05-04 13:04:26 -07:00
Kubernetes Prow Robot
45698ca4e6
Merge pull request #5504 from janosi/wh_imagepullsecret 
Add configuration option for the imagePullSecrets in the webhook jobs
 2020-05-04 12:34:28 -07:00
Laszlo Janosi
5148443ca7 Move webhook runAsUser from patch.image.runAsUser to patch.runAsUser 2020-05-04 17:50:00 +00:00
John Reese
c6b053d922
Update job-patchWebhook.yaml 
Referencing `deploy.yaml` results in a `null` value for the `imagePullPolicy`. Looks like the pull policy value is set under image!
 2020-05-04 13:48:05 -04:00
Laszlo Janosi
50896901b0 Add configuration option for the imagePullSecrets in the WH jobs 2020-05-04 17:46:27 +00:00
Laszlo Janosi
82588a33a7 Add configuration option for the runAsUser parameter of the webhook patch job 2020-05-03 17:08:42 +00:00
Naseem
5ae314bd64
Hardcode component names. 
By removing this, we reduce unecessary config options and moving parts.

Signed-off-by: Naseem <naseem@transit.app>
 2020-03-10 09:36:26 -04:00
ChiefAlexander
388a499533
Cleanup chart code 2020-03-03 09:20:45 -06:00
ChiefAlexander
710f1f2601
Update helm templates to match new chart name 2020-02-28 08:53:24 -06:00
Naseem
003039f23c
Use recommended labels and label helpers 
Signed-off-by: Naseem <naseem@transit.app>
 2020-02-27 22:35:34 -05:00
Manuel Alejandro de Brito Fontes
624cb5f048
Start migration of helm chart (#5159) 2020-02-24 16:25:57 -03:00