diff --git a/CHANGELOG.md b/CHANGELOG.md index 46c2431..b891e27 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,18 +1,24 @@ ## Unreleased +## 0.20.0 (May 16th, 2022) + CHANGES: * `global.enabled` now works as documented, that is, setting `global.enabled` to false will disable everything, with individual components able to be turned on individually [GH-703](https://github.com/hashicorp/vault-helm/pull/703) * Default value of `-` used for injector and server to indicate that they follow `global.enabled`. [GH-703](https://github.com/hashicorp/vault-helm/pull/703) -* Vault default image to 1.9.3 +* Vault default image to 1.10.3 * CSI provider default image to 1.1.0 +* Vault K8s default image to 0.16.0 * Earliest Kubernetes version tested is now 1.16 * Support topologySpreadConstraints in server and injector. [GH-652](https://github.com/hashicorp/vault-helm/pull/652) +* Maintain default MutatingWebhookConfiguration values from `v1beta1` [GH-692](https://github.com/hashicorp/vault-helm/pull/692) Improvements: * CSI: Set `extraLabels` for daemonset, pods, and service account [GH-690](https://github.com/hashicorp/vault-helm/pull/690) * Add namespace to injector-leader-elector role, rolebinding and secret [GH-683](https://github.com/hashicorp/vault-helm/pull/683) * Support policy/v1 PodDisruptionBudget in Kubernetes 1.21+ for server and injector [GH-710](https://github.com/hashicorp/vault-helm/pull/710) * Make the Cluster Address (CLUSTER_ADDR) configurable [GH-629](https://github.com/hashicorp/vault-helm/pull/709) +* server: Make `publishNotReadyAddresses` configurable for services [GH-694](https://github.com/hashicorp/vault-helm/pull/694) +* server: Allow config to be defined as a YAML object in the values file [GH-684](https://github.com/hashicorp/vault-helm/pull/684) ## 0.19.0 (January 20th, 2022) diff --git a/Chart.yaml b/Chart.yaml index 34fdd4d..fc5527d 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: vault -version: 0.19.0 -appVersion: 1.9.3 +version: 0.20.0 +appVersion: 1.10.3 kubeVersion: ">= 1.16.0-0" description: Official HashiCorp Vault Chart home: https://www.vaultproject.io diff --git a/test/acceptance/csi.bats b/test/acceptance/csi.bats index c7c6549..bf6f85b 100644 --- a/test/acceptance/csi.bats +++ b/test/acceptance/csi.bats @@ -18,7 +18,8 @@ check_skip_csi() { # Install Secrets Store CSI driver CSI_DRIVER_VERSION=1.0.0 - helm install secrets-store-csi-driver https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts/secrets-store-csi-driver-${CSI_DRIVER_VERSION}.tgz?raw=true \ + helm install secrets-store-csi-driver secrets-store-csi-driver --repo https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts \ + --version="${CSI_DRIVER_VERSION}" --wait --timeout=5m \ --namespace=acceptance \ --set linux.image.pullPolicy="IfNotPresent" \ diff --git a/test/acceptance/server-ha-enterprise-dr.bats b/test/acceptance/server-ha-enterprise-dr.bats index 05873fe..5cc1a9b 100644 --- a/test/acceptance/server-ha-enterprise-dr.bats +++ b/test/acceptance/server-ha-enterprise-dr.bats @@ -7,7 +7,7 @@ load _helpers helm install "$(name_prefix)-east" \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.9.3-ent' \ + --set='server.image.tag=1.10.3-ent' \ --set='injector.enabled=false' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' \ @@ -75,7 +75,7 @@ load _helpers helm install "$(name_prefix)-west" \ --set='injector.enabled=false' \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.9.3-ent' \ + --set='server.image.tag=1.10.3-ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' \ --set='server.enterpriseLicense.secretName=vault-license' . diff --git a/test/acceptance/server-ha-enterprise-perf.bats b/test/acceptance/server-ha-enterprise-perf.bats index c7821cf..6deec78 100644 --- a/test/acceptance/server-ha-enterprise-perf.bats +++ b/test/acceptance/server-ha-enterprise-perf.bats @@ -8,7 +8,7 @@ load _helpers helm install "$(name_prefix)-east" \ --set='injector.enabled=false' \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.9.3-ent' \ + --set='server.image.tag=1.10.3-ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' \ --set='server.enterpriseLicense.secretName=vault-license' . @@ -75,7 +75,7 @@ load _helpers helm install "$(name_prefix)-west" \ --set='injector.enabled=false' \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.9.3-ent' \ + --set='server.image.tag=1.10.3-ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' \ --set='server.enterpriseLicense.secretName=vault-license' . diff --git a/values.openshift.yaml b/values.openshift.yaml index 17861a4..e59bb86 100644 --- a/values.openshift.yaml +++ b/values.openshift.yaml @@ -6,13 +6,13 @@ global: injector: image: repository: "registry.connect.redhat.com/hashicorp/vault-k8s" - tag: "0.14.2-ubi" + tag: "0.16.0-ubi" agentImage: repository: "registry.connect.redhat.com/hashicorp/vault" - tag: "1.9.3-ubi" + tag: "1.10.3-ubi" server: image: repository: "registry.connect.redhat.com/hashicorp/vault" - tag: "1.9.3-ubi" + tag: "1.10.3-ubi" diff --git a/values.yaml b/values.yaml index a693ee0..88b2a50 100644 --- a/values.yaml +++ b/values.yaml @@ -50,7 +50,7 @@ injector: # image sets the repo and tag of the vault-k8s image to use for the injector. image: repository: "hashicorp/vault-k8s" - tag: "0.14.2" + tag: "0.16.0" pullPolicy: IfNotPresent # agentImage sets the repo and tag of the Vault image to use for the Vault Agent @@ -58,7 +58,7 @@ injector: # required. agentImage: repository: "hashicorp/vault" - tag: "1.9.3" + tag: "1.10.3" # The default values for the injected Vault Agent containers. agentDefaults: @@ -295,7 +295,7 @@ server: image: repository: "hashicorp/vault" - tag: "1.9.3" + tag: "1.10.3" # Overrides the default Image Pull Policy pullPolicy: IfNotPresent