Changes the default server readiness probe to pass when the server is
uninitialized, in order to pass the latest version of the
chart-verifier test (see #954) for details.
Also updates the chart-verifier used in our tests to 1.13.0 (latest).
Pin github actions to the latest trusted versions, test with k8s
1.24-1.28, update vault and vault-k8s defaults to latest releases.
---------
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
* Prepare for 0.25.0 release
* Update CSI acceptance test assertion
Starting in 1.4.0, the CSI provider caches Vault tokens locally. The main thing
we want to check is that the Agent cache is being used so that it's doing the
renewal legwork for any leased secrets, so check for the renewal log message instead
because CSI won't auth over and over anymore.
Test with latest kind k8s versions 1.22-1.26. Remove support for old
disruptionbudget and ingress APIs (pre 1.22).
Pin all actions to SHAs, and use the common jira sync.
Update the default Vault version to v1.13.1.
Update chart-verifier used in tests to 1.10.1, also add an openshift
name annotation to Chart.yaml (one of the required checks).
Prepare for release 0.20.1
Improvements:
* `vault-k8s` updated to 0.16.1
CHANGES:
* `vault` service account is now created even if the server is set to disabled, as per before 0.20.0 [GH-737](https://github.com/hashicorp/vault-helm/pull/737)
* Mutating webhook will no longer target the agent injector pod [GH-736](https://github.com/hashicorp/vault-helm/pull/736)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
