Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
296 commits 11 branches 48 tags 1.4 MiB
Commit graph

296 commits

This branch
This branch
All branches
Author SHA1 Message Date
Theron Voran
77b973c17f
Helm 3 support (#195) 
Update chart and tests to Helm 3

Co-authored-by: Matt Piekunka <mpiekunk@users.noreply.github.com>
Co-authored-by: Mike Brancato <mbrancato@users.noreply.github.com>
 2020-02-06 08:44:38 -08:00
Theron Voran
1f94e221c3
changelog++ 2020-01-30 09:49:29 -08:00
Theron Voran
45c9118782
Adding sleep in the preStop lifecycle step (#188) 
Aims to make vault pod termination more graceful with respect to user
requests.
 2020-01-30 09:39:08 -08:00
Jason O'Donnell
7a6e8c3648
changelog++ 2020-01-18 07:38:00 -05:00
Yong Wen Chua
eccd71bfe2 Allow configure StatefulSet updateStrategy (#172) 2020-01-18 07:36:45 -05:00
Jason O'Donnell
0099ea8a94
changelog++ 2020-01-15 10:16:28 -05:00
fischerman
4209cbcc2d make shareProcessNamespace configurable (#174) 
* make shareProcessNamespace configurable

* add unit tests
 2020-01-15 05:06:54 -05:00
fischerman
1f68852dc2 add lifecycle to vault instead of extra container (#179) 2020-01-15 05:03:20 -05:00
Jason O'Donnell
80027d3bda
Update to v0.3.3 (#178) 
* Update to v0.3.3

* Reorder changelog
 2020-01-14 14:14:27 -05:00
Jason O'Donnell
b8978603db
changelog++ 2020-01-14 10:18:08 -05:00
Jason O'Donnell
e8e804d873
changelog++ 2020-01-14 10:12:40 -05:00
Jason O'Donnell
ac2925d250
Add extraArgs configurable (#176) 2020-01-14 10:09:20 -05:00
Ryan Eschinger
4ee82fd984 fix injector env var names for manual tls config (#171) 
AGENT_INJECT_CERT_FILE -> AGENT_INJECT_TLS_CERT_FILE
AGENT_INJECT_KEY_FILE -> AGENT_INJECT_TLS_KEY_FILE

see
611492d04b/subcommand/injector/flags.go (L56)

fixes #170
 2020-01-13 12:49:13 -05:00
Jason O'Donnell
551f292b6f
Update to 0.3.2 (#166) 2020-01-08 10:05:06 -05:00
Jason O'Donnell
98e7e0a7c9
Update to 0.3.1 (#162) 2020-01-02 12:18:22 -05:00
Jason O'Donnell
3e91343f6d
Update CONTRIBUTING.md 2019-12-20 09:30:58 -05:00
Jason O'Donnell
7d8ae7df46
Update to 0.3.0 (#154) 2019-12-19 11:49:50 -05:00
Jason O'Donnell
16bb8999ae
changelog++ 2019-12-19 10:58:28 -05:00
Jason O'Donnell
82083061a0
Add vault agent injector (#150) 
* Add vault agent injector

* Fix bug with agent image env

* Fix terraform GKE code

* Cleanup label

* Improve test reliablity

* Lower sleep times in tests

* Standardize image values

* Update values

* Update vault tag
 2019-12-19 10:57:51 -05:00
Jason O'Donnell
268c2418d3
Add configurable nodeport (#152) 2019-12-18 12:22:19 -05:00
Jason O'Donnell
36d6c283e4
Update CHANGELOG.md 2019-12-16 18:09:05 -05:00
Darren Clark
ba6cfe675e Statefulset Liveness Probe failing on standby nodes due to SSL, initial delay and 429 response #137 (#138) 
livenessProbe

 * Set the scheme for vault.scheme to ensure that the check works if tls enabled or not

 * Allow a configurable value initialDelaySeconds rather than the set 5 seconds

 * Set the default initialDelaySeconds to 60 seconds before the probe starts to allow for vault unsealing

 * Set the path to /v1/sys/health?standbyok=true to ensure a 200 response on standbys

readinessProbe

 * Set the path comment to /v1/sys/health?standbyok=true to ensure a 200 response on standbys

 * Set the scheme for vault.scheme to ensure that the check works if tls enabled or not

 * Statefulset liveness probe path check set to /v1/sys/health?standbyok=true

 * Server Statefulset test added for livenessProbe.initialDelaySeconds
 2019-12-16 18:07:23 -05:00
Michael Golowka OR 1=1); DROP TABLE users; --
35f198f35f
Update CHANGELOG.md 2019-12-11 14:07:44 -07:00
Michael Golowka OR 1=1); DROP TABLE users; --
c390b3f6df Fix typo: serviceaccount -> serviceAccount (#147) 
* Fix typo: serviceaccount -> serviceAccount

* Fix typo in test
 2019-12-11 16:04:57 -05:00
Jason O'Donnell
e1ecb0d8ad
Update CHANGELOG.md 2019-12-09 16:52:23 -05:00
Daniel Mittelman
4a743f655e Promote Docker image version to 1.3.0 (#136) 2019-12-06 09:38:49 -05:00
Jason O'Donnell
37e92331b9
Add publishNotReadyAddresses to UI service (#131) 2019-12-03 14:55:33 -05:00
Jason O'Donnell
938c874e77
Update CHANGELOG.md 2019-12-02 17:22:15 -05:00
Jason O'Donnell
1c9c64c8f8
Remove chart from labels (#128) 2019-12-02 17:14:59 -05:00
Jason O'Donnell
8eac1ed98e
Update CHANGELOG.md 2019-11-28 19:09:42 -05:00
Holden Omans
a0325cfd14 Configure pod probes (#104) 
* Added option for enabling a livenessprobe

* added option for using http for readinessProbe

* added tests
 2019-11-28 18:24:41 -05:00
Janusz Bialy
2ff7d47c07 Use a standard way to define the container image (#103) 
* use a standard way to define image repo and tag

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* add tests

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* bump chart version

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* Revert "bump chart version"

This reverts commit 74cbc984a7d4cf9098acf78977cdc8598c557550.

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* nest image block inside server

Signed-off-by: Janusz Bialy <jbialy@gmail.com>
 2019-11-28 17:39:28 -05:00
Jason O'Donnell
52f3686c12
Update CHANGELOG.md 2019-11-21 14:21:23 -05:00
Shahbaz Nazir
faf5a84c5e Add possibility to run sidecars with vault (#87) 
* Add extra containers

* fix template

* add unit tests

* resolve conflicts

* remove duplicate docs

* fix unit tests
 2019-11-21 14:07:41 -05:00
Ivan Aracki
6bef1e19df Fix server.dataStorage explanation link (#115) 2019-11-18 11:59:15 -05:00
Jason O'Donnell
fbe3c154a5
Update to 0.2.1 (#111) 2019-11-12 19:59:31 -05:00
Jason O'Donnell
3fbbf7b8df
Remove readOnlyRootFilesystem configurable (#110) 2019-11-12 19:55:31 -05:00
Jason O'Donnell
a5331f5b38
Update for 0.2.0 release (#102) 2019-11-11 10:51:00 -05:00
Sergii
ea0e66760f Add extra label to Ingress (#108) 2019-11-07 11:23:56 -05:00
Jason O'Donnell
50addb76c5
changelog++ 2019-11-06 11:08:28 -05:00
Jason O'Donnell
a9e6a0a938
Add preStop lifecycle hook (#105) 
* Add preStop lifecycle hook

* Fix typo in comment
 2019-11-06 11:06:57 -05:00
Jason O'Donnell
e3c771a467
changelog++ 2019-10-29 11:19:37 -04:00
Luke Barton
04303baa5f Fix bad GCP environment variable example (#101) 2019-10-28 11:56:29 -04:00
Janusz Bialy
a2b2d32e92 Add support for image pull policy and secrets (#92) 
* add image pull policy and pull secrets

Signed-off-by: Janusz Bialy <jbialy@gmail.com>

* add unit tests

Signed-off-by: Janusz Bialy <jbialy@gmail.com>
 2019-10-24 12:58:32 -04:00
Jason O'Donnell
e1b89d6396
Make readOnlyRootFilesystem configurable (#93) 2019-10-24 12:40:19 -04:00
Jason O'Donnell
2ca3fd2214
changelog++ (#94) 2019-10-21 17:08:42 -04:00
Yves Blusseau
75ceb1af5a Fix PodDisruptionBudget template (#88) 
* Fix bad selectors.
* Fix bad calculation of maxUnavailable.

Signed-off-by: JrCs <90z7oey02@sneakemail.com>
 2019-10-21 09:51:02 -04:00
Jason O'Donnell
b41d36c621
Require vault to run as non root (#80) 
* Require vault to run as non root

* Fix unit tests

* Make uid/gid configurable, remove home emptydir
 2019-10-18 12:42:25 -04:00
savagete2860
f7aa2576d0 Add load balancer source range for UI service (#83) 
* add load balancer source range for UI service

* add load balancer source range for UI service

* adding unit test

* adding unit test
 2019-10-18 12:41:53 -04:00
Jason O'Donnell
9fd0ad6e20
Fix audit storage mount in HA mode (#79) 
* Fix audit storage mount in HA mode

* Add explicit fsgroup
 2019-10-10 10:03:44 -04:00