Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
411 commits 11 branches 48 tags 1.4 MiB
Commit graph

411 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jason O'Donnell
994797cff4
changelog++ 2020-10-16 10:48:41 -04:00
gw0
29a77e82d1
Improve config variables (#398) 2020-10-16 10:47:31 -04:00
Jason O'Donnell
618d4b3b39
changelog++ 2020-10-13 09:22:17 -04:00
Ori Rawlings
5eb0ba5865
Add configurable failurePolicy for injector's webhook (#400) 
Fixes #399
 2020-10-13 09:20:06 -04:00
Jason O'Donnell
5242cfe6a7
changelog++ 2020-10-05 16:23:04 -04:00
Jason O'Donnell
73c70c0ba0
changelog++ 2020-10-01 11:07:48 -04:00
Michael Parker
1968526f0d
add ability to set pod annotations for injector (#394) 
* add ability to set pod annotations for injector

* add missing unit tests
 2020-10-01 11:06:53 -04:00
Jason O'Donnell
54f58b9c01
changelog++ 2020-10-01 09:34:25 -04:00
Jason O'Donnell
13ef8db3b5
Add configurable mountPath for audit/data storage (#393) 2020-10-01 09:32:46 -04:00
Jason O'Donnell
c16905edca
changelog++ 2020-09-24 12:41:51 -04:00
Theron Voran
1705536ee5
changelog++ 2020-09-15 23:47:01 -07:00
Volodymyr Stoiko
66ea34c702
Allow explicit network policy enablement (#381) 
* Disable default network policy

* Make network policy configurable by explicit flag only
 2020-09-15 23:40:56 -07:00
Jason O'Donnell
fc8ebfdd4e
Add configurable probe values (#387) 
* Add configurable probe values

* Remove template defaults

* Update values.yaml

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update values.yaml

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update values.yaml

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Switch timeout and period defaults

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2020-09-15 16:24:38 -04:00
Tom Proctor
3975d2c331
Update Jira sync action versions (#386) 
These versions bring a few fixes:

* The action now supports converting the most common bits of markdown syntax into Jira formatting directives
* Replaces Atlassian's comment action, which tries to interpolate bits of text from comments wrapped in {{ github.event_name }} as templates, usually causing an error (in the case I've put there, if I wasn't a vault team member, it would replace the template with `pull_request_target`)
* Remove trailing comma after link that broke the link target Jira selects
 2020-09-14 16:50:46 +01:00
Tom Proctor
798ac9c597
Update notes template to be helm v3 compatible (#378) 
`helm get {{ .Release.Name }}` is replaced by `vault get all {{ .Release.Name }}` in helm v3, but `all` doesn't exist in v2.
 2020-08-27 16:34:25 +01:00
Tom Proctor
d2c5ff8fcc
Add Jira sync action (#373) 2020-08-25 14:27:48 +01:00
Jason O'Donnell
cfe3bccf8e
Update to 0.7.0 (#374) 
Update to 0.7.0
 2020-08-24 14:19:12 -04:00
Jason O'Donnell
a29f98dcc7
changelog++ 2020-08-20 19:05:58 -04:00
Jason O'Donnell
117fff79bc
Add vault-k8s metrics configurable (#372) 2020-08-20 19:03:12 -04:00
Jason O'Donnell
4d6e79df45
changelog++ 2020-08-20 14:40:40 -04:00
Yong Wen Chua
5dc29f6c84
Add configuration options for Vault UI service (#285) 
* Add configuration options for Vault UI service

- Configure to select active Vault pod only
- Configure to not publish unready address

* Create active label only on HA
 2020-08-20 14:39:46 -04:00
Jason O'Donnell
f0c073e3ee
changelog++ 2020-08-20 14:03:26 -04:00
Scott Hawkins
622690e68b
Add volume claim annotations (#364) 
* Add templates for annotations to apply to PV.

* Fix spacing for template injection.

* Fix template logic, add unit tests.
 2020-08-20 14:02:27 -04:00
Jason O'Donnell
0faf7cf21a
changelog++ 2020-08-20 13:46:18 -04:00
Dawson Mortenson
f40cc89467
allow server annotations with dev mode (#371) 2020-08-20 13:45:36 -04:00
Theron Voran
986191117e
changelog++ 2020-08-18 19:16:30 -07:00
Sergei Zyubin
9fbe720f6b
Make serviceAccount name a configuration option (#367) 
* Make serviceAccount name a configuration option

Follow Helm Best Practices when defining serviceAccount names
https://helm.sh/docs/chart_best_practices/#using-rbac-resources

* Use enabled instead of create for consistency

* Add unit tests for user-defined service account name

* ServiceAccount under server

Co-authored-by: David Holsgrove <david@apnic.net>

* Update ServiceAccount in RoleBindings

to address https://github.com/hashicorp/vault-helm/pull/56#pullrequestreview-297856433

Co-authored-by: David Holsgrove <david@apnic.net>

* Update tests for helm template arg --show-only

Co-authored-by: David Holsgrove <david@apnic.net>

* Fix server-serviceaccount tests

* serviceAccount: rename enabled to create

* statefulSet: add tests for serviceAccount

Co-authored-by: Nick Satterly <nick@diabol.se>
Co-authored-by: David Holsgrove <david@apnic.net>
 2020-08-18 19:13:02 -07:00
Theron Voran
25749a7518
changelog++ 2020-08-14 15:06:03 -07:00
Sam Weston
ed0b918bf6
Add an option to set annotations on the StatefulSet (#199) 
* Add tests for adding StatefulSet annotations

Signed-off-by: Sam Weston <weston.sam@gmail.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2020-08-14 15:04:52 -07:00
Jason O'Donnell
7a8180862e
changelog++ 2020-07-30 10:24:07 -04:00
Lukas Grossar
ec69e1cccb
Remove tolerate-unready-endpoints annotation (#363) 
This annotation has been deprecated since Kuberneets 1.8 and the
publishNotReadyAddresses parameter replacing it has been correctly
implemented in Kubernetes 1.11 (see https://github.com/kubernetes/kubernetes/pull/63742)
 2020-07-30 10:23:02 -04:00
killuazhu
25c6fe1f81
Minor updates for Makefile (#355) 
Make reference more consistent, also list all targets are phony target.
 2020-07-30 10:16:47 -04:00
Jason O'Donnell
cd15ea91e3
changelog++ 2020-07-30 10:06:18 -04:00
Erik DeLamarter
f965826a66
missing enabled checks for injector-network-policy (#358) 2020-07-30 10:05:01 -04:00
Jason O'Donnell
0c28645748
changelog++ 2020-07-14 10:24:53 -04:00
georgekaz
8c741f6276
add support for more flexible volume mounts. Include example values for init container (#314) 
add unit tests

add missing braces
 2020-07-14 10:23:08 -04:00
Jason O'Donnell
5110f0f930
changelog++ 2020-07-14 10:10:18 -04:00
Yong Wen Chua
85b52694f7
Allow overriding VAULT_API_ADDR (#290) 2020-07-14 10:09:43 -04:00
Jason O'Donnell
ef7df3da77
changelog++ 2020-07-14 09:54:18 -04:00
Steven Merrill
70cfec3fc8
Force caBundle to always be quoted (#352) 
This fixes issues when you do not provide a value for caBundle that
causes validation issues.
 2020-07-14 09:53:33 -04:00
Theron Voran
3e463a4bbe
Add issue templates (#351) 2020-07-06 17:03:57 -07:00
Theron Voran
93f5190a60
changelog++ 2020-06-26 18:04:59 -07:00
Octavian Ionescu
7dc56ca86f
Fix python dependency in test image (#336) (#337) 
In latest alpine release (3.12) there was an intentional change
to drop python support without specify required version: python2
or python3.

Signed-off-by: Octavian Ionescu <itavyg@gmail.com>
 2020-06-26 18:03:14 -07:00
Theron Voran
6b9da1c418
changelog++ 2020-06-25 23:46:05 -07:00
Yong Wen Chua
adf5bf65a9
Support PodSecurityPolicy (#177) 
* Add PSP for server

* Add PSP for Injector

* Allow annotations to be templated

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2020-06-25 23:42:52 -07:00
Jason O'Donnell
ebed731222
changelog++ 2020-06-11 10:51:44 -04:00
Omer Levi Hevroni
5a7e10cf08
allow to set extra volume mode (#321) 2020-06-11 10:50:16 -04:00
Jason O'Donnell
62380cc24a
Add note to config about sensitive configs (#323) 
* Add note to config about sensitive configs

* Update README.md

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2020-06-04 13:37:31 -04:00
Jason O'Donnell
e7736defa1
Update to v0.6.0 (#320) 2020-06-03 10:03:10 -04:00
Jason O'Donnell
b42c0c53b5
changelog++ 2020-06-02 22:12:02 -04:00