Michal.Wrobel/openbao-helm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
434 commits 11 branches 48 tags 1.4 MiB
Commit graph

186 commits

Author SHA1 Message Date
Theron Voran
cd2059147d
vault 0.16.0 release (#612) 2021-09-16 09:39:59 -07:00
Theron Voran
5a864f7cbb
Adding support for the old leader-elector (#607) 
Adds the leader-elector container support that was removed in
PR #568. The new vault-k8s uses an internal mechanism for leader
determination, so this is just for backwards compatibility, and can
be removed in the near future.

* mark the endpoint as deprecated

* add a new useContainer option for leaderElector

Default to not deploying the old leader-elector container, unless
injector.leaderElector.useContainer is `true`.
 2021-09-15 18:43:04 -07:00
Toni Tauro
23e0348842
feat(csi): make provider hostPaths configurable (#603) 
*  add configurable values for providersDir and kubeletRootDir

Signed-off-by: Toni Tauro <toni.tauro@adfinis.com>

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
 2021-09-15 14:12:24 -04:00
Theron Voran
8932c372b7
Fix the CSI acceptance test (#608) 
The `master` branch was renamed to `main` for
kubernetes-sigs/secrets-store-csi-driver

* use a specific version in the URL

* use csi driver 0.2.0
 2021-09-07 18:09:30 -07:00
Theron Voran
d31f942d3e
Support vault-k8s internal leader election (#568) 2021-08-31 15:16:06 -07:00
Theron Voran
c820454dd5
vault-helm 0.15.0 release (#598) 2021-08-23 08:51:52 -07:00
Theron Voran
f7ab37fd50
Add injector.webhookAnnotations chart option (#584) 2021-08-16 13:49:26 -07:00
Theron Voran
bfc01c1e5d
Update chart verifier (#579) 
The test names now have "v1.0/" prepended. chart-verifier docker
images are now tagged too.
 2021-07-29 14:51:35 -07:00
Theron Voran
a5c85627b3
vault-helm 0.14.0 release (#578) 2021-07-28 14:44:28 -07:00
Ben Ash
64b4d88c72
feature: imagePullSecrets from string array. (#576) 
* allow configuring imagePullSecrets from an array of strings in
  addition to the already supported array of maps
 2021-07-23 12:05:24 -04:00
Jason O'Donnell
255cdc7d26
Add ingress/route configurable to specify active/general service (#570) 
* Add ingress/route configurable to specify active/general service

* Update test/unit/server-ingress.bats

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>

* values.schema.json

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
 2021-07-15 14:15:46 -04:00
Ben Ash
4a4295da81
Update acceptance tests to use the new stable GKE version 1.18.x (#569) 2021-07-12 15:47:07 -04:00
Ben Ash
2d420856a4
Update the default vault agent image to come from the hashicorp docker organization. (#567) 
* Default to hashicorp/vault for vault agent image.

* Add support for running acceptance tests against a kind cluster

* make the injector-leader-elector a bit more reliable when run locally
 2021-07-12 13:00:12 -04:00
Ben Ash
1e4709cc46
feature: Support configuring various properties as YAML directly. (#565) 
* feature: Support configuring various properties as YAML directly.
Supported properties include: pod tolerations, pod affinity, and node selectors.
 2021-07-07 19:07:58 -04:00
Calvin Leung Huang
14d1f97edd
injector: add templateConfig.exitOnRetryFailure annotation (#560) 
* injector: add templateConfig.exitOnRetryFailure annotation

* update values.schema.json
 2021-07-06 09:49:48 -07:00
Theron Voran
f67b844d30
Update to v0.13.0 (#554) 2021-06-17 10:52:21 -07:00
Theron Voran
0f832e01fc
Add openshift overrides (#549) 
Adds default overrides for OpenShift (values.openshift.yaml) and uses
them in the chart-verifier tests.
 2021-06-16 13:54:22 -07:00
Theron Voran
4d23074cd3
Adding server.enterpriseLicense (#547) 
Sets up a vault-enterprise license for autoloading on vault
startup. Mounts an existing secret to /vault/license and sets
VAULT_LICENSE_PATH appropriately.
 2021-06-11 13:29:30 -07:00
Ricardo Gândara Pinto
d27121c223
Added webhook-certs volume mount to sidecar injector (#545) 
* Removed webhook-certs volume mount from leader-elector container

* Added test: injector deployment manual TLS adds volume mount
 2021-06-10 15:32:22 -07:00
Rule88
458876007a
change maxUnavailable to integer (#535) 
change maxUnavailable from `null` to `integer` to enable upgrade from
0.11.0 to 0.12.0 when using the specific variable.

* Also allow null value

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* add test for server.ha.disruptionBudget.maxUnavailable

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-06-01 10:51:18 -07:00
Theron Voran
af25981752
fix ui.serviceNodePort schema (#537) 
UI service nodePort defaults to null, but is set as an integer
 2021-06-01 10:41:02 -07:00
Theron Voran
3593739160
Adding helm test for vault server (#531) 
Also adds acceptance test for 'helm test' and updates the
chart-verifier version.
 2021-05-27 17:09:50 -07:00
Jason O'Donnell
b21b37b07a
Update to v0.12.0 (#532) 
* Update to v0.12.0

* Update values.schema.json

* Fix schema types

* revert image repo
 2021-05-25 13:46:48 -04:00
Theron Voran
e206fadd9e
add schema unit tests (#530) 2021-05-25 10:16:29 -04:00
Tom Proctor
030d3cd89d
Add extraArgs value for CSI (#526) 2021-05-21 12:48:21 +01:00
mehmetsalgar
0ab15dfb84
[Issue-520] tolerations for csi-daemonset (#521) 
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-05-17 17:14:19 -07:00
Theron Voran
ed38f6d3a6
added values json schema (#513) 
Generated the schema using the helm schema-gen plugin, and added extra
data types to fields that allow it, such as annotations, tolerations,
enabled, etc. Enabled the "contains-value-schema" chart-verifier test.

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
 2021-05-14 08:59:36 -07:00
mehmetsalgar
92aed2cbee
Add ImagePullSecrets to CSI daemonset (#519) 2021-05-12 12:06:54 +01:00
Theron Voran
b59cbf6dc6
Set kubeVersion and added chart-verifier tests (#510) 
Set min kubeVersion in Chart.yaml to 1.14. Added a chart-verifier bats
test, and configured to run it in CI. Some verification tests that
haven't been addressed yet are skipped.
 2021-05-10 16:56:31 -07:00
Arie Lev
dcb4b10283
Add container based tests documentation (#492) 
* update documentation with running unit tests using container

* promote bats version to 1.3.0

* Update CONTRIBUTING.md

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update CONTRIBUTING.md

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
 2021-04-14 13:05:38 -04:00
Jason O'Donnell
5f2e1d470f
Fix injector unit test failing (#496) 
* Fix injector unit test failing

* Add null check

* Add default if unset for CI
 2021-04-14 08:23:50 -04:00
Jason O'Donnell
bf5783ef6b
Add injector agent default overrides (#493) 
* Add injector agent default overrides

* Update test/unit/injector-deployment.bats

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update test/unit/injector-deployment.bats

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update test/unit/injector-deployment.bats

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-04-12 17:01:14 -04:00
Hamza ZOUHAIR
d8c2d2058c
Custom value of agent port (#489) 
* configure the agent port

* add unit test

* remove default

* remove default

* Update values.yaml

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
 2021-04-12 16:59:38 -04:00
Jason O'Donnell
ec67b5dd45
Add logLevel and logFormat values for Vault (#488) 
* Add logLevel and logFormat values for Vault

* Add configurable tests

* Update order of log levels

* Update values.yaml

* Update per review

* Update test/unit/server-statefulset.bats

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update test/unit/server-statefulset.bats

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
 2021-04-08 11:18:16 -04:00
Sam Marshall
bfbeba256a
feat(ingress): Extra paths to prepend to the ingress host configuration for annotation based services (#460) 
Refs #361
 2021-04-08 10:09:19 -04:00
Paul Witt
a2a07b2a02
add hostNetwork value to injector deployment (#471) 
* add hostNetwork value to injector deployment

* adding unit tests
 2021-04-08 10:03:56 -04:00
Arie Lev
7a71c0fec4
fix csi helm deployment (#486) 
* fix serviceaccount and clusterrole name reference (full name)

* add server.enabled option, align with documentation

* add unit tests

* update server.enabled behaviour to explicit true and update tests
 2021-04-06 14:56:11 +01:00
Jason O'Donnell
7fd6959cdc
Add volumes and mounts support for CSI (#479) 
* Remove extraVolumes from CSI, add volumes and mounts

* Add better example
 2021-03-25 10:21:21 -04:00
Jason O'Donnell
f75b19f068
Update to 0.10.0 (#477) 
* Update to v0.10.0

* Fix typo

* Add csi link in changelog
 2021-03-25 10:19:31 -04:00
Tom Proctor
102f9e49e2
Target vault-csi-provider release 0.1.0 (#475) 2021-03-25 09:02:36 -04:00
Theron Voran
3e36bb70d5
updating acceptance tests to k8s 1.17 on gke (#473) 2021-03-24 09:20:06 -04:00
Tom Proctor
4c1d79f46e
Add CSI secrets store provider (#461) 2021-03-19 14:14:38 +00:00
guru1306
690ee410ef
Add objectSelector to webhookconfiguration (#456) 2021-02-19 23:02:04 -05:00
Theron Voran
84a1dd9fbe
0.9.1 release updates (#455) 
Changelog, chart metadata, and image versions
 2021-02-02 11:06:40 -08:00
Theron Voran
69a3dc618d
Set VAULT_DEV_LISTEN_ADDRESS in dev mode (#446) 
Binds vault to 0.0.0.0 in dev mode so that external traffic is
accepted.
 2021-01-15 15:42:50 -08:00
Theron Voran
91e9446bfc
Update version of consul-helm in server-ha test (#444) 
consul-helm v0.16.2 doesn't work with newer versions of helm (like
3.4).
 2021-01-12 11:07:55 -08:00
Theron Voran
2451b5fb65
Increase the timeout for leader elector ready (#443) 
Bumps the timeout waiting for the injector replicas (with
leader-elector containers) to be "Ready" to 5 minutes. Default was 30
seconds.
 2021-01-12 11:06:00 -08:00
Theron Voran
7b5e08c4a8
0.9.0 release updates (#439) 
Changelog, chart metadata, and image versions
 2021-01-05 10:52:56 -08:00
Tom Proctor
e6b4969acc
Support deploying multiple injector replicas with auto-TLS (#436) 2021-01-05 11:14:00 +00:00
Volodymyr Stoiko
f8e6aab4ee
Allow configurable egress for server network policy (#389) 
* Allow configurable egress

* Add test for networkpolicy egress in server

* Allow egress configuration

* Fix test

* Fix networkPolicy test

* Fix test
 2020-12-16 12:30:24 -05:00