Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-04-03 15:57:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/apisix] Detect non-standard images (#30861)

Browse Source 
* [bitnami/apisix] Detect non-standard images

Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com>

* Update CHANGELOG.md

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

---------

Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
Carlos Rodríguez Hernández
2024-12-10 17:50:19 +01:00
committed by GitHub
parent 13296445b4
commit 0c989ce546
6 changed files with 29 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bitnami/apisix/CHANGELOG.md
View File

@@ -1,8 +1,12 @@
# Changelog
## 3.6.1 (2024-11-30)
## 3.7.0 (2024-12-10)
* [bitnami/apisix] Release 3.6.1 ([#30695](https://github.com/bitnami/charts/pull/30695))
* [bitnami/apisix] Detect non-standard images ([#30861](https://github.com/bitnami/charts/pull/30861))
## <small>3.6.1 (2024-11-30)</small>
* [bitnami/apisix] Release 3.6.1 (#30695) ([292979c](https://github.com/bitnami/charts/commit/292979cddcab9e5228ff2e52f06f7559530ea7cd)), closes [#30695](https://github.com/bitnami/charts/issues/30695)
## 3.6.0 (2024-11-29)

8
bitnami/apisix/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies:
- name: etcd
repository: oci://registry-1.docker.io/bitnamicharts
version: 10.5.3
version: 10.6.1
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.27.2
digest: sha256:03a92a36148cb5824d13f61b2e8e65c63edefd72e8392da4fc75c9a01d783538
generated: "2024-11-29T11:33:04.089124622+01:00"
version: 2.28.0
digest: sha256:75e5fc42d1448ed63ad28f0a1284ae9f53e5ebda58969799b220828380fa8414
generated: "2024-12-10T16:47:53.291235+01:00"

2
bitnami/apisix/Chart.yaml
View File

@@ -45,4 +45,4 @@ sources:
- https://github.com/bitnami/charts/tree/main/bitnami/apisix
- https://github.com/bitnami/charts/tree/main/bitnami/apisix-dashboard
- https://github.com/bitnami/charts/tree/main/bitnami/apisix-ingress-controller
version: 3.6.1
version: 3.7.0

19
bitnami/apisix/README.md
View File

@@ -279,13 +279,14 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
### Global parameters
| Name | Description | Value |
| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
| `global.imageRegistry` | Global Docker image registry | `""` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
| Name | Description | Value |
| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `global.imageRegistry` | Global Docker image registry | `""` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` |
| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` |
| `global.security.allowInsecureImages` | Allows skipping image verification | `false` |
| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` |
### Common parameters
@@ -1096,6 +1097,10 @@ Find more information about how to deal with common errors related to Bitnami's
## Upgrading
### To 3.7.0
This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850).
### To 3.0.0
This major bump changes the following security defaults:

1
bitnami/apisix/templates/NOTES.txt
View File

@@ -206,3 +206,4 @@ The Ingress Class name to use the APISIX Ingress Controller is: {{ .Values.ingre
{{- include "apisix.validateValues" . }}
{{- include "common.warnings.resources" (dict "sections" (list "controlPlane" "dashboard" "dataPlane" "ingressController") "context" $) }}
{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.dashboard.image .Values.ingressController.image .Values.waitContainer.image) "context" $) }}
{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.dashboard.image .Values.ingressController.image .Values.waitContainer.image) "context" $) }}

5
bitnami/apisix/values.yaml
View File

@@ -21,6 +21,11 @@ global:
imagePullSecrets: []
defaultStorageClass: ""
storageClass: ""
## Security parameters
##
security:
## @param global.security.allowInsecureImages Allows skipping image verification
allowInsecureImages: false
## Compatibility adaptations for Kubernetes platforms
##
compatibility: