[bitnami/chainloop] fix: Little issues (#28837)

* [bitnami/chainloop] fix: Add security context to initContainers Signed-off-by: Fran Mulero <fmulero@vmware.com> * Amend CAS network policy to allow control plane access CAS server Signed-off-by: Fran Mulero <fmulero@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Split network policy rules Signed-off-by: Fran Mulero <fmulero@vmware.com> --------- Signed-off-by: Fran Mulero <fmulero@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
2026-03-07 08:07:55 +08:00 · 2024-08-12 20:23:47 +02:00
parent 5c2162370d
commit 1fe5125f24
5 changed files with 17 additions and 4 deletions
--- a/bitnami/chainloop/CHANGELOG.md
+++ b/bitnami/chainloop/CHANGELOG.md
@@ -1,8 +1,12 @@
 # Changelog

-## 0.1.2 (2024-08-09)
+## 0.1.3 (2024-08-12)

-* [bitnami/chainloop] Release 0.1.2 ([#28809](https://github.com/bitnami/charts/pull/28809))
+* [bitnami/chainloop] fix: Little issues ([#28837](https://github.com/bitnami/charts/pull/28837))
+
+## <small>0.1.2 (2024-08-09)</small>
+
+* [bitnami/chainloop] Release 0.1.2 (#28809) ([c97158c](https://github.com/bitnami/charts/commit/c97158c9fe2ede0c2d11eb3fc4fe884b3f7aec8c)), closes [#28809](https://github.com/bitnami/charts/issues/28809)

 ## <small>0.1.1 (2024-08-09)</small>

--- a/bitnami/chainloop/Chart.yaml
+++ b/bitnami/chainloop/Chart.yaml
@@ -63,4 +63,4 @@ sources:
 - https://github.com/bitnami/containers/tree/main/bitnami/chainloop-control-plane-migrations
 - https://github.com/bitnami/containers/tree/main/bitnami/chainloop-artifact-cas
 - https://github.com/chainloop-dev/chainloop
-version: 0.1.2
+version: 0.1.3
--- a/bitnami/chainloop/templates/_helpers.tpl
+++ b/bitnami/chainloop/templates/_helpers.tpl
@@ -176,7 +176,7 @@ OIDC settings, will fallback to development settings if needed
 {{- define "controlplane.oidc_settings" -}}
  {{- if .Values.development }}
    {{- with .Values.controlplane.auth }}
-    domain: "{{ coalesce .oidc.url "http://chainloop-dex:5556/dex" }}"
+    domain: "{{ coalesce .oidc.url ( printf "http://%s:%d/dex" ( include  "chainloop.dex" $ ) ( int $.Values.dex.service.ports.http ) ) }}"
    client_id: "{{ coalesce .oidc.clientID "chainloop-dev" }}"
    client_secret: "{{ coalesce .oidc.clientSecret "ZXhhbXBsZS1hcHAtc2VjcmV0" }}"
    {{- if .oidc.loginURLOverride }}
--- a/bitnami/chainloop/templates/cas/networkpolicy.yaml
+++ b/bitnami/chainloop/templates/cas/networkpolicy.yaml
@@ -46,6 +46,11 @@ spec:
    {{- end }}
  {{- end }}
  ingress:
+    - ports:
+        - port: {{ .Values.cas.containerPorts.grpc }}
+      from:
+        - podSelector:
+            matchLabels: {{ include "chainloop.controlplane.selectorLabels" . | nindent 14 }}
    - ports:
        - port: {{ .Values.cas.containerPorts.http }}
      {{- if not .Values.cas.networkPolicy.allowExternal }}
@@ -53,6 +58,7 @@ spec:
        - podSelector:
            matchLabels:
              {{ printf "%s-cas" (include "common.names.fullname" .) }}: "true"
+        
        {{- if .Values.cas.networkPolicy.ingressNSMatchLabels }}
        - namespaceSelector:
            matchLabels:
--- a/bitnami/chainloop/templates/controlplane/deployment.yaml
+++ b/bitnami/chainloop/templates/controlplane/deployment.yaml
@@ -74,6 +74,9 @@ spec:
        - name: migrate
          image: {{ include "chainloop.controlplane.migration.image" . }}
          imagePullPolicy: {{ .Values.controlplane.image.pullPolicy }}
+          {{- if .Values.controlplane.containerSecurityContext.enabled }}
+          securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.controlplane.containerSecurityContext "context" $) | nindent 12 }}
+          {{- end }}
          command: [ "./atlas" ]
          args:
            - migrate