diff --git a/bitnami/contour-operator/Chart.lock b/bitnami/contour-operator/Chart.lock index 6bb000ce41..72c09b69f7 100644 --- a/bitnami/contour-operator/Chart.lock +++ b/bitnami/contour-operator/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 1.11.3 -digest: sha256:d5f850d857edd58b32c0e10652f6ec3ce5018def5542f2bcef38fd7fa0079d6b -generated: "2022-03-15T16:03:31.635580327Z" + version: 1.12.0 +digest: sha256:7e484480451778c273e7a165dbfaa5594ec1c9a63a114ce9d458626cadd28893 +generated: "2022-03-17T15:30:17.618284001Z" diff --git a/bitnami/contour-operator/Chart.yaml b/bitnami/contour-operator/Chart.yaml index 446de167c9..d85c86d710 100644 --- a/bitnami/contour-operator/Chart.yaml +++ b/bitnami/contour-operator/Chart.yaml @@ -24,4 +24,4 @@ name: contour-operator sources: - https://github.com/projectcontour/contour-operator - https://github.com/bitnami/bitnami-docker-contour-operator -version: 1.0.1 +version: 1.1.0 diff --git a/bitnami/contour-operator/README.md b/bitnami/contour-operator/README.md index 24bebed0dd..dd6226bcfa 100644 --- a/bitnami/contour-operator/README.md +++ b/bitnami/contour-operator/README.md @@ -131,7 +131,7 @@ This solution allows to easily deploy multiple Contour instances compared to the ### Global parameters | Name | Description | Value | -|:--------------------------|:------------------------------------------------|:------| +| ------------------------- | ----------------------------------------------- | ----- | | `global.imageRegistry` | Global Docker image registry | `""` | | `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | | `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | @@ -140,7 +140,7 @@ This solution allows to easily deploy multiple Contour instances compared to the ### Common parameters | Name | Description | Value | -|:--------------------|:---------------------------------------------------|:------| +| ------------------- | -------------------------------------------------- | ----- | | `kubeVersion` | Override Kubernetes version | `""` | | `nameOverride` | String to partially override common.names.fullname | `""` | | `fullnameOverride` | String to fully override common.names.fullname | `""` | @@ -151,83 +151,84 @@ This solution allows to easily deploy multiple Contour instances compared to the ### Contour Operator Parameters -| Name | Description | Value | -|:----------------------------------------|:-------------------------------------------------------------------------------------------------------------------------|:---------------------------| -| `image.registry` | Contour Operator image registry | `docker.io` | -| `image.repository` | Contour Operator image repository | `bitnami/contour-operator` | -| `image.tag` | Contour Operator image tag (immutable tags are recommended) | `1.19.1-scratch-r3` | -| `image.pullPolicy` | Contour Operator image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Contour Operator image pull secrets | `[]` | -| `contourImage.registry` | Contour Image registry | `docker.io` | -| `contourImage.repository` | Contour Image repository | `bitnami/contour` | -| `contourImage.tag` | Contour Image tag (immutable tags are recommended) | `1.19.1-debian-10-r63` | -| `contourImage.pullSecrets` | Contour Image pull secrets | `[]` | -| `envoyImage.registry` | Envoy Image registry | `docker.io` | -| `envoyImage.repository` | Envoy Image repository | `bitnami/envoy` | -| `envoyImage.tag` | Envoy Image tag (immutable tags are recommended) | `1.19.1-debian-10-r136` | -| `envoyImage.pullSecrets` | Envoy Image pull secrets | `[]` | -| `replicaCount` | Number of Contour Operator replicas to deploy | `1` | -| `livenessProbe.enabled` | Enable livenessProbe on Contour Operator nodes | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe on Contour Operator nodes | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe on Contour Operator nodes | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `resources.limits` | The resources limits for the Contour Operator containers | `{}` | -| `resources.requests` | The requested resources for the Contour Operator containers | `{}` | -| `podSecurityContext.enabled` | Enabled Contour Operator pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Contour Operator pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled Contour Operator containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set Contour Operator containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Contour Operator containers' Security Context runAsNonRoot | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `hostAliases` | Contour Operator pods host aliases | `[]` | -| `schedulerName` | Name of the Kubernetes scheduler (other than default) | `""` | -| `podLabels` | Extra labels for Contour Operator pods | `{}` | -| `podAnnotations` | Annotations for Contour Operator pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `affinity` | Affinity for Contour Operator pods assignment | `{}` | -| `nodeSelector` | Node labels for Contour Operator pods assignment | `{}` | -| `tolerations` | Tolerations for Contour Operator pods assignment | `[]` | -| `updateStrategy.type` | Contour Operator deployment strategy type | `RollingUpdate` | -| `priorityClassName` | Contour Operator pods' priorityClassName | `""` | -| `lifecycleHooks` | for the Contour Operator container(s) to automate configuration before or after startup | `{}` | -| `terminationGracePeriodSeconds` | Termination grace period in seconds | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `containerPorts.metrics` | Metrics port for the Contour Operator container | `8080` | -| `extraEnvVars` | Array with extra environment variables to add to Contour Operator nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Contour Operator nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Contour Operator nodes | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the Contour Operator pod(s) | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Contour Operator container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the Contour Operator pod(s) | `[]` | -| `initContainers` | Add additional init containers to the Contour Operator pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `image.registry` | Contour Operator image registry | `docker.io` | +| `image.repository` | Contour Operator image repository | `bitnami/contour-operator` | +| `image.tag` | Contour Operator image tag (immutable tags are recommended) | `1.20.1-scratch-r1` | +| `image.pullPolicy` | Contour Operator image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Contour Operator image pull secrets | `[]` | +| `contourImage.registry` | Contour Image registry | `docker.io` | +| `contourImage.repository` | Contour Image repository | `bitnami/contour` | +| `contourImage.tag` | Contour Image tag (immutable tags are recommended) | `1.20.1-debian-10-r19` | +| `contourImage.pullSecrets` | Contour Image pull secrets | `[]` | +| `envoyImage.registry` | Envoy Image registry | `docker.io` | +| `envoyImage.repository` | Envoy Image repository | `bitnami/envoy` | +| `envoyImage.tag` | Envoy Image tag (immutable tags are recommended) | `1.21.1-debian-10-r20` | +| `envoyImage.pullSecrets` | Envoy Image pull secrets | `[]` | +| `replicaCount` | Number of Contour Operator replicas to deploy | `1` | +| `livenessProbe.enabled` | Enable livenessProbe on Contour Operator nodes | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on Contour Operator nodes | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on Contour Operator nodes | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `resources.limits` | The resources limits for the Contour Operator containers | `{}` | +| `resources.requests` | The requested resources for the Contour Operator containers | `{}` | +| `podSecurityContext.enabled` | Enabled Contour Operator pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Contour Operator pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled Contour Operator containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set Contour Operator containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Contour Operator containers' Security Context runAsNonRoot | `true` | +| `containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem on Contour Operator containers | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `hostAliases` | Contour Operator pods host aliases | `[]` | +| `schedulerName` | Name of the Kubernetes scheduler (other than default) | `""` | +| `podLabels` | Extra labels for Contour Operator pods | `{}` | +| `podAnnotations` | Annotations for Contour Operator pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for Contour Operator pods assignment | `{}` | +| `nodeSelector` | Node labels for Contour Operator pods assignment | `{}` | +| `tolerations` | Tolerations for Contour Operator pods assignment | `[]` | +| `updateStrategy.type` | Contour Operator deployment strategy type | `RollingUpdate` | +| `priorityClassName` | Contour Operator pods' priorityClassName | `""` | +| `lifecycleHooks` | for the Contour Operator container(s) to automate configuration before or after startup | `{}` | +| `terminationGracePeriodSeconds` | Termination grace period in seconds | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `containerPorts.metrics` | Metrics port for the Contour Operator container | `8080` | +| `extraEnvVars` | Array with extra environment variables to add to Contour Operator nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Contour Operator nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Contour Operator nodes | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the Contour Operator pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Contour Operator container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the Contour Operator pod(s) | `[]` | +| `initContainers` | Add additional init containers to the Contour Operator pod(s) | `[]` | ### Other Parameters | Name | Description | Value | -|:----------------------------------------------|:-----------------------------------------------------|:-------| +| --------------------------------------------- | ---------------------------------------------------- | ------ | | `rbac.create` | Specifies whether RBAC resources should be created | `true` | | `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | | `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | @@ -237,7 +238,7 @@ This solution allows to easily deploy multiple Contour instances compared to the ### Metrics parameters | Name | Description | Value | -|:-------------------------------------------|:---------------------------------------------------------------------------------|:------------| +| ------------------------------------------ | -------------------------------------------------------------------------------- | ----------- | | `metrics.enabled` | Create a service for accessing the metrics endpoint | `false` | | `metrics.service.type` | Contour Operator metrics service type | `ClusterIP` | | `metrics.service.ports.http` | Contour Operator metrics service HTTP port | `80` | diff --git a/bitnami/contour-operator/values.yaml b/bitnami/contour-operator/values.yaml index 5103c105f6..2db430520f 100644 --- a/bitnami/contour-operator/values.yaml +++ b/bitnami/contour-operator/values.yaml @@ -53,7 +53,7 @@ extraDeploy: [] image: registry: docker.io repository: bitnami/contour-operator - tag: 1.20.1-scratch-r1 + tag: 1.20.1-scratch-r2 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images @@ -78,7 +78,7 @@ image: contourImage: registry: docker.io repository: bitnami/contour - tag: 1.20.1-debian-10-r19 + tag: 1.20.1-debian-10-r22 ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-contourImage-private-registry/ @@ -98,7 +98,7 @@ contourImage: envoyImage: registry: docker.io repository: bitnami/envoy - tag: 1.21.1-debian-10-r20 + tag: 1.21.1-debian-10-r23 ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-envoyImage-private-registry/ @@ -192,11 +192,13 @@ podSecurityContext: ## @param containerSecurityContext.enabled Enabled Contour Operator containers' Security Context ## @param containerSecurityContext.runAsUser Set Contour Operator containers' Security Context runAsUser ## @param containerSecurityContext.runAsNonRoot Set Contour Operator containers' Security Context runAsNonRoot +## @param containerSecurityContext.readOnlyRootFilesystem Mount / (root) as a readonly filesystem on Contour Operator containers ## containerSecurityContext: enabled: true runAsUser: 1001 runAsNonRoot: true + readOnlyRootFilesystem: true ## @param command Override default container command (useful when using custom images) ##