diff --git a/CHANGELOG.md b/CHANGELOG.md index cfd1fe4..420cd9e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,14 @@ and this project's packages adheres to [Semantic Versioning](http://semver.org/s ## [Unreleased] +### Added + +- Add NET_BIND_SERVICE capability back to containers. + +### Changed + +- Upgrade CoreDNS to [v1.11.1](https://github.com/coredns/coredns/releases/tag/v1.11.1). + ## [1.19.1] - 2023-11-20 ### Changed diff --git a/helm/coredns-app/Chart.yaml b/helm/coredns-app/Chart.yaml index 244e002..84204db 100644 --- a/helm/coredns-app/Chart.yaml +++ b/helm/coredns-app/Chart.yaml @@ -1,7 +1,7 @@ annotations: application.giantswarm.io/team: cabbage apiVersion: v2 -appVersion: 1.9.3 +appVersion: 1.11.1 description: A Helm chart for CoreDNS home: https://github.com/giantswarm/coredns-app icon: https://s.giantswarm.io/app-icons/coredns/1/dark.svg diff --git a/helm/coredns-app/templates/deployment-masters.yaml b/helm/coredns-app/templates/deployment-masters.yaml index 9d016ec..111fab4 100644 --- a/helm/coredns-app/templates/deployment-masters.yaml +++ b/helm/coredns-app/templates/deployment-masters.yaml @@ -73,6 +73,8 @@ spec: securityContext: allowPrivilegeEscalation: false capabilities: + add: + - NET_BIND_SERVICE drop: - ALL readOnlyRootFilesystem: true diff --git a/helm/coredns-app/templates/deployment-workers.yaml b/helm/coredns-app/templates/deployment-workers.yaml index 94bf12a..6af0e76 100644 --- a/helm/coredns-app/templates/deployment-workers.yaml +++ b/helm/coredns-app/templates/deployment-workers.yaml @@ -57,6 +57,8 @@ spec: securityContext: allowPrivilegeEscalation: false capabilities: + add: + - NET_BIND_SERVICE drop: - ALL readOnlyRootFilesystem: true diff --git a/helm/coredns-app/values.yaml b/helm/coredns-app/values.yaml index 9dd43d6..62216d2 100644 --- a/helm/coredns-app/values.yaml +++ b/helm/coredns-app/values.yaml @@ -42,7 +42,7 @@ configmap: image: registry: docker.io name: giantswarm/coredns - tag: 1.9.3 + tag: 1.11.1 updateStrategy: type: RollingUpdate