diff --git a/.circleci/config.yml b/.circleci/config.yml index 4932fa4e..3c363d8a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,15 +3,15 @@ version: 2.1 jobs: test: machine: - image: ubuntu-2004:202107-02 + image: ubuntu-2004:current environment: - HELM_VERSION: 3.7.1 + HELM_VERSION: 3.8.2 KUBEVAL_VERSION: v0.16.1 CONFTEST_VERSION: 0.27.0 - K8S_VERSIONS: 1.21.4 1.20.10 1.19.13 - KUBECTL_VERSION: v1.21.4 + K8S_VERSIONS: 1.22.9 1.21.4 1.20.10 + KUBECTL_VERSION: v1.22.8 KUBECONFIG: /home/circleci/.kube/config - MINIKUBE_VERSION: v1.23.0 + MINIKUBE_VERSION: v1.25.2 MINIKUBE_HOME: /home/circleci K8S_SCHEMAS: https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master steps: @@ -49,6 +49,7 @@ jobs: helm lint ./kube-iptables-tailer -f examples/kube-iptables-tailer/values.yaml helm lint ./squid -f examples/squid/values.yaml helm lint ./looker -f examples/looker/values.yaml + helm lint ./looker -f examples/op-scim-bridge/values.yaml - run: name: Execute helm template command: | @@ -56,6 +57,7 @@ jobs: helm template ./kube-iptables-tailer -f examples/kube-iptables-tailer/values.yaml > kube-iptables-tailer.yaml helm template ./squid -f examples/squid/values.yaml > squid.yaml helm template ./looker -f examples/looker/values.yaml > looker.yaml + helm template ./op-scim-bridge -f examples/op-scim-bridge/values.yaml > op-scim-bridge.yaml - run: name: Run kubeval on the charts to ensure kubernetes compability command: | @@ -65,6 +67,7 @@ jobs: kubeval -v $kv --strict kube-iptables-tailer.yaml --schema-location ${K8S_SCHEMAS} kubeval -v $kv --strict squid.yaml --schema-location ${K8S_SCHEMAS} kubeval -v $kv --strict looker.yaml --schema-location ${K8S_SCHEMAS} + kubeval -v $kv --strict op-scim-bridge.yaml --schema-location ${K8S_SCHEMAS} done - run: name: Run deprek8 @@ -73,6 +76,7 @@ jobs: conftest test -p deprek8.rego kube-iptables-tailer.yaml conftest test -p deprek8.rego squid.yaml conftest test -p deprek8.rego looker.yaml + conftest test -p deprek8.rego op-scim-bridge.yaml - run: name: start minikube command: | @@ -132,7 +136,7 @@ jobs: release: environment: - HELM_VERSION: 3.7.1 + HELM_VERSION: 3.8.2 docker: - image: circleci/python:3 steps: diff --git a/awx/Chart.yaml b/awx/Chart.yaml index 6f43dd9d..5ca305b5 100644 --- a/awx/Chart.yaml +++ b/awx/Chart.yaml @@ -12,4 +12,4 @@ maintainers: name: awx sources: - https://github.com/ansible/awx -version: 10.0.1 +version: 10.0.2 diff --git a/awx/templates/ingress.yaml b/awx/templates/ingress.yaml index 6f521e9a..9713fe1b 100644 --- a/awx/templates/ingress.yaml +++ b/awx/templates/ingress.yaml @@ -1,7 +1,7 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "awx.fullname" . -}} {{- $ingressPath := .Values.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ $fullName }} @@ -31,8 +31,11 @@ spec: http: paths: - path: {{ $ingressPath }} + pathType: ImplementationSpecific backend: - serviceName: {{ $fullName }} - servicePort: http + service: + name: {{ $fullName }} + port: + name: http {{- end }} {{- end }} diff --git a/examples/squid/values.yaml b/examples/squid/values.yaml index 8725f738..61105b07 100644 --- a/examples/squid/values.yaml +++ b/examples/squid/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: repository: honestica/squid - tag: 4-ff434982-c47b-47c3-b705-b2adb2730978 + tag: 4-04f05ba7-26aa-46dd-8ba0-a44cda1fef64 pullPolicy: IfNotPresent # imagePullSecrets: diff --git a/kube-iptables-tailer/README.md b/kube-iptables-tailer/README.md index 8d1d4577..19cab587 100644 --- a/kube-iptables-tailer/README.md +++ b/kube-iptables-tailer/README.md @@ -1,5 +1,5 @@ # Kube-iptables-tailer -[Kube-iptables-tailer](https://github.com/box/kube-iptables-tailer) is a service for better visibility on networking issues in Kubernetes clusters. +[Kube-iptables-tailer](https://github.com/box/kube-iptables-tailer) is a service for better visibility on networking issues in Kubernetes clusters. ## Prerequisites - Kubernetes with networkpolicy @@ -25,7 +25,7 @@ The following options are supported. See [values.yaml](values.yaml) for more de | Parameter | Description | Default | |---------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------| | `calico.loggingEnable` | Whether to enable global logging of iptable dropped packet with Calico. | `true` | -| `calico.apiVersion` | Version of calico crds. Check yours with `kubectl api-versions`. | `projectcalico.org/v3` | +| `calico.apiVersion` | Version of calico crds. Check yours with `kubectl api-versions`. When using calico tigera operator, this should be "projectcalico.org/v1" | `projectcalico.org/v3` | | `serviceAccount.create` | Whether to create a Kubernetes ServiceAccount if no account matching `serviceAccount.name` exists. | `true` | | `serviceAccount.name` | Name of the Kubernetes ServiceAccount under which Kube-iptables-tailer should run. If no value is specified and `serviceAccount.create` is `true`, Kube-iptables-tailer will be run under a ServiceAccount whose name is the FullName of the Helm chart's instance, else Kube-iptables-tailer will be run under the `default` ServiceAccount. | n/a | | `iptablesLogPath` | Absolute path to your iptables log file including the full file name. Should be "/var/log/kern.log" if your are not redirecting logs to a specific file. | "/var/log/iptables.log" | diff --git a/kube-iptables-tailer/values.yaml b/kube-iptables-tailer/values.yaml index 7246e254..cf11f26b 100644 --- a/kube-iptables-tailer/values.yaml +++ b/kube-iptables-tailer/values.yaml @@ -41,6 +41,7 @@ serviceAccount: calico: loggingEnable: true # check your apiversion with `kubectl api-versions` + # when using calico tigera operator, this should be "projectcalico.org/v1" apiVersion: projectcalico.org/v3 resources: {} diff --git a/squid/Chart.yaml b/squid/Chart.yaml index ab6e6c7d..fcec349b 100644 --- a/squid/Chart.yaml +++ b/squid/Chart.yaml @@ -15,4 +15,4 @@ maintainers: sources: - https://github.com/squid-cache/squid -version: 0.4.1 \ No newline at end of file +version: 0.4.2 \ No newline at end of file diff --git a/squid/templates/_helpers.tpl b/squid/templates/_helpers.tpl index 2e1e4836..8ac90144 100644 --- a/squid/templates/_helpers.tpl +++ b/squid/templates/_helpers.tpl @@ -30,3 +30,18 @@ Create chart name and version as used by the chart label. {{- define "squid.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for ingress +*/}} +{{- define "squid.ingress.apiVersion" -}} +{{- if .Values.apiVersionOverrides.ingress -}} +{{- print .Values.apiVersionOverrides.ingress -}} +{{- else if semverCompare "<1.14-0" (substr 1 -1 .Capabilities.KubeVersion.GitVersion) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (substr 1 -1 .Capabilities.KubeVersion.GitVersion) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} diff --git a/squid/templates/ingress.yaml b/squid/templates/ingress.yaml index 1b4fae07..09c16599 100644 --- a/squid/templates/ingress.yaml +++ b/squid/templates/ingress.yaml @@ -1,11 +1,8 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "squid.fullname" . -}} {{- $ingressPath := .Values.ingress.path -}} -{{- if (semverCompare ">=1.14-0" (substr 1 -1 .Capabilities.KubeVersion.GitVersion)) }} -apiVersion: networking.k8s.io/v1beta1 -{{- else }} -apiVersion: extensions/v1beta1 -{{- end }} +{{- $ingressPathType := .Values.ingress.pathType -}} +apiVersion: {{ include "squid.ingress.apiVersion" $ }} kind: Ingress metadata: name: {{ $fullName }} @@ -35,8 +32,18 @@ spec: http: paths: - path: {{ $ingressPath }} + {{- if eq (include "squid.ingress.apiVersion" $) "networking.k8s.io/v1" }} + pathType: {{ $ingressPathType }} + {{- end }} backend: + {{- if eq (include "squid.ingress.apiVersion" $) "networking.k8s.io/v1" }} + service: + name: {{ $fullName }} + port: + name: http + {{- else }} serviceName: {{ $fullName }} servicePort: http + {{- end }} {{- end }} {{- end }} diff --git a/squid/values.yaml b/squid/values.yaml index 7557e827..f3001238 100644 --- a/squid/values.yaml +++ b/squid/values.yaml @@ -4,6 +4,10 @@ replicaCount: 1 +apiVersionOverrides: {} +## Override ingress api auto detection: +# ingress: networking.k8s.io/v1 + image: repository: honestica/squid tag: 4-ff434982-c47b-47c3-b705-b2adb2730978 @@ -25,6 +29,7 @@ ingress: # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" path: / + pathType: Prefix hosts: - chart-example.local tls: []