From 7963d5dfabbc67e0ccc9e601f0b9c3caad5d9edc Mon Sep 17 00:00:00 2001 From: lgtm <1gtm@users.noreply.github.com> Date: Tue, 12 Mar 2024 10:31:05 -0700 Subject: [PATCH] Prepare for release v2024.3.12 (#229) ProductLine: KubeVault Release: v2024.3.12 Release-tracker: https://github.com/kubevault/CHANGELOG/pull/49 Signed-off-by: 1gtm <1gtm@appscode.com> --- .../raw/vaultserver/vaultserver-0.11.5.yaml | 2 +- .../raw/vaultserver/vaultserver-1.10.3.yaml | 2 +- .../raw/vaultserver/vaultserver-1.11.5.yaml | 2 +- .../raw/vaultserver/vaultserver-1.12.1.yaml | 2 +- .../raw/vaultserver/vaultserver-1.13.3.yaml | 2 +- .../raw/vaultserver/vaultserver-1.2.0.yaml | 2 +- .../raw/vaultserver/vaultserver-1.2.2.yaml | 2 +- .../raw/vaultserver/vaultserver-1.2.3.yaml | 2 +- .../raw/vaultserver/vaultserver-1.5.9.yaml | 2 +- .../raw/vaultserver/vaultserver-1.6.5.yaml | 2 +- .../raw/vaultserver/vaultserver-1.7.2.yaml | 2 +- .../raw/vaultserver/vaultserver-1.7.3.yaml | 2 +- .../raw/vaultserver/vaultserver-1.8.2.yaml | 2 +- .../raw/vaultserver/vaultserver-1.9.2.yaml | 2 +- charts/kubevault-catalog/Chart.yaml | 4 +- charts/kubevault-catalog/README.md | 10 +- .../vaultserver/vaultserver-0.11.5.yaml | 2 +- .../vaultserver/vaultserver-1.10.3.yaml | 2 +- .../vaultserver/vaultserver-1.11.5.yaml | 2 +- .../vaultserver/vaultserver-1.12.1.yaml | 2 +- .../vaultserver/vaultserver-1.13.3.yaml | 2 +- .../vaultserver/vaultserver-1.2.0.yaml | 2 +- .../vaultserver/vaultserver-1.2.2.yaml | 2 +- .../vaultserver/vaultserver-1.2.3.yaml | 2 +- .../vaultserver/vaultserver-1.5.9.yaml | 2 +- .../vaultserver/vaultserver-1.6.5.yaml | 2 +- .../vaultserver/vaultserver-1.7.2.yaml | 2 +- .../vaultserver/vaultserver-1.7.3.yaml | 2 +- .../vaultserver/vaultserver-1.8.2.yaml | 2 +- .../vaultserver/vaultserver-1.9.2.yaml | 2 +- charts/kubevault-crds/Chart.yaml | 4 +- charts/kubevault-crds/README.md | 6 +- .../crds/engine.kubevault.com_pkiroles.yaml | 161 ++++++++++++ ...ne.kubevault.com_secretaccessrequests.yaml | 16 ++ .../engine.kubevault.com_secretengines.yaml | 61 +++++ ...icy.kubevault.com_vaultpolicybindings.yaml | 3 + .../kubevault-grafana-dashboards/Chart.yaml | 4 +- charts/kubevault-grafana-dashboards/README.md | 10 +- charts/kubevault-metrics/Chart.yaml | 4 +- charts/kubevault-metrics/README.md | 6 +- charts/kubevault-operator/Chart.yaml | 4 +- charts/kubevault-operator/README.md | 10 +- charts/kubevault-opscenter/Chart.lock | 8 +- charts/kubevault-opscenter/Chart.yaml | 8 +- charts/kubevault-opscenter/README.md | 10 +- charts/kubevault-webhook-server/Chart.yaml | 4 +- charts/kubevault-webhook-server/README.md | 10 +- charts/kubevault/Chart.lock | 12 +- charts/kubevault/Chart.yaml | 12 +- charts/kubevault/README.md | 10 +- charts/secrets-store-reader/Chart.yaml | 4 +- charts/secrets-store-reader/README.md | 10 +- crds/kubevault-crds.yaml | 243 ++++++++++++++++++ 53 files changed, 587 insertions(+), 103 deletions(-) create mode 100644 charts/kubevault-crds/crds/engine.kubevault.com_pkiroles.yaml diff --git a/catalog/raw/vaultserver/vaultserver-0.11.5.yaml b/catalog/raw/vaultserver/vaultserver-0.11.5.yaml index 176a00e0..b53de2a6 100644 --- a/catalog/raw/vaultserver/vaultserver-0.11.5.yaml +++ b/catalog/raw/vaultserver/vaultserver-0.11.5.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:0.11.5 version: 0.11.5 diff --git a/catalog/raw/vaultserver/vaultserver-1.10.3.yaml b/catalog/raw/vaultserver/vaultserver-1.10.3.yaml index 5fcc3258..5f3a41ae 100644 --- a/catalog/raw/vaultserver/vaultserver-1.10.3.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.10.3.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.10.3 version: 1.10.3 diff --git a/catalog/raw/vaultserver/vaultserver-1.11.5.yaml b/catalog/raw/vaultserver/vaultserver-1.11.5.yaml index 2ed79c91..6dbae5bc 100644 --- a/catalog/raw/vaultserver/vaultserver-1.11.5.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.11.5.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.11.5 version: 1.11.5 diff --git a/catalog/raw/vaultserver/vaultserver-1.12.1.yaml b/catalog/raw/vaultserver/vaultserver-1.12.1.yaml index 1a8af961..4fee4fc0 100644 --- a/catalog/raw/vaultserver/vaultserver-1.12.1.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.12.1.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.12.1 version: 1.12.1 diff --git a/catalog/raw/vaultserver/vaultserver-1.13.3.yaml b/catalog/raw/vaultserver/vaultserver-1.13.3.yaml index 2fa3b369..bb071f08 100644 --- a/catalog/raw/vaultserver/vaultserver-1.13.3.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.13.3.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.13.3 version: 1.13.3 diff --git a/catalog/raw/vaultserver/vaultserver-1.2.0.yaml b/catalog/raw/vaultserver/vaultserver-1.2.0.yaml index e02549ce..ed3eaa15 100644 --- a/catalog/raw/vaultserver/vaultserver-1.2.0.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.2.0.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.2.0 version: 1.2.0 diff --git a/catalog/raw/vaultserver/vaultserver-1.2.2.yaml b/catalog/raw/vaultserver/vaultserver-1.2.2.yaml index 78086be4..6aa7acc3 100644 --- a/catalog/raw/vaultserver/vaultserver-1.2.2.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.2.2.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.2.2 version: 1.2.2 diff --git a/catalog/raw/vaultserver/vaultserver-1.2.3.yaml b/catalog/raw/vaultserver/vaultserver-1.2.3.yaml index a837891e..c0de660a 100644 --- a/catalog/raw/vaultserver/vaultserver-1.2.3.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.2.3.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.2.3 version: 1.2.3 diff --git a/catalog/raw/vaultserver/vaultserver-1.5.9.yaml b/catalog/raw/vaultserver/vaultserver-1.5.9.yaml index 160e6426..61a27157 100644 --- a/catalog/raw/vaultserver/vaultserver-1.5.9.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.5.9.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.5.9 version: 1.5.9 diff --git a/catalog/raw/vaultserver/vaultserver-1.6.5.yaml b/catalog/raw/vaultserver/vaultserver-1.6.5.yaml index 5fee336f..0c13ae81 100644 --- a/catalog/raw/vaultserver/vaultserver-1.6.5.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.6.5.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.6.5 version: 1.6.5 diff --git a/catalog/raw/vaultserver/vaultserver-1.7.2.yaml b/catalog/raw/vaultserver/vaultserver-1.7.2.yaml index 79c5b5c6..f836c381 100644 --- a/catalog/raw/vaultserver/vaultserver-1.7.2.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.7.2.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.7.2 version: 1.7.2 diff --git a/catalog/raw/vaultserver/vaultserver-1.7.3.yaml b/catalog/raw/vaultserver/vaultserver-1.7.3.yaml index f47a3b22..897d78a0 100644 --- a/catalog/raw/vaultserver/vaultserver-1.7.3.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.7.3.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.7.3 version: 1.7.3 diff --git a/catalog/raw/vaultserver/vaultserver-1.8.2.yaml b/catalog/raw/vaultserver/vaultserver-1.8.2.yaml index 10fdb29e..760fa040 100644 --- a/catalog/raw/vaultserver/vaultserver-1.8.2.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.8.2.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.8.2 version: 1.8.2 diff --git a/catalog/raw/vaultserver/vaultserver-1.9.2.yaml b/catalog/raw/vaultserver/vaultserver-1.9.2.yaml index 38a16a22..41b173fd 100644 --- a/catalog/raw/vaultserver/vaultserver-1.9.2.yaml +++ b/catalog/raw/vaultserver/vaultserver-1.9.2.yaml @@ -12,7 +12,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: kubevault/vault-unsealer:v0.17.0 + image: kubevault/vault-unsealer:v0.18.0 vault: image: vault:1.9.2 version: 1.9.2 diff --git a/charts/kubevault-catalog/Chart.yaml b/charts/kubevault-catalog/Chart.yaml index 4d064a8e..c52c771f 100644 --- a/charts/kubevault-catalog/Chart.yaml +++ b/charts/kubevault-catalog/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: KubeVault Catalog by AppsCode - Catalog for KubeVault supported versions name: kubevault-catalog -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/icons/android-icon-192x192.png sources: diff --git a/charts/kubevault-catalog/README.md b/charts/kubevault-catalog/README.md index a6a3dc6c..89e6958c 100644 --- a/charts/kubevault-catalog/README.md +++ b/charts/kubevault-catalog/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-catalog --version=v2024.1.31 -$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault-catalog --version=v2024.3.12 +$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys HashiCorp KubeVault Catalog on a [Kubernetes](http://kubernet To install/upgrade the chart with the release name `kubevault-catalog`: ```bash -$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys HashiCorp KubeVault Catalog on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -60,12 +60,12 @@ The following table lists the configurable parameters of the `kubevault-catalog` Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.1.31 --set proxies.ghcr=ghcr.io +$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.3.12 --set proxies.ghcr=ghcr.io ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.1.31 --values values.yaml +$ helm upgrade -i kubevault-catalog appscode/kubevault-catalog -n kubevault --create-namespace --version=v2024.3.12 --values values.yaml ``` diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-0.11.5.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-0.11.5.yaml index b04bf539..7eaca9fd 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-0.11.5.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-0.11.5.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:0.11.5' version: 0.11.5 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.10.3.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.10.3.yaml index 59ca6d97..943aa92a 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.10.3.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.10.3.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.10.3' version: 1.10.3 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.11.5.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.11.5.yaml index ad43c14b..7c261c5b 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.11.5.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.11.5.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.11.5' version: 1.11.5 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.12.1.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.12.1.yaml index f1fd953d..ad184dc5 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.12.1.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.12.1.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.12.1' version: 1.12.1 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.13.3.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.13.3.yaml index 8fc5c23b..84d98093 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.13.3.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.13.3.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.13.3' version: 1.13.3 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.0.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.0.yaml index 4e706c68..8d4ce343 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.0.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.0.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.2.0' version: 1.2.0 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.2.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.2.yaml index a0075dc5..d5028815 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.2.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.2.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.2.2' version: 1.2.2 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.3.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.3.yaml index 28f4bfba..fe07c947 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.3.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.2.3.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.2.3' version: 1.2.3 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.5.9.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.5.9.yaml index f7157bfb..21b44bb3 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.5.9.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.5.9.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.5.9' version: 1.5.9 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.6.5.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.6.5.yaml index 59b9ae5d..82747775 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.6.5.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.6.5.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.6.5' version: 1.6.5 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.2.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.2.yaml index 6822b681..7f156407 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.2.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.2.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.7.2' version: 1.7.2 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.3.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.3.yaml index 70479d03..d19b796c 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.3.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.7.3.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.7.3' version: 1.7.3 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.8.2.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.8.2.yaml index 94abc48c..336545fa 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.8.2.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.8.2.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.8.2' version: 1.8.2 diff --git a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.9.2.yaml b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.9.2.yaml index 98c115c6..9869bd16 100644 --- a/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.9.2.yaml +++ b/charts/kubevault-catalog/templates/vaultserver/vaultserver-1.9.2.yaml @@ -14,7 +14,7 @@ spec: restoreTask: name: vault-restore-1.10.3 unsealer: - image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.17.0' + image: '{{ include "image.dockerHub" (merge (dict "_repo" "kubevault/vault-unsealer") $) }}:v0.18.0' vault: image: '{{ include "image.dockerLibrary" (merge (dict "_repo" "vault") $) }}:1.9.2' version: 1.9.2 diff --git a/charts/kubevault-crds/Chart.yaml b/charts/kubevault-crds/Chart.yaml index 08c804ae..30771482 100644 --- a/charts/kubevault-crds/Chart.yaml +++ b/charts/kubevault-crds/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubevault-crds description: KubeVault Custom Resource Definitions type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/icons/android-icon-192x192.png sources: diff --git a/charts/kubevault-crds/README.md b/charts/kubevault-crds/README.md index 994a53cf..95d3043b 100644 --- a/charts/kubevault-crds/README.md +++ b/charts/kubevault-crds/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-crds --version=v2024.1.31 -$ helm upgrade -i kubevault-crds appscode/kubevault-crds -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault-crds --version=v2024.3.12 +$ helm upgrade -i kubevault-crds appscode/kubevault-crds -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys KubeVault crds on a [Kubernetes](http://kubernetes.io) cluste To install/upgrade the chart with the release name `kubevault-crds`: ```bash -$ helm upgrade -i kubevault-crds appscode/kubevault-crds -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault-crds appscode/kubevault-crds -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys KubeVault crds on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. diff --git a/charts/kubevault-crds/crds/engine.kubevault.com_pkiroles.yaml b/charts/kubevault-crds/crds/engine.kubevault.com_pkiroles.yaml new file mode 100644 index 00000000..79da5752 --- /dev/null +++ b/charts/kubevault-crds/crds/engine.kubevault.com_pkiroles.yaml @@ -0,0 +1,161 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: kubevault + name: pkiroles.engine.kubevault.com +spec: + group: engine.kubevault.com + names: + categories: + - vault + - appscode + - all + kind: PKIRole + listKind: PKIRoleList + plural: pkiroles + singular: pkirole + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'PKIRoleSpec contains connection information, PKI role info, + etc More info: https://developer.hashicorp.com/vault/api-docs/secret/pki#create-update-role' + properties: + additionalPayload: + additionalProperties: + type: string + type: object + allowSubdomains: + type: boolean + allowedDomains: + items: + type: string + type: array + country: + type: string + issuerRef: + type: string + maxTTL: + type: string + organization: + type: string + ou: + type: string + secretEngineRef: + description: SecretEngineRef is the name of a Secret Engine + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + ttl: + type: string + required: + - secretEngineRef + type: object + status: + properties: + conditions: + description: Represents the latest available observations of a MySQLRole + current state. + items: + description: Condition defines an observation of a object operational + state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. This field may be empty. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.condition[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + type: integer + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether this field + is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary util can be useful (see + .node.status.util), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this MySQLRole. It corresponds to the MySQLRole's generation, + which is updated on mutation by the API Server. + format: int64 + type: integer + phase: + type: string + policyRef: + description: ObjectReference contains enough information to let you + inspect or modify the referred object. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + required: + - name + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/kubevault-crds/crds/engine.kubevault.com_secretaccessrequests.yaml b/charts/kubevault-crds/crds/engine.kubevault.com_secretaccessrequests.yaml index 2c28b585..d29a742c 100644 --- a/charts/kubevault-crds/crds/engine.kubevault.com_secretaccessrequests.yaml +++ b/charts/kubevault-crds/crds/engine.kubevault.com_secretaccessrequests.yaml @@ -79,6 +79,22 @@ spec: TYPE_PKCS12_FILE, TYPE_GOOGLE_CREDENTIALS_FILE' type: string type: object + pki: + description: https://developer.hashicorp.com/vault/api-docs/secret/pki#generate-certificate-and-key + properties: + additionalPayload: + additionalProperties: + type: string + type: object + altNames: + type: string + commonName: + type: string + issuerRef: + type: string + ttl: + type: string + type: object roleRef: description: Contains vault database role info properties: diff --git a/charts/kubevault-crds/crds/engine.kubevault.com_secretengines.yaml b/charts/kubevault-crds/crds/engine.kubevault.com_secretengines.yaml index 09bd0d86..18b64d7d 100644 --- a/charts/kubevault-crds/crds/engine.kubevault.com_secretengines.yaml +++ b/charts/kubevault-crds/crds/engine.kubevault.com_secretengines.yaml @@ -383,6 +383,67 @@ spec: required: - databaseRef type: object + pki: + description: https://developer.hashicorp.com/vault/api-docs/secret/pki#generate-root + PKIConfiguration contains information about PKI Secret Engine + properties: + additionalPayload: + additionalProperties: + type: string + type: object + altNames: + type: string + commonName: + type: string + country: + type: string + isRootCA: + type: boolean + issuerName: + type: string + maxPathLength: + type: integer + organization: + type: string + ou: + type: string + parentCARef: + description: ObjectReference contains enough information to let + you inspect or modify the referred object. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + required: + - name + type: object + ttl: + type: string + type: + type: string + urls: + properties: + crlDistributionPoints: + items: + type: string + type: array + enableTemplating: + type: boolean + issuingCertificates: + items: + type: string + type: array + ocspServers: + items: + type: string + type: array + type: object + required: + - isRootCA + type: object postgres: description: PostgresConfiguration defines a PostgreSQL app configuration. https://www.vaultproject.io/api/secret/databases/index.html https://www.vaultproject.io/api/secret/databases/postgresql.html#configure-connection diff --git a/charts/kubevault-crds/crds/policy.kubevault.com_vaultpolicybindings.yaml b/charts/kubevault-crds/crds/policy.kubevault.com_vaultpolicybindings.yaml index 24f6e625..211ca535 100644 --- a/charts/kubevault-crds/crds/policy.kubevault.com_vaultpolicybindings.yaml +++ b/charts/kubevault-crds/crds/policy.kubevault.com_vaultpolicybindings.yaml @@ -292,6 +292,9 @@ spec: description: 'Kubernetes refers to Vault users who are authenticated via Kubernetes auth method More info: https://www.vaultproject.io/docs/auth/kubernetes.html#configuration' properties: + audience: + description: Optional Audience claim to verify in the JWT. + type: string maxTTL: description: Specifies the maximum allowed lifetime of tokens issued in seconds using this role. diff --git a/charts/kubevault-grafana-dashboards/Chart.yaml b/charts/kubevault-grafana-dashboards/Chart.yaml index 22341425..6f0916a3 100644 --- a/charts/kubevault-grafana-dashboards/Chart.yaml +++ b/charts/kubevault-grafana-dashboards/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubevault-grafana-dashboards description: A Helm chart for kubevault-grafana-dashboards by AppsCode type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://github.com/kubevault icon: https://cdn.appscode.com/images/products/kubevault/kubevault-icon.png sources: diff --git a/charts/kubevault-grafana-dashboards/README.md b/charts/kubevault-grafana-dashboards/README.md index 321be406..618b3402 100644 --- a/charts/kubevault-grafana-dashboards/README.md +++ b/charts/kubevault-grafana-dashboards/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-grafana-dashboards --version=v2024.1.31 -$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault-grafana-dashboards --version=v2024.3.12 +$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a KubeVault Grafana Dashboards on a [Kubernetes](http://kuber To install/upgrade the chart with the release name `kubevault-grafana-dashboards`: ```bash -$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.3.12 ``` The command deploys a KubeVault Grafana Dashboards on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -61,12 +61,12 @@ The following table lists the configurable parameters of the `kubevault-grafana- Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.1.31 --set resources=["vaultserver"] +$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.3.12 --set resources=["vaultserver"] ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.1.31 --values values.yaml +$ helm upgrade -i kubevault-grafana-dashboards appscode/kubevault-grafana-dashboards -n kubeops --create-namespace --version=v2024.3.12 --values values.yaml ``` diff --git a/charts/kubevault-metrics/Chart.yaml b/charts/kubevault-metrics/Chart.yaml index def1bbc7..42ee318f 100644 --- a/charts/kubevault-metrics/Chart.yaml +++ b/charts/kubevault-metrics/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubevault-metrics description: KubeVault State Metrics type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/kubevault-community-icon.png sources: diff --git a/charts/kubevault-metrics/README.md b/charts/kubevault-metrics/README.md index bd4d04da..fe6b440b 100644 --- a/charts/kubevault-metrics/README.md +++ b/charts/kubevault-metrics/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-metrics --version=v2024.1.31 -$ helm upgrade -i kubevault-metrics appscode/kubevault-metrics -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault-metrics --version=v2024.3.12 +$ helm upgrade -i kubevault-metrics appscode/kubevault-metrics -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys KubeVault metrics configurations on a [Kubernetes](http://kub To install/upgrade the chart with the release name `kubevault-metrics`: ```bash -$ helm upgrade -i kubevault-metrics appscode/kubevault-metrics -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault-metrics appscode/kubevault-metrics -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys KubeVault metrics configurations on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. diff --git a/charts/kubevault-operator/Chart.yaml b/charts/kubevault-operator/Chart.yaml index cffba368..5fe97d84 100755 --- a/charts/kubevault-operator/Chart.yaml +++ b/charts/kubevault-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: KubeVault Operator by AppsCode - HashiCorp Vault operator for Kubernetes name: kubevault-operator -version: v0.17.0 -appVersion: v0.17.0 +version: v0.18.0 +appVersion: v0.18.0 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/icons/android-icon-192x192.png sources: diff --git a/charts/kubevault-operator/README.md b/charts/kubevault-operator/README.md index b9681120..5afd17cc 100644 --- a/charts/kubevault-operator/README.md +++ b/charts/kubevault-operator/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-operator --version=v0.17.0 -$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.17.0 +$ helm search repo appscode/kubevault-operator --version=v0.18.0 +$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.18.0 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a HashiCorp Vault operator on a [Kubernetes](http://kubernete To install/upgrade the chart with the release name `kubevault-operator`: ```bash -$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.17.0 +$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.18.0 ``` The command deploys a HashiCorp Vault operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -87,12 +87,12 @@ The following table lists the configurable parameters of the `kubevault-operator Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.17.0 --set replicaCount=1 +$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.18.0 --set replicaCount=1 ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.17.0 --values values.yaml +$ helm upgrade -i kubevault-operator appscode/kubevault-operator -n kubevault --create-namespace --version=v0.18.0 --values values.yaml ``` diff --git a/charts/kubevault-opscenter/Chart.lock b/charts/kubevault-opscenter/Chart.lock index 84cb59fe..062edb04 100644 --- a/charts/kubevault-opscenter/Chart.lock +++ b/charts/kubevault-opscenter/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: kubevault-metrics repository: file://../kubevault-metrics - version: v2024.1.31 + version: v2024.3.12 - name: kubevault-grafana-dashboards repository: file://../kubevault-grafana-dashboards - version: v2024.1.31 -digest: sha256:2d9db086bc74d6758aa95c7c7449a079efae2433eb6c92631933b6a1ada50395 -generated: "2024-01-31T16:46:33.436305976Z" + version: v2024.3.12 +digest: sha256:b0cbc951ea2255fe226cd7287e2aec4f1483e891ef348428874a257cb54ae192 +generated: "2024-03-12T17:24:24.681395561Z" diff --git a/charts/kubevault-opscenter/Chart.yaml b/charts/kubevault-opscenter/Chart.yaml index eaba45e9..c6841563 100644 --- a/charts/kubevault-opscenter/Chart.yaml +++ b/charts/kubevault-opscenter/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubevault-opscenter description: KubeVault Opscenter by AppsCode type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/kubevault-icon.png sources: @@ -15,8 +15,8 @@ dependencies: - name: kubevault-metrics repository: file://../kubevault-metrics condition: kubevault-metrics.enabled - version: v2024.1.31 + version: v2024.3.12 - name: kubevault-grafana-dashboards repository: file://../kubevault-grafana-dashboards condition: kubevault-grafana-dashboards.enabled - version: v2024.1.31 + version: v2024.3.12 diff --git a/charts/kubevault-opscenter/README.md b/charts/kubevault-opscenter/README.md index a6a62402..61d0dd0e 100644 --- a/charts/kubevault-opscenter/README.md +++ b/charts/kubevault-opscenter/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-opscenter --version=v2024.1.31 -$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault-opscenter --version=v2024.3.12 +$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a KubeVault Opscenter on a [Kubernetes](http://kubernetes.io) To install/upgrade the chart with the release name `kubevault-opscenter`: ```bash -$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys a KubeVault Opscenter on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -60,12 +60,12 @@ The following table lists the configurable parameters of the `kubevault-opscente Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.1.31 --set global.registryFQDN=ghcr.io +$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.3.12 --set global.registryFQDN=ghcr.io ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.1.31 --values values.yaml +$ helm upgrade -i kubevault-opscenter appscode/kubevault-opscenter -n kubevault --create-namespace --version=v2024.3.12 --values values.yaml ``` diff --git a/charts/kubevault-webhook-server/Chart.yaml b/charts/kubevault-webhook-server/Chart.yaml index 4fb7b3a4..d19a6c95 100755 --- a/charts/kubevault-webhook-server/Chart.yaml +++ b/charts/kubevault-webhook-server/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: KubeVault Webhook Server by AppsCode name: kubevault-webhook-server -version: v0.17.0 -appVersion: v0.17.0 +version: v0.18.0 +appVersion: v0.18.0 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/kubevault-community-icon.png sources: diff --git a/charts/kubevault-webhook-server/README.md b/charts/kubevault-webhook-server/README.md index 8dc268eb..97b920b8 100644 --- a/charts/kubevault-webhook-server/README.md +++ b/charts/kubevault-webhook-server/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault-webhook-server --version=v0.17.0 -$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.17.0 +$ helm search repo appscode/kubevault-webhook-server --version=v0.18.0 +$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.18.0 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a KubeVault webhook server on a [Kubernetes](http://kubernete To install/upgrade the chart with the release name `kubevault-webhook-server`: ```bash -$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.17.0 +$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.18.0 ``` The command deploys a KubeVault webhook server on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -91,12 +91,12 @@ The following table lists the configurable parameters of the `kubevault-webhook- Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.17.0 --set replicaCount=1 +$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.18.0 --set replicaCount=1 ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.17.0 --values values.yaml +$ helm upgrade -i kubevault-webhook-server appscode/kubevault-webhook-server -n kubevault --create-namespace --version=v0.18.0 --values values.yaml ``` diff --git a/charts/kubevault/Chart.lock b/charts/kubevault/Chart.lock index d8e27eed..c1703662 100644 --- a/charts/kubevault/Chart.lock +++ b/charts/kubevault/Chart.lock @@ -1,15 +1,15 @@ dependencies: - name: kubevault-crds repository: file://../kubevault-crds - version: v2024.1.31 + version: v2024.3.12 - name: kubevault-catalog repository: file://../kubevault-catalog - version: v2024.1.31 + version: v2024.3.12 - name: kubevault-operator repository: file://../kubevault-operator - version: v0.17.0 + version: v0.18.0 - name: kubevault-webhook-server repository: file://../kubevault-webhook-server - version: v0.17.0 -digest: sha256:2dc710b222bb11ef26b1db08614558e3b5ca2f001366de00978b1ded30fe81bc -generated: "2024-01-31T16:46:33.306140067Z" + version: v0.18.0 +digest: sha256:c02f93c4acdddfbd107ce6a386f992782aeff496e478bbca93dbab1233d5ef9d +generated: "2024-03-12T17:24:24.56379597Z" diff --git a/charts/kubevault/Chart.yaml b/charts/kubevault/Chart.yaml index 8fdb952c..82e8438e 100644 --- a/charts/kubevault/Chart.yaml +++ b/charts/kubevault/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubevault description: KubeVault by AppsCode - HashiCorp Vault operator for Kubernetes type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://kubevault.com icon: https://cdn.appscode.com/images/products/kubevault/kubevault-icon.png sources: @@ -14,17 +14,17 @@ maintainers: dependencies: - name: kubevault-crds repository: file://../kubevault-crds - version: v2024.1.31 + version: v2024.3.12 condition: kubevault-crds.enabled - name: kubevault-catalog repository: file://../kubevault-catalog - version: v2024.1.31 + version: v2024.3.12 condition: kubevault-catalog.enabled - name: kubevault-operator repository: file://../kubevault-operator - version: v0.17.0 + version: v0.18.0 condition: kubevault-operator.enabled - name: kubevault-webhook-server repository: file://../kubevault-webhook-server - version: v0.17.0 + version: v0.18.0 condition: kubevault-webhook-server.enabled diff --git a/charts/kubevault/README.md b/charts/kubevault/README.md index c8e9a0e5..0e9c168b 100644 --- a/charts/kubevault/README.md +++ b/charts/kubevault/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/kubevault --version=v2024.1.31 -$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/kubevault --version=v2024.3.12 +$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a KubeVault operator on a [Kubernetes](http://kubernetes.io) To install/upgrade the chart with the release name `kubevault`: ```bash -$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys a KubeVault operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -62,12 +62,12 @@ The following table lists the configurable parameters of the `kubevault` chart a Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.1.31 --set global.registry=kubevault +$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.3.12 --set global.registry=kubevault ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.1.31 --values values.yaml +$ helm upgrade -i kubevault appscode/kubevault -n kubevault --create-namespace --version=v2024.3.12 --values values.yaml ``` diff --git a/charts/secrets-store-reader/Chart.yaml b/charts/secrets-store-reader/Chart.yaml index b1e6f949..f3306f4e 100755 --- a/charts/secrets-store-reader/Chart.yaml +++ b/charts/secrets-store-reader/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: secrets-store-reader description: A Helm chart for secrets-store-reader by AppsCode type: application -version: v2024.1.31 -appVersion: v2024.1.31 +version: v2024.3.12 +appVersion: v2024.3.12 home: https://github.com/kubevault/secrets-store-reader icon: https://cdn.appscode.com/images/products/kubevault/icons/android-icon-192x192.png sources: diff --git a/charts/secrets-store-reader/README.md b/charts/secrets-store-reader/README.md index c6242da8..9827911e 100644 --- a/charts/secrets-store-reader/README.md +++ b/charts/secrets-store-reader/README.md @@ -7,8 +7,8 @@ ```bash $ helm repo add appscode https://charts.appscode.com/stable/ $ helm repo update -$ helm search repo appscode/secrets-store-reader --version=v2024.1.31 -$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.1.31 +$ helm search repo appscode/secrets-store-reader --version=v2024.3.12 +$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.3.12 ``` ## Introduction @@ -24,7 +24,7 @@ This chart deploys a Secrets Store Reader api server on a [Kubernetes](http://ku To install/upgrade the chart with the release name `secrets-store-reader`: ```bash -$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.1.31 +$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.3.12 ``` The command deploys a Secrets Store Reader api server on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. @@ -84,12 +84,12 @@ The following table lists the configurable parameters of the `secrets-store-read Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade -i`. For example: ```bash -$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.1.31 --set replicaCount=1 +$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.3.12 --set replicaCount=1 ``` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: ```bash -$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.1.31 --values values.yaml +$ helm upgrade -i secrets-store-reader appscode/secrets-store-reader -n kubevault --create-namespace --version=v2024.3.12 --values values.yaml ``` diff --git a/crds/kubevault-crds.yaml b/crds/kubevault-crds.yaml index db35daca..9119bc51 100644 --- a/crds/kubevault-crds.yaml +++ b/crds/kubevault-crds.yaml @@ -1345,6 +1345,169 @@ spec: subresources: status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/name: kubevault + name: pkiroles.engine.kubevault.com +spec: + group: engine.kubevault.com + names: + categories: + - vault + - appscode + - all + kind: PKIRole + listKind: PKIRoleList + plural: pkiroles + singular: pkirole + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.phase + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'PKIRoleSpec contains connection information, PKI role info, + etc More info: https://developer.hashicorp.com/vault/api-docs/secret/pki#create-update-role' + properties: + additionalPayload: + additionalProperties: + type: string + type: object + allowSubdomains: + type: boolean + allowedDomains: + items: + type: string + type: array + country: + type: string + issuerRef: + type: string + maxTTL: + type: string + organization: + type: string + ou: + type: string + secretEngineRef: + description: SecretEngineRef is the name of a Secret Engine + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + ttl: + type: string + required: + - secretEngineRef + type: object + status: + properties: + conditions: + description: Represents the latest available observations of a MySQLRole + current state. + items: + description: Condition defines an observation of a object operational + state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. This field may be empty. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.condition[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + type: integer + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether this field + is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary util can be useful (see + .node.status.util), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this MySQLRole. It corresponds to the MySQLRole's generation, + which is updated on mutation by the API Server. + format: int64 + type: integer + phase: + type: string + policyRef: + description: ObjectReference contains enough information to let you + inspect or modify the referred object. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + required: + - name + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} + --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -1770,6 +1933,22 @@ spec: TYPE_PKCS12_FILE, TYPE_GOOGLE_CREDENTIALS_FILE' type: string type: object + pki: + description: https://developer.hashicorp.com/vault/api-docs/secret/pki#generate-certificate-and-key + properties: + additionalPayload: + additionalProperties: + type: string + type: object + altNames: + type: string + commonName: + type: string + issuerRef: + type: string + ttl: + type: string + type: object roleRef: description: Contains vault database role info properties: @@ -2308,6 +2487,67 @@ spec: required: - databaseRef type: object + pki: + description: https://developer.hashicorp.com/vault/api-docs/secret/pki#generate-root + PKIConfiguration contains information about PKI Secret Engine + properties: + additionalPayload: + additionalProperties: + type: string + type: object + altNames: + type: string + commonName: + type: string + country: + type: string + isRootCA: + type: boolean + issuerName: + type: string + maxPathLength: + type: integer + organization: + type: string + ou: + type: string + parentCARef: + description: ObjectReference contains enough information to let + you inspect or modify the referred object. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + required: + - name + type: object + ttl: + type: string + type: + type: string + urls: + properties: + crlDistributionPoints: + items: + type: string + type: array + enableTemplating: + type: boolean + issuingCertificates: + items: + type: string + type: array + ocspServers: + items: + type: string + type: array + type: object + required: + - isRootCA + type: object postgres: description: PostgresConfiguration defines a PostgreSQL app configuration. https://www.vaultproject.io/api/secret/databases/index.html https://www.vaultproject.io/api/secret/databases/postgresql.html#configure-connection @@ -24055,6 +24295,9 @@ spec: description: 'Kubernetes refers to Vault users who are authenticated via Kubernetes auth method More info: https://www.vaultproject.io/docs/auth/kubernetes.html#configuration' properties: + audience: + description: Optional Audience claim to verify in the JWT. + type: string maxTTL: description: Specifies the maximum allowed lifetime of tokens issued in seconds using this role.