Compare commits
65 Commits
main
...
spire-0.26
| Author | SHA1 | Date |
|---|---|---|
Kevin Fox
|
f3578ade05 | |
Faisal Memon
|
fc97e81bb5 | |
|
Faisal Memon
|
7c8d4fd53b | |
|
Faisal Memon
|
27da75fcc5 | |
|
Faisal Memon
|
815e207f8f | |
|
Faisal Memon
|
7c7f791e33 | |
|
Faisal Memon
|
815fbd00ed | |
|
Faisal Memon
|
1b7e3a8755 | |
|
Faisal Memon
|
c7feff579b | |
|
Faisal Memon
|
9da5fa24dd | |
|
Faisal Memon
|
e6d7d5784b | |
|
Faisal Memon
|
e5138372f7 | |
|
Faisal Memon
|
627da2ad58 | |
|
Faisal Memon
|
470acf2259 | |
|
Faisal Memon
|
1c271e17ca | |
|
Faisal Memon
|
d1576b638f | |
|
Faisal Memon
|
8e6704e588 | |
|
Faisal Memon
|
26ff986c63 | |
|
Faisal Memon
|
b693e74a2e | |
|
Faisal Memon
|
3e70c74c24 | |
|
Faisal Memon
|
b759abea7f | |
|
Faisal Memon
|
1131141daa | |
|
Faisal Memon
|
446952920b | |
|
Faisal Memon
|
bea59729fb | |
|
Faisal Memon
|
f2f56fa055 | |
Marco Franssen
|
5f46d7bfc2 | |
|
Kevin Fox
|
69511f5a6c | |
|
Marco Franssen
|
b469b62f1a | |
|
Faisal Memon
|
c07ca2597d | |
|
Faisal Memon
|
2108f80f48 | |
|
Faisal Memon
|
e458ca371f | |
unufr33
|
1c98c618b1 | |
|
Faisal Memon
|
ff0b0683e3 | |
|
kfox1111
|
af842bec0a | |
|
Faisal Memon
|
fdffbea7aa | |
|
kfox1111
|
d13a68c5ce | |
|
Marco Franssen
|
b2f04230cc | |
|
Faisal Memon
|
2675f130f4 | |
|
Faisal Memon
|
7af7e1d6de | |
|
Faisal Memon
|
431d77f40b | |
|
Faisal Memon
|
cfd6aa7985 | |
|
kfox1111
|
b3d04ae162 | |
|
kfox1111
|
604743d0bf | |
Drew Wells
|
99c0f148ac | |
|
Drew Wells
|
b0d9a736fe | |
|
Marco Franssen
|
ca418613a2 | |
|
Marco Franssen
|
cc9565be5d | |
|
Marco Franssen
|
8b5f9703ff | |
|
Marco Franssen
|
8f7c9ba6a4 | |
|
kfox1111
|
622d5c9caf | |
Drew Wells
|
2620c8357a | |
|
Faisal Memon
|
49025cd3db | |
github-actions[bot]
|
ee0a16bdc8 | |
|
Marco Franssen
|
0e5d2817fa | |
|
Marco Franssen
|
b628b08e16 | |
|
Marco Franssen
|
191d1f05d8 | |
|
Faisal Memon
|
f7403f45cb | |
|
Marco Franssen
|
7a67caca5c | |
|
Marco Franssen
|
e9de49e93b | |
|
Marco Franssen
|
949d34828e | |
|
Marco Franssen
|
3f044af7b9 | |
|
kfox1111
|
545059c316 | |
|
Marco Franssen
|
a1b19dd215 | |
|
Marco Franssen
|
088f4f3676 | |
|
Marco Franssen
|
37e469c725 |
|
|
@ -2,7 +2,7 @@
|
|||
{
|
||||
"name": "kube-prometheus-stack",
|
||||
"repo": "https://prometheus-community.github.io/helm-charts",
|
||||
"version": "75.15.1"
|
||||
"version": "75.15.0"
|
||||
},
|
||||
{
|
||||
"name": "cert-manager",
|
||||
|
|
|
|||
|
|
@ -122,11 +122,11 @@ A Helm chart to install the SPIFFE OIDC discovery provider.
|
|||
| `tests.bash.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `tests.bash.image.repository` | The repository within the registry | `chainguard/bash` |
|
||||
| `tests.bash.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b` |
|
||||
| `tests.toolkit.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `tests.toolkit.image.repository` | The repository within the registry | `chainguard/min-toolkit-debug` |
|
||||
| `tests.toolkit.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
| `tests.toolkit.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:f662d2b8c7c47e6d29c31b1bc8dbd039770d6186295bbc88bd8f540ca8ec3b53` |
|
||||
| `tests.toolkit.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:f3fdb9fb32e0dd9fe474e077047712044f6faa04a2f9a4fb3a91543b2736f6f4` |
|
||||
| `tests.step.image.registry` | The OCI registry to pull the image from | `docker.io` |
|
||||
| `tests.step.image.repository` | The repository within the registry | `smallstep/step-cli` |
|
||||
| `tests.step.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
|
|
|
|||
|
|
@ -346,7 +346,7 @@ tests:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/bash
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679
|
||||
tag: latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b
|
||||
|
||||
toolkit:
|
||||
## @param tests.toolkit.image.registry The OCI registry to pull the image from
|
||||
|
|
@ -358,7 +358,7 @@ tests:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/min-toolkit-debug
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:f662d2b8c7c47e6d29c31b1bc8dbd039770d6186295bbc88bd8f540ca8ec3b53
|
||||
tag: latest@sha256:f3fdb9fb32e0dd9fe474e077047712044f6faa04a2f9a4fb3a91543b2736f6f4
|
||||
|
||||
step:
|
||||
## @param tests.step.image.registry The OCI registry to pull the image from
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ A Helm chart to install the SPIRE agent.
|
|||
| `fsGroupFix.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `fsGroupFix.image.repository` | The repository within the registry | `chainguard/bash` |
|
||||
| `fsGroupFix.image.pullPolicy` | The image pull policy | `Always` |
|
||||
| `fsGroupFix.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679` |
|
||||
| `fsGroupFix.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b` |
|
||||
| `fsGroupFix.resources` | Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `{}` |
|
||||
| `keyManager.memory.enabled` | Enable the memory based Key Manager | `true` |
|
||||
| `keyManager.disk.enabled` | Enable the disk based Key Manager (must have persistence.type set to hostPath when enabled) | `false` |
|
||||
|
|
@ -110,21 +110,18 @@ A Helm chart to install the SPIRE agent.
|
|||
| `telemetry.prometheus.podMonitor.enabled` | Enable podMonitor for prometheus | `false` |
|
||||
| `telemetry.prometheus.podMonitor.namespace` | Override where to install the podMonitor, if not set will use the same namespace as the spire-agent | `""` |
|
||||
| `telemetry.prometheus.podMonitor.labels` | Pod labels to filter for prometheus monitoring | `{}` |
|
||||
| `telemetry.datadog.enabled` | Flag to enable datadog monitoring | `false` |
|
||||
| `telemetry.datadog.address` | The address of the datadog service to send metrics to. The default URL for services are `<service-name>.<namespace>.svc` | `datadog.kube-system.svc` |
|
||||
| `telemetry.datadog.port` | The port of the datadog service to send metrics to | `8125` |
|
||||
| `kubeletConnectByHostname` | If true, connect to kubelet using the nodes hostname. If false, uses localhost. If unset, defaults to true on OpenShift and false otherwise. | `""` |
|
||||
| `socketPath` | The unix socket path to the spire-agent | `/run/spire/agent-sockets/spire-agent.sock` |
|
||||
| `socketAlternate.names` | List of alternate names for the socket that workloads might expect to be able to access in the driver mount. | `["socket","spire-agent.sock","api.sock"]` |
|
||||
| `socketAlternate.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `socketAlternate.image.repository` | The repository within the registry | `chainguard/bash` |
|
||||
| `socketAlternate.image.pullPolicy` | The image pull policy | `Always` |
|
||||
| `socketAlternate.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679` |
|
||||
| `socketAlternate.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b` |
|
||||
| `socketAlternate.resources` | Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `{}` |
|
||||
| `hostCert.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `hostCert.image.repository` | The repository within the registry | `chainguard/min-toolkit-debug` |
|
||||
| `hostCert.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
| `hostCert.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:f662d2b8c7c47e6d29c31b1bc8dbd039770d6186295bbc88bd8f540ca8ec3b53` |
|
||||
| `hostCert.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:f3fdb9fb32e0dd9fe474e077047712044f6faa04a2f9a4fb3a91543b2736f6f4` |
|
||||
| `hostCert.resources` | Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `{}` |
|
||||
| `priorityClassName` | Priority class assigned to daemonset pods. Can be auto set with global.recommendations.priorityClassName. | `""` |
|
||||
| `extraEnvVars` | Extra environment variables to be added to the Spire Agent container | `[]` |
|
||||
|
|
|
|||
|
|
@ -170,13 +170,6 @@ telemetry:
|
|||
- host: "0.0.0.0"
|
||||
port: {{ .Values.telemetry.prometheus.port }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.telemetry.datadog.enabled }}
|
||||
telemetry:
|
||||
- DogStatsd:
|
||||
- address: "{{ .Values.telemetry.datadog.address }}:{{ .Values.telemetry.datadog.port }}"
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
||||
{{- $root := . }}
|
||||
{{- range $name := (concat (list "default") (keys .Values.agents)) | uniq }}
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ fsGroupFix:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/bash
|
||||
pullPolicy: Always
|
||||
tag: latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679
|
||||
tag: latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b
|
||||
|
||||
## @param fsGroupFix.resources Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
resources: {}
|
||||
|
|
@ -263,13 +263,6 @@ telemetry:
|
|||
namespace: ""
|
||||
## @param telemetry.prometheus.podMonitor.labels [object] Pod labels to filter for prometheus monitoring
|
||||
labels: {}
|
||||
datadog:
|
||||
## @param telemetry.datadog.enabled Flag to enable datadog monitoring
|
||||
enabled: false
|
||||
## @param telemetry.datadog.address The address of the datadog service to send metrics to. The default URL for services are `<service-name>.<namespace>.svc`
|
||||
address: "datadog.kube-system.svc"
|
||||
## @param telemetry.datadog.port The port of the datadog service to send metrics to
|
||||
port: 8125
|
||||
|
||||
## @param kubeletConnectByHostname If true, connect to kubelet using the nodes hostname. If false, uses localhost. If unset, defaults to true on OpenShift and false otherwise.
|
||||
kubeletConnectByHostname: ""
|
||||
|
|
@ -293,7 +286,7 @@ socketAlternate:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/bash
|
||||
pullPolicy: Always
|
||||
tag: latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679
|
||||
tag: latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b
|
||||
|
||||
## @param socketAlternate.resources Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
resources: {}
|
||||
|
|
@ -308,7 +301,7 @@ hostCert:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/min-toolkit-debug
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:f662d2b8c7c47e6d29c31b1bc8dbd039770d6186295bbc88bd8f540ca8ec3b53
|
||||
tag: latest@sha256:f3fdb9fb32e0dd9fe474e077047712044f6faa04a2f9a4fb3a91543b2736f6f4
|
||||
|
||||
## @param hostCert.resources Specify resource needs as per https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
resources: {}
|
||||
|
|
|
|||
|
|
@ -353,9 +353,6 @@ In order to run Tornjak with simple HTTP Connection only, make sure you don't cr
|
|||
| `telemetry.prometheus.podMonitor.enabled` | Enable podMonitor for prometheus | `false` |
|
||||
| `telemetry.prometheus.podMonitor.namespace` | Override where to install the podMonitor, if not set will use the same namespace as the spire-agent | `""` |
|
||||
| `telemetry.prometheus.podMonitor.labels` | Pod labels to filter for prometheus monitoring | `{}` |
|
||||
| `telemetry.datadog.enabled` | Flag to enable datadog monitoring | `false` |
|
||||
| `telemetry.datadog.address` | The address of the datadog service to send metrics to. The default URL for services are `<service-name>.<namespace>.svc` | `datadog.kube-system.svc` |
|
||||
| `telemetry.datadog.port` | The port of the datadog service to send metrics to | `8125` |
|
||||
| `ingress.enabled` | Flag to enable ingress | `false` |
|
||||
| `ingress.className` | Ingress class name | `""` |
|
||||
| `ingress.controllerType` | Specify what type of ingress controller you're using to add the necessary annotations accordingly. If blank, autodetection is attempted. If other, no annotations will be added. Must be one of [ingress-nginx, openshift, other, ""]. | `""` |
|
||||
|
|
@ -488,5 +485,5 @@ In order to run Tornjak with simple HTTP Connection only, make sure you don't cr
|
|||
| `tests.bash.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `tests.bash.image.repository` | The repository within the registry | `chainguard/bash` |
|
||||
| `tests.bash.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b` |
|
||||
| `kubeConfigs` | Manage additional kubeconfig files to talk to external Kubernetes clusters | `{}` |
|
||||
|
|
|
|||
|
|
@ -499,13 +499,6 @@ telemetry:
|
|||
- host: "0.0.0.0"
|
||||
port: 9988
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.telemetry.datadog.enabled }}
|
||||
telemetry:
|
||||
- DogStatsd:
|
||||
- address: "{{ .Values.telemetry.datadog.address }}:{{ .Values.telemetry.datadog.port }}"
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
||||
{{- if not .Values.externalServer }}
|
||||
apiVersion: v1
|
||||
|
|
|
|||
|
|
@ -852,13 +852,6 @@ telemetry:
|
|||
namespace: ""
|
||||
## @param telemetry.prometheus.podMonitor.labels [object] Pod labels to filter for prometheus monitoring
|
||||
labels: {}
|
||||
datadog:
|
||||
## @param telemetry.datadog.enabled Flag to enable datadog monitoring
|
||||
enabled: false
|
||||
## @param telemetry.datadog.address The address of the datadog service to send metrics to. The default URL for services are `<service-name>.<namespace>.svc`
|
||||
address: "datadog.kube-system.svc"
|
||||
## @param telemetry.datadog.port The port of the datadog service to send metrics to
|
||||
port: 8125
|
||||
|
||||
ingress:
|
||||
## @param ingress.enabled Flag to enable ingress
|
||||
|
|
@ -1243,7 +1236,7 @@ tests:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/bash
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679
|
||||
tag: latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b
|
||||
|
||||
## @param kubeConfigs [object] Manage additional kubeconfig files to talk to external Kubernetes clusters
|
||||
kubeConfigs: {}
|
||||
|
|
|
|||
|
|
@ -101,4 +101,4 @@ port forwarding. See the chart NOTES output for more details.
|
|||
| `tests.bash.image.registry` | The OCI registry to pull the image from | `cgr.dev` |
|
||||
| `tests.bash.image.repository` | The repository within the registry | `chainguard/bash` |
|
||||
| `tests.bash.image.pullPolicy` | The image pull policy | `IfNotPresent` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679` |
|
||||
| `tests.bash.image.tag` | Overrides the image tag whose default is the chart appVersion | `latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b` |
|
||||
|
|
|
|||
|
|
@ -162,4 +162,4 @@ tests:
|
|||
registry: cgr.dev
|
||||
repository: chainguard/bash
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:330ad2ea11cf3018a331326fb08e44cedd0c0c604cfbfcff32b81272460bb679
|
||||
tag: latest@sha256:809764150d09e67cc6ea8b7051555ff620381b7e900306d1374137a69855145b
|
||||
|
|
|
|||
Loading…
Reference in New Issue