Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update ratify charts to 1.2 #1526

Merged
merged 7 commits into from
May 31, 2024
Merged

chore: update ratify charts to 1.2 #1526

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
bf66dac
update charts to 1.2
susanshi May 31, 2024
19a7d65
adding back comments
susanshi May 31, 2024
20dc21b
adding back comments
susanshi May 31, 2024
6052ce7
fix helmfile verison
susanshi May 31, 2024
991ecb5
fix spaces
susanshi May 31, 2024
e35754a
remove local files
susanshi May 31, 2024
eb8c618
Merge branch 'dev' into charts1.2
akashsinghal May 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions charts/ratify/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: ratify
description: A Helm chart for Ratify
version: 1.12.0
appVersion: v1.1.0
version: 1.13.0
appVersion: v1.2.0
home: https://github.com/deislabs/ratify
icon: https://raw.githubusercontent.com/deislabs/ratify/main/logo.svg
2 changes: 1 addition & 1 deletion charts/ratify/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
image:
repository: ghcr.io/deislabs/ratify
crdRepository: ghcr.io/deislabs/ratify-crds
tag: v1.1.0
tag: v1.2.0
pullPolicy: IfNotPresent

nameOverride: ""
Expand Down
13 changes: 9 additions & 4 deletions helmfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ repositories:
url: https://open-policy-agent.github.io/gatekeeper/charts
- name: ratify
url: https://deislabs.github.io/ratify

releases:
- name: gatekeeper
namespace: gatekeeper-system
createNamespace: true
chart: gatekeeper/gatekeeper
version: 3.14.0
version: 3.16.0
wait: true
set:
- name: enableExternalData
Expand All @@ -23,7 +23,7 @@ releases:
- name: ratify
namespace: gatekeeper-system
chart: ratify/ratify
version: 1.12.1 # Make sure this matches Chart.yaml
version: 1.13.0 # Make sure this matches Chart.yaml
wait: true
needs:
- gatekeeper
Expand Down Expand Up @@ -60,6 +60,11 @@ releases:
- "verifiers.config.ratify.deislabs.io"
- "certificatestores.config.ratify.deislabs.io"
- "policies.config.ratify.deislabs.io"
- "keymanagementproviders.config.ratify.deislabs.io"
- "namespacedkeymanagementproviders.config.ratify.deislabs.io"
- "namespacedpolicies.config.ratify.deislabs.io"
- "namespacedstores.config.ratify.deislabs.io"
- "namespacedverifiers.config.ratify.deislabs.io"
- events: ["postuninstall"]
showlogs: true
command: "kubectl"
Expand All @@ -70,7 +75,7 @@ releases:
- "-n"
- "gatekeeper-system"
set:
- name: notationCert
- name: notationCerts[0]
value: {{ exec "curl" (list "-sSL" "https://raw.githubusercontent.com/deislabs/ratify/main/test/testdata/notation.crt") | quote }}
- name: featureFlags.RATIFY_CERT_ROTATION
value: true
35 changes: 32 additions & 3 deletions high-availability.helmfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
repositories:
- name: gatekeeper
url: https://open-policy-agent.github.io/gatekeeper/charts
- name: dapr
url: https://dapr.github.io/helm-charts/
- name: bitnami
Expand All @@ -11,10 +13,26 @@ releases:
namespace: dapr-system
createNamespace: true
chart: dapr/dapr
version: 1.11.1
version: 1.13.2
wait: true
- name: gatekeeper
namespace: gatekeeper-system
createNamespace: true
chart: gatekeeper/gatekeeper
version: 3.16.0
wait: true
set:
- name: enableExternalData
value: true
- name: validatingWebhookTimeoutSeconds
value: 5
- name: mutatingWebhookTimeoutSeconds
value: 2
- name: externaldataProviderResponseCacheTTL
value: 10s
- name: redis
namespace: gatekeeper-system
createNamespace: true
chart: bitnami/redis
version: 17.11.6
wait: true
Expand All @@ -32,11 +50,12 @@ releases:
- name: ratify
namespace: gatekeeper-system
chart: ratify/ratify
version: 1.12.1 # Make sure this matches Chart.yaml
version: 1.13.0 # Make sure this matches Chart.yaml
wait: true
needs:
- dapr-system/dapr
- gatekeeper-system/redis
- gatekeeper-system/gatekeeper
hooks:
- events: ["presync"]
showlogs: true
Expand All @@ -53,6 +72,12 @@ releases:
- "https://raw.githubusercontent.com/deislabs/ratify/main/test/testdata/dapr/dapr-redis.yaml"
- "-n"
- "gatekeeper-system"
- events: ["presync"]
showlogs: true
command: "bash"
args:
- "-c"
- "kubectl apply -f https://deislabs.github.io/ratify/library/default/template.yaml && kubectl apply -f https://deislabs.github.io/ratify/library/default/samples/constraint.yaml"
- events: ["postuninstall"]
showlogs: true
command: "kubectl"
Expand Down Expand Up @@ -99,6 +124,10 @@ releases:
- "verifiers.config.ratify.deislabs.io"
- "certificatestores.config.ratify.deislabs.io"
- "policies.config.ratify.deislabs.io"
- "namespacedkeymanagementproviders.config.ratify.deislabs.io"
- "namespacedpolicies.config.ratify.deislabs.io"
- "namespacedstores.config.ratify.deislabs.io"
- "namespacedverifiers.config.ratify.deislabs.io"
- events: ["postuninstall"]
showlogs: true
command: "kubectl"
Expand All @@ -115,7 +144,7 @@ releases:
value: true
- name: logger.level
value: debug
- name: notationCert
- name: notationCerts[0]
Copy link
Collaborator Author

@susanshi susanshi May 31, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @akashsinghal , I want to double check here did we remove support for notationCert in 1.2 charts? do you think we need to update the releaseNotes to include this as a breaking change?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

notationCert is not removed but is marked as deprecated. I will add a note on deprecation in release notes.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Discussed offline that we need to consider adding tests to make sure these deprecated values still are supported

value: {{ exec "curl" (list "-sSL" "https://raw.githubusercontent.com/deislabs/ratify/main/test/testdata/notation.crt") | quote }}
- name: replicaCount
value: 2
Expand Down
Loading