diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml index 64a3221..d2fd1f2 100644 --- a/.github/workflows/label-issues.yml +++ b/.github/workflows/label-issues.yml @@ -13,7 +13,7 @@ on: jobs: label-issues: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index c1c8425..1b793a7 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -15,10 +15,10 @@ jobs: uses: azure/setup-helm@v3.5 - name: Setup Python - uses: ckotzbauer/actions-toolkit/setup-python@0.45.1 + uses: ckotzbauer/actions-toolkit/setup-python@0.47.0 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@v2.7.0 - name: Run chart-testing (list-changed) id: list-changed @@ -33,7 +33,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@v1.12.0 with: version: v0.22.0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 905b1e4..c1fb943 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -27,6 +27,6 @@ jobs: helm repo add stable https://charts.helm.sh/stable - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.6.0 + uses: helm/chart-releaser-action@v1.7.0 env: CR_TOKEN: "${{ secrets.CR_TOKEN }}" diff --git a/.github/workflows/size-label.yml b/.github/workflows/size-label.yml index c0c5c4b..a55b89e 100644 --- a/.github/workflows/size-label.yml +++ b/.github/workflows/size-label.yml @@ -5,7 +5,7 @@ on: jobs: size-label: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a54ec57..9636ed8 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -5,6 +5,6 @@ on: jobs: stale: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/charts/cadvisor/templates/_helpers.tpl b/charts/cadvisor/templates/_helpers.tpl index 7d7a0de..a39b504 100644 --- a/charts/cadvisor/templates/_helpers.tpl +++ b/charts/cadvisor/templates/_helpers.tpl @@ -41,6 +41,9 @@ helm.sh/chart: {{ include "cadvisor.chart" . }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.commonLabels }} +{{ toYaml .Values.commonLabels }} +{{- end }} {{- end -}} {{/* diff --git a/charts/cadvisor/templates/clusterrole.yaml b/charts/cadvisor/templates/clusterrole.yaml index 2d7fa84..34a6b90 100644 --- a/charts/cadvisor/templates/clusterrole.yaml +++ b/charts/cadvisor/templates/clusterrole.yaml @@ -4,6 +4,8 @@ kind: ClusterRole metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} rules: - apiGroups: ['policy'] resources: ['podsecuritypolicies'] diff --git a/charts/cadvisor/templates/clusterrolebinding.yaml b/charts/cadvisor/templates/clusterrolebinding.yaml index d59147a..c0dbe37 100644 --- a/charts/cadvisor/templates/clusterrolebinding.yaml +++ b/charts/cadvisor/templates/clusterrolebinding.yaml @@ -4,6 +4,8 @@ kind: ClusterRoleBinding metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/charts/cadvisor/templates/daemonset.yaml b/charts/cadvisor/templates/daemonset.yaml index d9b6030..36dfdb3 100644 --- a/charts/cadvisor/templates/daemonset.yaml +++ b/charts/cadvisor/templates/daemonset.yaml @@ -8,20 +8,15 @@ metadata: {{ toYaml . | indent 4 }} {{- end }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: selector: matchLabels: - app: {{ template "cadvisor.name" . }} - release: {{ .Release.Name }} + {{- include "cadvisor.selectorLabels" . | nindent 6 }} template: metadata: labels: - app: {{ template "cadvisor.name" . }} - release: {{ .Release.Name }} + {{- include "cadvisor.selectorLabels" . | nindent 8 }} {{- range $key, $value := .Values.podLabels }} {{ $key }}: {{ $value | quote }} {{- end }} @@ -30,17 +25,17 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} spec: - {{ if .Values.priorityClassName }} + {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{ if .Values.image.pullSecrets }} + {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- range .Values.image.pullSecrets }} - name: {{ . }} {{- end }} {{- end }} serviceAccountName: {{ template "cadvisor.serviceAccountName" . }} - {{ if .Values.hostNetwork }} + {{- if .Values.hostNetwork }} hostNetwork: true {{- end }} containers: @@ -57,7 +52,7 @@ spec: mountPath: {{ default .path .mount }} readOnly: {{ list nil true | has .readOnly }} {{- end }} - {{ if .Values.podSecurityContext.create }} + {{- if .Values.podSecurityContext.create }} securityContext: privileged: {{ .Values.podSecurityContext.privileged }} {{- end }} diff --git a/charts/cadvisor/templates/psp.yaml b/charts/cadvisor/templates/psp.yaml index 56fbe05..b3e19a4 100644 --- a/charts/cadvisor/templates/psp.yaml +++ b/charts/cadvisor/templates/psp.yaml @@ -4,6 +4,8 @@ kind: PodSecurityPolicy metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} spec: seLinux: rule: RunAsAny diff --git a/charts/cadvisor/templates/service.yaml b/charts/cadvisor/templates/service.yaml index b5e074c..45d52f9 100644 --- a/charts/cadvisor/templates/service.yaml +++ b/charts/cadvisor/templates/service.yaml @@ -4,10 +4,7 @@ metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: ports: - name: http @@ -18,5 +15,5 @@ spec: nodePort: {{ . }} {{- end }} selector: - app: {{ template "cadvisor.name" . }} + {{- include "cadvisor.selectorLabels" . | nindent 4 }} type: {{ .Values.service.type }} diff --git a/charts/cadvisor/templates/serviceaccount.yaml b/charts/cadvisor/templates/serviceaccount.yaml index 77368e9..51d3068 100644 --- a/charts/cadvisor/templates/serviceaccount.yaml +++ b/charts/cadvisor/templates/serviceaccount.yaml @@ -4,4 +4,6 @@ kind: ServiceAccount metadata: name: {{ template "cadvisor.serviceAccountName" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4 }} {{- end -}} diff --git a/charts/cadvisor/templates/servicemonitor.yaml b/charts/cadvisor/templates/servicemonitor.yaml index 2b81ca6..c848266 100644 --- a/charts/cadvisor/templates/servicemonitor.yaml +++ b/charts/cadvisor/templates/servicemonitor.yaml @@ -5,10 +5,7 @@ metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: selector: matchLabels: @@ -30,3 +27,4 @@ spec: {{- toYaml .Values.metrics.metricRelabelings | nindent 8 }} {{- end -}} {{- end -}} + diff --git a/charts/cadvisor/values.yaml b/charts/cadvisor/values.yaml index 424cbd3..3588581 100644 --- a/charts/cadvisor/values.yaml +++ b/charts/cadvisor/values.yaml @@ -53,6 +53,7 @@ resources: {} podAnnotations: {} podLabels: {} +commonLabels: {} daemonsetAnnotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default' diff --git a/charts/sbom-operator/Chart.yaml b/charts/sbom-operator/Chart.yaml index 8eb0439..56bdebb 100644 --- a/charts/sbom-operator/Chart.yaml +++ b/charts/sbom-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 description: Catalogue all images of a Kubernetes cluster to multiple targets with Syft name: sbom-operator -version: 0.37.1 -appVersion: 0.36.0 +version: 0.38.0 +appVersion: 0.37.0 home: https://github.com/ckotzbauer/sbom-operator sources: - https://github.com/ckotzbauer/sbom-operator diff --git a/charts/sbom-operator/README.md b/charts/sbom-operator/README.md index c47c290..37196a6 100644 --- a/charts/sbom-operator/README.md +++ b/charts/sbom-operator/README.md @@ -31,7 +31,7 @@ The following table lists the configurable parameters of the sbom-operator chart | Parameter | Description | Default | | -------------------------------------- | ------------------------------------------------- | ---------------------------------------- | | `image.repository` | container image repository | `ghcr.io/ckotzbauer/sbom-operator` | -| `image.tag` | container image tag | `0.36.0` | +| `image.tag` | container image tag | `0.37.0` | | `image.pullPolicy` | container image pull policy | `IfNotPresent` | | `image.pullSecrets` | image pull-secrets | `[]` | | `args` | argument object for cli-args | `{}` | diff --git a/charts/vulnerability-operator/Chart.yaml b/charts/vulnerability-operator/Chart.yaml index 81f121e..aa5120b 100644 --- a/charts/vulnerability-operator/Chart.yaml +++ b/charts/vulnerability-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 description: Scans SBOMs for vulnerabilities name: vulnerability-operator -version: 0.28.1 -appVersion: 0.26.1 +version: 0.29.0 +appVersion: 0.27.0 home: https://github.com/ckotzbauer/vulnerability-operator sources: - https://github.com/ckotzbauer/vulnerability-operator diff --git a/charts/vulnerability-operator/README.md b/charts/vulnerability-operator/README.md index bc9e813..c3da565 100644 --- a/charts/vulnerability-operator/README.md +++ b/charts/vulnerability-operator/README.md @@ -31,7 +31,7 @@ The following table lists the configurable parameters of the vulnerability-opera | Parameter | Description | Default | | -------------------------------------- | ------------------------------------------------- | --------------------------------------------- | | `image.repository` | container image repository | `ghcr.io/ckotzbauer/vulnerability-operator` | -| `image.tag` | container image tag | `0.26.1` | +| `image.tag` | container image tag | `0.27.0` | | `image.pullPolicy` | container image pull policy | `IfNotPresent` | | `args` | argument object for cli-args | `{}` | | `envVars` | environment variables | `{}` |