From f997653bf21562b0e2e9201cdf64a847aa1c039c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Dec 2024 01:31:13 +0000 Subject: [PATCH 1/9] deps: update helm/kind-action action to v1.11.0 (#207) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index c1c8425..bd0afeb 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -33,7 +33,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@v1.11.0 with: version: v0.22.0 From 7f554ed1e3353f3ae8b3a8ebf177631db5b1ba7a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 28 Dec 2024 04:00:56 +0000 Subject: [PATCH 2/9] deps: update helm/kind-action action to v1.12.0 (#208) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index bd0afeb..2be04ea 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -33,7 +33,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.11.0 + uses: helm/kind-action@v1.12.0 with: version: v0.22.0 From 8d9204b19de967b2e68f570c3f88e38b72c87d92 Mon Sep 17 00:00:00 2001 From: Christian Kotzbauer Date: Sat, 4 Jan 2025 10:16:37 +0100 Subject: [PATCH 3/9] build: version upgrades Signed-off-by: Christian Kotzbauer --- .github/workflows/label-issues.yml | 2 +- .github/workflows/size-label.yml | 2 +- .github/workflows/stale.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml index 64a3221..bcffd9f 100644 --- a/.github/workflows/label-issues.yml +++ b/.github/workflows/label-issues.yml @@ -13,7 +13,7 @@ on: jobs: label-issues: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.46.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/size-label.yml b/.github/workflows/size-label.yml index c0c5c4b..01d4441 100644 --- a/.github/workflows/size-label.yml +++ b/.github/workflows/size-label.yml @@ -5,7 +5,7 @@ on: jobs: size-label: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.46.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index a54ec57..896e63f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -5,6 +5,6 @@ on: jobs: stale: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.45.1 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.46.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} From 0a90103fcd61d08ff16f923cb61ead55fade5072 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 4 Jan 2025 16:34:19 +0000 Subject: [PATCH 4/9] deps: update ckotzbauer/actions-toolkit action to v0.46.0 (#209) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 2be04ea..606db29 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -15,7 +15,7 @@ jobs: uses: azure/setup-helm@v3.5 - name: Setup Python - uses: ckotzbauer/actions-toolkit/setup-python@0.45.1 + uses: ckotzbauer/actions-toolkit/setup-python@0.46.0 - name: Set up chart-testing uses: helm/chart-testing-action@v2.6.1 From 970d330f67504b58df7576c24bdc531a9db80fcc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Jan 2025 05:03:11 +0000 Subject: [PATCH 5/9] deps: update helm/chart-releaser-action action to v1.7.0 (#211) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 905b1e4..c1fb943 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -27,6 +27,6 @@ jobs: helm repo add stable https://charts.helm.sh/stable - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.6.0 + uses: helm/chart-releaser-action@v1.7.0 env: CR_TOKEN: "${{ secrets.CR_TOKEN }}" From 67dc9a8b6e7d412e82bd4e92b4ecdebb989dc427 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Jan 2025 05:03:20 +0000 Subject: [PATCH 6/9] deps: update helm/chart-testing-action action to v2.7.0 (#212) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 606db29..de8deac 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -18,7 +18,7 @@ jobs: uses: ckotzbauer/actions-toolkit/setup-python@0.46.0 - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@v2.7.0 - name: Run chart-testing (list-changed) id: list-changed From 11926571e7e5011bdc9e5d323e6d745495d348a0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 23 Mar 2025 20:34:21 +0100 Subject: [PATCH 7/9] deps: update ckotzbauer/actions-toolkit action to v0.47.0 (#214) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/label-issues.yml | 2 +- .github/workflows/lint-test.yaml | 2 +- .github/workflows/size-label.yml | 2 +- .github/workflows/stale.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml index bcffd9f..d2fd1f2 100644 --- a/.github/workflows/label-issues.yml +++ b/.github/workflows/label-issues.yml @@ -13,7 +13,7 @@ on: jobs: label-issues: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.46.0 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index de8deac..1b793a7 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -15,7 +15,7 @@ jobs: uses: azure/setup-helm@v3.5 - name: Setup Python - uses: ckotzbauer/actions-toolkit/setup-python@0.46.0 + uses: ckotzbauer/actions-toolkit/setup-python@0.47.0 - name: Set up chart-testing uses: helm/chart-testing-action@v2.7.0 diff --git a/.github/workflows/size-label.yml b/.github/workflows/size-label.yml index 01d4441..a55b89e 100644 --- a/.github/workflows/size-label.yml +++ b/.github/workflows/size-label.yml @@ -5,7 +5,7 @@ on: jobs: size-label: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.46.0 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 896e63f..9636ed8 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -5,6 +5,6 @@ on: jobs: stale: - uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.46.0 + uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.47.0 secrets: token: ${{ secrets.GITHUB_TOKEN }} From c80b03a91d17531e9aafcf836239fdef5120acc5 Mon Sep 17 00:00:00 2001 From: Christian Kotzbauer Date: Sun, 6 Apr 2025 11:13:27 +0200 Subject: [PATCH 8/9] feat: updated operators Signed-off-by: Christian Kotzbauer --- charts/sbom-operator/Chart.yaml | 4 ++-- charts/sbom-operator/README.md | 2 +- charts/vulnerability-operator/Chart.yaml | 4 ++-- charts/vulnerability-operator/README.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/sbom-operator/Chart.yaml b/charts/sbom-operator/Chart.yaml index 8eb0439..56bdebb 100644 --- a/charts/sbom-operator/Chart.yaml +++ b/charts/sbom-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 description: Catalogue all images of a Kubernetes cluster to multiple targets with Syft name: sbom-operator -version: 0.37.1 -appVersion: 0.36.0 +version: 0.38.0 +appVersion: 0.37.0 home: https://github.com/ckotzbauer/sbom-operator sources: - https://github.com/ckotzbauer/sbom-operator diff --git a/charts/sbom-operator/README.md b/charts/sbom-operator/README.md index c47c290..37196a6 100644 --- a/charts/sbom-operator/README.md +++ b/charts/sbom-operator/README.md @@ -31,7 +31,7 @@ The following table lists the configurable parameters of the sbom-operator chart | Parameter | Description | Default | | -------------------------------------- | ------------------------------------------------- | ---------------------------------------- | | `image.repository` | container image repository | `ghcr.io/ckotzbauer/sbom-operator` | -| `image.tag` | container image tag | `0.36.0` | +| `image.tag` | container image tag | `0.37.0` | | `image.pullPolicy` | container image pull policy | `IfNotPresent` | | `image.pullSecrets` | image pull-secrets | `[]` | | `args` | argument object for cli-args | `{}` | diff --git a/charts/vulnerability-operator/Chart.yaml b/charts/vulnerability-operator/Chart.yaml index 81f121e..aa5120b 100644 --- a/charts/vulnerability-operator/Chart.yaml +++ b/charts/vulnerability-operator/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 description: Scans SBOMs for vulnerabilities name: vulnerability-operator -version: 0.28.1 -appVersion: 0.26.1 +version: 0.29.0 +appVersion: 0.27.0 home: https://github.com/ckotzbauer/vulnerability-operator sources: - https://github.com/ckotzbauer/vulnerability-operator diff --git a/charts/vulnerability-operator/README.md b/charts/vulnerability-operator/README.md index bc9e813..c3da565 100644 --- a/charts/vulnerability-operator/README.md +++ b/charts/vulnerability-operator/README.md @@ -31,7 +31,7 @@ The following table lists the configurable parameters of the vulnerability-opera | Parameter | Description | Default | | -------------------------------------- | ------------------------------------------------- | --------------------------------------------- | | `image.repository` | container image repository | `ghcr.io/ckotzbauer/vulnerability-operator` | -| `image.tag` | container image tag | `0.26.1` | +| `image.tag` | container image tag | `0.27.0` | | `image.pullPolicy` | container image pull policy | `IfNotPresent` | | `args` | argument object for cli-args | `{}` | | `envVars` | environment variables | `{}` | From 904866b509d8bf49897a8c9500fa35a37092ae40 Mon Sep 17 00:00:00 2001 From: Jonatan Redondo <69473991+jonitich@users.noreply.github.com> Date: Sun, 6 Apr 2025 11:15:43 +0200 Subject: [PATCH 9/9] Adapt labels to kubernetes standard (#210) Co-authored-by: Jonatan Redondo --- charts/cadvisor/templates/_helpers.tpl | 3 +++ charts/cadvisor/templates/clusterrole.yaml | 2 ++ .../templates/clusterrolebinding.yaml | 2 ++ charts/cadvisor/templates/daemonset.yaml | 19 +++++++------------ charts/cadvisor/templates/psp.yaml | 2 ++ charts/cadvisor/templates/service.yaml | 7 ++----- charts/cadvisor/templates/serviceaccount.yaml | 2 ++ charts/cadvisor/templates/servicemonitor.yaml | 6 ++---- charts/cadvisor/values.yaml | 1 + 9 files changed, 23 insertions(+), 21 deletions(-) diff --git a/charts/cadvisor/templates/_helpers.tpl b/charts/cadvisor/templates/_helpers.tpl index 7d7a0de..a39b504 100644 --- a/charts/cadvisor/templates/_helpers.tpl +++ b/charts/cadvisor/templates/_helpers.tpl @@ -41,6 +41,9 @@ helm.sh/chart: {{ include "cadvisor.chart" . }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.commonLabels }} +{{ toYaml .Values.commonLabels }} +{{- end }} {{- end -}} {{/* diff --git a/charts/cadvisor/templates/clusterrole.yaml b/charts/cadvisor/templates/clusterrole.yaml index 2d7fa84..34a6b90 100644 --- a/charts/cadvisor/templates/clusterrole.yaml +++ b/charts/cadvisor/templates/clusterrole.yaml @@ -4,6 +4,8 @@ kind: ClusterRole metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} rules: - apiGroups: ['policy'] resources: ['podsecuritypolicies'] diff --git a/charts/cadvisor/templates/clusterrolebinding.yaml b/charts/cadvisor/templates/clusterrolebinding.yaml index d59147a..c0dbe37 100644 --- a/charts/cadvisor/templates/clusterrolebinding.yaml +++ b/charts/cadvisor/templates/clusterrolebinding.yaml @@ -4,6 +4,8 @@ kind: ClusterRoleBinding metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/charts/cadvisor/templates/daemonset.yaml b/charts/cadvisor/templates/daemonset.yaml index d9b6030..36dfdb3 100644 --- a/charts/cadvisor/templates/daemonset.yaml +++ b/charts/cadvisor/templates/daemonset.yaml @@ -8,20 +8,15 @@ metadata: {{ toYaml . | indent 4 }} {{- end }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: selector: matchLabels: - app: {{ template "cadvisor.name" . }} - release: {{ .Release.Name }} + {{- include "cadvisor.selectorLabels" . | nindent 6 }} template: metadata: labels: - app: {{ template "cadvisor.name" . }} - release: {{ .Release.Name }} + {{- include "cadvisor.selectorLabels" . | nindent 8 }} {{- range $key, $value := .Values.podLabels }} {{ $key }}: {{ $value | quote }} {{- end }} @@ -30,17 +25,17 @@ spec: {{ $key }}: {{ $value | quote }} {{- end }} spec: - {{ if .Values.priorityClassName }} + {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{ if .Values.image.pullSecrets }} + {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- range .Values.image.pullSecrets }} - name: {{ . }} {{- end }} {{- end }} serviceAccountName: {{ template "cadvisor.serviceAccountName" . }} - {{ if .Values.hostNetwork }} + {{- if .Values.hostNetwork }} hostNetwork: true {{- end }} containers: @@ -57,7 +52,7 @@ spec: mountPath: {{ default .path .mount }} readOnly: {{ list nil true | has .readOnly }} {{- end }} - {{ if .Values.podSecurityContext.create }} + {{- if .Values.podSecurityContext.create }} securityContext: privileged: {{ .Values.podSecurityContext.privileged }} {{- end }} diff --git a/charts/cadvisor/templates/psp.yaml b/charts/cadvisor/templates/psp.yaml index 56fbe05..b3e19a4 100644 --- a/charts/cadvisor/templates/psp.yaml +++ b/charts/cadvisor/templates/psp.yaml @@ -4,6 +4,8 @@ kind: PodSecurityPolicy metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4}} spec: seLinux: rule: RunAsAny diff --git a/charts/cadvisor/templates/service.yaml b/charts/cadvisor/templates/service.yaml index a68ce2f..6a5feef 100644 --- a/charts/cadvisor/templates/service.yaml +++ b/charts/cadvisor/templates/service.yaml @@ -4,10 +4,7 @@ metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: ports: - name: http @@ -15,5 +12,5 @@ spec: targetPort: {{ .Values.container.port }} protocol: TCP selector: - app: {{ template "cadvisor.name" . }} + {{- include "cadvisor.selectorLabels" . | nindent 4 }} type: ClusterIP diff --git a/charts/cadvisor/templates/serviceaccount.yaml b/charts/cadvisor/templates/serviceaccount.yaml index 77368e9..51d3068 100644 --- a/charts/cadvisor/templates/serviceaccount.yaml +++ b/charts/cadvisor/templates/serviceaccount.yaml @@ -4,4 +4,6 @@ kind: ServiceAccount metadata: name: {{ template "cadvisor.serviceAccountName" . }} namespace: {{ .Release.Namespace }} + labels: + {{- include "cadvisor.labels" . | nindent 4 }} {{- end -}} diff --git a/charts/cadvisor/templates/servicemonitor.yaml b/charts/cadvisor/templates/servicemonitor.yaml index 2b81ca6..c848266 100644 --- a/charts/cadvisor/templates/servicemonitor.yaml +++ b/charts/cadvisor/templates/servicemonitor.yaml @@ -5,10 +5,7 @@ metadata: name: {{ template "cadvisor.name" . }} namespace: {{ .Release.Namespace }} labels: - app: {{ template "cadvisor.name" . }} - chart: {{ template "cadvisor.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + {{- include "cadvisor.labels" . | nindent 4}} spec: selector: matchLabels: @@ -30,3 +27,4 @@ spec: {{- toYaml .Values.metrics.metricRelabelings | nindent 8 }} {{- end -}} {{- end -}} + diff --git a/charts/cadvisor/values.yaml b/charts/cadvisor/values.yaml index 57fe601..ff21b8d 100644 --- a/charts/cadvisor/values.yaml +++ b/charts/cadvisor/values.yaml @@ -49,6 +49,7 @@ resources: {} podAnnotations: {} podLabels: {} +commonLabels: {} daemonsetAnnotations: seccomp.security.alpha.kubernetes.io/pod: 'docker/default'