Merge branch 'main' into specified-nodeport-to-service

2025-04-06 11:16:34 +02:00 · 2025-04-06 11:16:34 +02:00 · b22c7f156b
parent 57fa377507 904866b509
commit b22c7f156b
18 changed files with 36 additions and 34 deletions
--- a/.github/workflows/label-issues.yml
+++ b/.github/workflows/label-issues.yml
@ -13,7 +13,7 @@ on:

 jobs:
  label-issues:
-    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.45.1
+    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-label-issues.yml@0.47.0
    secrets:
      token: ${{ secrets.GITHUB_TOKEN }}

--- a/.github/workflows/lint-test.yaml
+++ b/.github/workflows/lint-test.yaml
@ -15,10 +15,10 @@ jobs:
        uses: azure/setup-helm@v3.5

      - name: Setup Python
-        uses: ckotzbauer/actions-toolkit/setup-python@0.45.1
+        uses: ckotzbauer/actions-toolkit/setup-python@0.47.0

      - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.6.1
+        uses: helm/chart-testing-action@v2.7.0

      - name: Run chart-testing (list-changed)
        id: list-changed
@ -33,7 +33,7 @@ jobs:

      - name: Create kind cluster
        if: steps.list-changed.outputs.changed == 'true'
-        uses: helm/kind-action@v1.10.0
+        uses: helm/kind-action@v1.12.0
        with:
          version: v0.22.0

--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -27,6 +27,6 @@ jobs:
          helm repo add stable https://charts.helm.sh/stable

      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.6.0
+        uses: helm/chart-releaser-action@v1.7.0
        env:
          CR_TOKEN: "${{ secrets.CR_TOKEN }}"
--- a/.github/workflows/size-label.yml
+++ b/.github/workflows/size-label.yml
@ -5,7 +5,7 @@ on:

 jobs:
  size-label:
-    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.45.1
+    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-size-label.yml@0.47.0
    secrets:
      token: ${{ secrets.GITHUB_TOKEN }}

--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -5,6 +5,6 @@ on:

 jobs:
  stale:
-    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.45.1
+    uses: ckotzbauer/actions-toolkit/.github/workflows/toolkit-stale.yml@0.47.0
    secrets:
      token: ${{ secrets.GITHUB_TOKEN }}
--- a/charts/cadvisor/templates/_helpers.tpl
+++ b/charts/cadvisor/templates/_helpers.tpl
@ -41,6 +41,9 @@ helm.sh/chart: {{ include "cadvisor.chart" . }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- if .Values.commonLabels }}
+{{ toYaml .Values.commonLabels }}
+{{- end }}
 {{- end -}}

 {{/*
--- a/charts/cadvisor/templates/clusterrole.yaml
+++ b/charts/cadvisor/templates/clusterrole.yaml
@ -4,6 +4,8 @@ kind: ClusterRole
 metadata:
  name: {{ template "cadvisor.name" . }}
  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cadvisor.labels" . | nindent 4}}
 rules:
  - apiGroups: ['policy']
    resources: ['podsecuritypolicies']
--- a/charts/cadvisor/templates/clusterrolebinding.yaml
+++ b/charts/cadvisor/templates/clusterrolebinding.yaml
@ -4,6 +4,8 @@ kind: ClusterRoleBinding
 metadata:
  name: {{ template "cadvisor.name" . }}
  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cadvisor.labels" . | nindent 4}}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
--- a/charts/cadvisor/templates/daemonset.yaml
+++ b/charts/cadvisor/templates/daemonset.yaml
@ -8,20 +8,15 @@ metadata:
 {{ toYaml . | indent 4 }}
  {{- end }}
  labels:
-    app: {{ template "cadvisor.name" . }}
-    chart: {{ template "cadvisor.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+    {{- include "cadvisor.labels" . | nindent 4}}
 spec:
  selector:
    matchLabels:
-      app: {{ template "cadvisor.name" . }}
-      release: {{ .Release.Name }}
+      {{- include "cadvisor.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
-        app: {{ template "cadvisor.name" . }}
-        release: {{ .Release.Name }}
+        {{- include "cadvisor.selectorLabels" . | nindent 8 }}
        {{- range $key, $value := .Values.podLabels }}
        {{ $key }}: {{ $value | quote }}
        {{- end }}
@ -30,17 +25,17 @@ spec:
        {{ $key }}: {{ $value | quote }}
        {{- end }}
    spec:
-      {{ if .Values.priorityClassName }}
+      {{- if .Values.priorityClassName }}
      priorityClassName: {{ .Values.priorityClassName }}
      {{- end }}
-      {{ if .Values.image.pullSecrets }}
+      {{- if .Values.image.pullSecrets }}
      imagePullSecrets:
      {{- range .Values.image.pullSecrets }}
      - name: {{ . }}
      {{- end }}
      {{- end }}
      serviceAccountName: {{ template "cadvisor.serviceAccountName" . }}
-      {{ if .Values.hostNetwork }} 
+      {{- if .Values.hostNetwork }} 
      hostNetwork: true
      {{- end }}
      containers:
@ -57,7 +52,7 @@ spec:
          mountPath: {{ default .path .mount }}
          readOnly: {{ list nil true | has .readOnly }}
        {{- end }}
-        {{ if .Values.podSecurityContext.create }}
+        {{- if .Values.podSecurityContext.create }}
        securityContext:
          privileged: {{ .Values.podSecurityContext.privileged }}
        {{- end }}
--- a/charts/cadvisor/templates/psp.yaml
+++ b/charts/cadvisor/templates/psp.yaml
@ -4,6 +4,8 @@ kind: PodSecurityPolicy
 metadata:
  name: {{ template "cadvisor.name" . }}
  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cadvisor.labels" . | nindent 4}}
 spec:
  seLinux:
    rule: RunAsAny
--- a/charts/cadvisor/templates/service.yaml
+++ b/charts/cadvisor/templates/service.yaml
@ -4,10 +4,7 @@ metadata:
  name: {{ template "cadvisor.name" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    app: {{ template "cadvisor.name" . }}
-    chart: {{ template "cadvisor.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+    {{- include "cadvisor.labels" . | nindent 4}}
 spec:
  ports:
  - name: http
@ -18,5 +15,5 @@ spec:
    nodePort: {{ . }}
    {{- end }}
  selector:
-    app: {{ template "cadvisor.name" . }}
+    {{- include "cadvisor.selectorLabels" . | nindent 4 }}
  type: {{ .Values.service.type }}
--- a/charts/cadvisor/templates/serviceaccount.yaml
+++ b/charts/cadvisor/templates/serviceaccount.yaml
@ -4,4 +4,6 @@ kind: ServiceAccount
 metadata:
  name: {{ template "cadvisor.serviceAccountName" . }}
  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "cadvisor.labels" . | nindent 4 }}
 {{- end -}}
--- a/charts/cadvisor/templates/servicemonitor.yaml
+++ b/charts/cadvisor/templates/servicemonitor.yaml
@ -5,10 +5,7 @@ metadata:
  name: {{ template "cadvisor.name" . }}
  namespace: {{ .Release.Namespace }}
  labels:
-    app: {{ template "cadvisor.name" . }}
-    chart: {{ template "cadvisor.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
+    {{- include "cadvisor.labels" . | nindent 4}}
 spec:
  selector:
    matchLabels:
@ -30,3 +27,4 @@ spec:
        {{- toYaml .Values.metrics.metricRelabelings | nindent 8 }}
      {{- end -}}
 {{- end -}}
+
--- a/charts/cadvisor/values.yaml
+++ b/charts/cadvisor/values.yaml
@ -53,6 +53,7 @@ resources: {}

 podAnnotations: {}
 podLabels: {}
+commonLabels: {}

 daemonsetAnnotations:
  seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
--- a/charts/sbom-operator/Chart.yaml
+++ b/charts/sbom-operator/Chart.yaml
@ -1,8 +1,8 @@
 apiVersion: v2
 description: Catalogue all images of a Kubernetes cluster to multiple targets with Syft
 name: sbom-operator
-version: 0.37.1
-appVersion: 0.36.0
+version: 0.38.0
+appVersion: 0.37.0
 home: https://github.com/ckotzbauer/sbom-operator
 sources:
  - https://github.com/ckotzbauer/sbom-operator
--- a/charts/sbom-operator/README.md
+++ b/charts/sbom-operator/README.md
@ -31,7 +31,7 @@ The following table lists the configurable parameters of the sbom-operator chart
 |               Parameter                |                    Description                    |            Default                       |
 | -------------------------------------- | ------------------------------------------------- | ---------------------------------------- |
 | `image.repository`                     | container image repository                        | `ghcr.io/ckotzbauer/sbom-operator`       |
-| `image.tag`                            | container image tag                               | `0.36.0`                                 |
+| `image.tag`                            | container image tag                               | `0.37.0`                                 |
 | `image.pullPolicy`                     | container image pull policy                       | `IfNotPresent`                           |
 | `image.pullSecrets`                    | image pull-secrets                                | `[]`                                     |
 | `args`                                 | argument object for cli-args                      | `{}`                                     |
--- a/charts/vulnerability-operator/Chart.yaml
+++ b/charts/vulnerability-operator/Chart.yaml
@ -1,8 +1,8 @@
 apiVersion: v2
 description: Scans SBOMs for vulnerabilities
 name: vulnerability-operator
-version: 0.28.1
-appVersion: 0.26.1
+version: 0.29.0
+appVersion: 0.27.0
 home: https://github.com/ckotzbauer/vulnerability-operator
 sources:
  - https://github.com/ckotzbauer/vulnerability-operator
--- a/charts/vulnerability-operator/README.md
+++ b/charts/vulnerability-operator/README.md
@ -31,7 +31,7 @@ The following table lists the configurable parameters of the vulnerability-opera
 |               Parameter                |                    Description                    |            Default                            |
 | -------------------------------------- | ------------------------------------------------- | --------------------------------------------- |
 | `image.repository`                     | container image repository                        | `ghcr.io/ckotzbauer/vulnerability-operator`   |
-| `image.tag`                            | container image tag                               | `0.26.1`                                      |
+| `image.tag`                            | container image tag                               | `0.27.0`                                      |
 | `image.pullPolicy`                     | container image pull policy                       | `IfNotPresent`                                |
 | `args`                                 | argument object for cli-args                      | `{}`                                          |
 | `envVars`                              | environment variables                             | `{}`                                          |