diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml index 03702c1..18f9650 100644 --- a/.github/workflows/automerge.yml +++ b/.github/workflows/automerge.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: automerge - uses: "pascalgn/automerge-action@4775c532c615e0491d53bc42c0893840ae7cc07a" + uses: "pascalgn/automerge-action@a6eda95628e71aa97719c9e111847402fa9d476a" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" MERGE_LABELS: "approved,!work-in-progress,!hold" diff --git a/charts/cadvisor/Chart.yaml b/charts/cadvisor/Chart.yaml index ca245df..5c91add 100644 --- a/charts/cadvisor/Chart.yaml +++ b/charts/cadvisor/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: A chart for a Cadvisor deployment name: cadvisor -version: 1.1.4 -appVersion: 0.36.0 +version: 1.2.0 +appVersion: 0.37.0 home: https://github.com/google/cadvisor sources: - https://github.com/google/cadvisor diff --git a/charts/cadvisor/README.md b/charts/cadvisor/README.md index 0d2e83c..dcfbc41 100644 --- a/charts/cadvisor/README.md +++ b/charts/cadvisor/README.md @@ -41,24 +41,25 @@ The command removes all the Kubernetes components associated with the chart and The following table lists the configurable parameters of the Prometheus MSTeams chart and their default values. -| Parameter | Description | Default | -| -------------------------- | ------------------------------------------------ | --------------------- | -| `image.repository` | container image repository | `k8s.gcr.io/cadvisor` | -| `image.tag` | container image tag | `v0.36.0` | -| `image.pullPolicy` | container image pull policy | `IfNotPresent` | -| `image.pullSecrets` | container image pull secrets | `[]` | -| `nodeSelector` | node labels for pod assignment | `{}` | -| `tolerations` | node tolerations for pod assignment | `[]` | -| `affinity` | node affinity for pod assignment | `{}` | -| `container.port` | the container and service port to use | 8080 | -| `container.additionalArgs` | additional container arguments | see values.yaml | -| `container.hostPaths` | hostPaths to mount in the container | see values.yaml | -| `resources` | pod resource requests & limits | `{}` | -| `serviceAccount.create` | create a own serviceAccount for the pod | `true` | -| `serviceAccount.name` | name of the serviceAccount to create | `""` | -| `podAnnotations` | annotations for the daemonset pods | `{}` | -| `podSecurityPolicy.create` | create a own PodSecurityPolicy for the pod | `false` | -| `metrics.enabled` | create ServiceMonitor CR for Prometheus operator | `false` | +| Parameter | Description | Default | +| ------------------------------ | ------------------------------------------------ | --------------------- | +| `image.repository` | container image repository | `k8s.gcr.io/cadvisor` | +| `image.tag` | container image tag | `v0.37.0` | +| `image.pullPolicy` | container image pull policy | `IfNotPresent` | +| `image.pullSecrets` | container image pull secrets | `[]` | +| `nodeSelector` | node labels for pod assignment | `{}` | +| `tolerations` | node tolerations for pod assignment | `[]` | +| `affinity` | node affinity for pod assignment | `{}` | +| `container.port` | the container and service port to use | 8080 | +| `container.additionalArgs` | additional container arguments | see values.yaml | +| `container.hostPaths` | hostPaths to mount in the container | see values.yaml | +| `resources` | pod resource requests & limits | `{}` | +| `serviceAccount.create` | create a own serviceAccount for the pod | `true` | +| `serviceAccount.name` | name of the serviceAccount to create | `""` | +| `podAnnotations` | annotations for the daemonset pods | `{}` | +| `podSecurityPolicy.create` | create a own PodSecurityPolicy for the pod | `false` | +| `podSecurityPolicy.privileged` | create the PodSecurityPolicy as privileged | `false` | +| `metrics.enabled` | create ServiceMonitor CR for Prometheus operator | `false` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/charts/cadvisor/templates/psp.yaml b/charts/cadvisor/templates/psp.yaml index cb40b83..f3d12a4 100644 --- a/charts/cadvisor/templates/psp.yaml +++ b/charts/cadvisor/templates/psp.yaml @@ -14,6 +14,9 @@ spec: rule: RunAsAny volumes: - '*' + {{ if .Values.podSecurityPolicy.privileged }} + privileged: true + {{- end }} allowedHostPaths: {{- range .Values.container.hostPaths }} - pathPrefix: {{ .path }} diff --git a/charts/cadvisor/values.yaml b/charts/cadvisor/values.yaml index 3366082..98300b3 100644 --- a/charts/cadvisor/values.yaml +++ b/charts/cadvisor/values.yaml @@ -1,6 +1,6 @@ image: repository: k8s.gcr.io/cadvisor - tag: v0.36.0 + tag: v0.37.0 pullPolicy: IfNotPresent ## Reference to one or more secrets to be used when pulling images @@ -56,6 +56,7 @@ serviceAccount: podSecurityPolicy: create: false + privileged: false nodeSelector: {}