From e68126aef1a12ade5203fabdaf74169f9ab9a9c7 Mon Sep 17 00:00:00 2001 From: keptn-bot <86361500+keptn-bot@users.noreply.github.com> Date: Thu, 31 Oct 2024 14:09:42 +0100 Subject: [PATCH] Update keptn-lifecycle-operator Helm chart (#178) Co-authored-by: mowies <6901203+mowies@users.noreply.github.com> Co-authored-by: Moritz Wiesinger --- charts/keptn-lifecycle-operator/Chart.yaml | 4 +- charts/keptn-lifecycle-operator/README.md | 8 +- .../templates/keptnapp-crd.yaml | 2 +- .../templates/keptnappcontext-crd.yaml | 2 +- .../keptnappcreationrequest-crd.yaml | 2 +- .../templates/keptnappversion-crd.yaml | 2 +- .../templates/keptnconfig-crd.yaml | 2 +- .../templates/keptnevaluation-crd.yaml | 2 +- .../keptnevaluationdefinition-crd.yaml | 2 +- .../templates/keptntask-crd.yaml | 2 +- .../templates/keptntaskdefinition-crd.yaml | 401 ++++++++++++++++-- .../templates/keptnworkload-crd.yaml | 2 +- .../templates/keptnworkloadversion-crd.yaml | 2 +- .../templates/lifecycle-operator-rbac.yaml | 259 ++--------- charts/keptn-lifecycle-operator/values.yaml | 8 +- 15 files changed, 418 insertions(+), 282 deletions(-) diff --git a/charts/keptn-lifecycle-operator/Chart.yaml b/charts/keptn-lifecycle-operator/Chart.yaml index 4ac8762e..b1d5360b 100644 --- a/charts/keptn-lifecycle-operator/Chart.yaml +++ b/charts/keptn-lifecycle-operator/Chart.yaml @@ -28,8 +28,8 @@ annotations: artifacthub.io/operatorCapabilities: Full Lifecycle kubeVersion: '>= 1.24.0-0' type: application -version: 0.4.1 -appVersion: v1.1.1 # x-release-please-version +version: 0.5.0 +appVersion: v1.2.0 # x-release-please-version dependencies: - name: common repository: https://charts.lifecycle.keptn.sh diff --git a/charts/keptn-lifecycle-operator/README.md b/charts/keptn-lifecycle-operator/README.md index 95e86006..7abedc3d 100644 --- a/charts/keptn-lifecycle-operator/README.md +++ b/charts/keptn-lifecycle-operator/README.md @@ -44,7 +44,7 @@ and application health checks | `lifecycleOperator.containerSecurityContext.runAsNonRoot` | | `true` | | `lifecycleOperator.containerSecurityContext.runAsUser` | | `65532` | | `lifecycleOperator.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | -| `lifecycleOperator.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v2.0.5` | +| `lifecycleOperator.env.functionRunnerImage` | specify image for deno task runtime | `ghcr.io/keptn/deno-runtime:v3.0.0` | | `lifecycleOperator.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | | `lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel` | sets the log level of Keptn App Creation Request Controller | `0` | | `lifecycleOperator.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | @@ -55,10 +55,10 @@ and application health checks | `lifecycleOperator.env.keptnWorkloadVersionControllerLogLevel` | sets the log level of Keptn WorkloadVersion Controller | `0` | | `lifecycleOperator.env.keptnDoraMetricsPort` | sets the port for accessing lifecycle metrics in prometheus format | `2222` | | `lifecycleOperator.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | -| `lifecycleOperator.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.6` | +| `lifecycleOperator.env.pythonRunnerImage` | specify image for python task runtime | `ghcr.io/keptn/python-runtime:v1.0.7` | | `lifecycleOperator.image.registry` | specify the container registry for the lifecycle-operator image | `""` | | `lifecycleOperator.image.repository` | specify registry for manager image | `keptn/lifecycle-operator` | -| `lifecycleOperator.image.tag` | select tag for manager image | `v1.1.1` | +| `lifecycleOperator.image.tag` | select tag for manager image | `v1.2.0` | | `lifecycleOperator.image.imagePullPolicy` | specify pull policy for the manager image. This overrides global values | `""` | | `lifecycleOperator.livenessProbe` | custom liveness probe for manager container | | | `lifecycleOperator.readinessProbe` | custom readinessprobe for manager container | | @@ -92,7 +92,7 @@ and application health checks | `scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | | `scheduler.image.registry` | specify the container registry for the scheduler image | `""` | | `scheduler.image.repository` | set image repository for scheduler | `keptn/scheduler` | -| `scheduler.image.tag` | set image tag for scheduler | `v1.0.1` | +| `scheduler.image.tag` | set image tag for scheduler | `v1.0.2` | | `scheduler.image.imagePullPolicy` | specify pull policy for the manager image. This overrides global values | `""` | | `scheduler.livenessProbe` | customizable liveness probe for the scheduler | | | `scheduler.readinessProbe` | customizable readiness probe for the scheduler | | diff --git a/charts/keptn-lifecycle-operator/templates/keptnapp-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnapp-crd.yaml index d86bc604..562f8d73 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnapp-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnapp-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnapps.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnappcontext-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnappcontext-crd.yaml index 7601a849..d28c225e 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnappcontext-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnappcontext-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcontexts.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/keptn-certs' {{- include "common.annotations" ( dict "context" . ) }} labels: diff --git a/charts/keptn-lifecycle-operator/templates/keptnappcreationrequest-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnappcreationrequest-crd.yaml index dea7602e..d219f732 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnappcreationrequest-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnappcreationrequest-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappcreationrequests.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnappversion-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnappversion-crd.yaml index 33ccf08a..e4935aae 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnappversion-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnappversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnappversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnconfig-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnconfig-crd.yaml index 1978a0b7..dd54b70e 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnconfig-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnconfig-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnconfigs.options.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnevaluation-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnevaluation-crd.yaml index c6f94382..ad163ab1 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnevaluation-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnevaluation-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluations.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnevaluationdefinition-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnevaluationdefinition-crd.yaml index d91e028b..3383127b 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnevaluationdefinition-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnevaluationdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnevaluationdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptntask-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptntask-crd.yaml index fa39cae8..27f4d7d2 100644 --- a/charts/keptn-lifecycle-operator/templates/keptntask-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptntask-crd.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: name: keptntasks.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptntaskdefinition-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptntaskdefinition-crd.yaml index 3d8b9284..b964b036 100644 --- a/charts/keptn-lifecycle-operator/templates/keptntaskdefinition-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptntaskdefinition-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptntaskdefinitions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -75,6 +75,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -88,6 +89,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -123,10 +125,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -186,10 +191,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -204,6 +212,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -220,10 +231,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -238,10 +252,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -250,6 +267,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -290,6 +308,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -319,6 +338,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -339,6 +359,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -387,6 +418,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -416,6 +448,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -436,6 +469,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -480,6 +524,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -496,11 +541,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -534,6 +579,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -690,6 +736,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -706,11 +753,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -744,6 +791,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -857,11 +905,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -872,6 +918,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -938,6 +990,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -951,6 +1027,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -958,6 +1035,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -969,7 +1047,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -1051,7 +1129,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -1115,6 +1192,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -1131,11 +1209,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -1169,6 +1247,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -1310,6 +1389,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -1329,6 +1411,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -1338,6 +1422,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -1355,6 +1458,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -1447,10 +1553,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1784,6 +1893,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -1797,6 +1907,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -1832,10 +1943,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -1895,10 +2009,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -1913,6 +2030,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -1929,10 +2049,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -1947,10 +2070,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -1959,6 +2085,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -1999,6 +2126,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2028,6 +2156,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2048,6 +2177,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2096,6 +2236,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -2125,6 +2266,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2145,6 +2287,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -2189,6 +2342,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2205,11 +2359,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2243,6 +2397,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2399,6 +2554,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2415,11 +2571,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2453,6 +2609,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -2566,11 +2723,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -2581,6 +2736,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2647,6 +2808,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -2660,6 +2845,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -2667,6 +2853,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -2678,7 +2865,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -2760,7 +2947,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -2824,6 +3010,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -2840,11 +3027,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -2878,6 +3065,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3019,6 +3207,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -3038,6 +3229,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -3047,6 +3240,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -3064,6 +3276,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -3230,10 +3445,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -3415,6 +3633,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic command: description: |- Entrypoint array. Not executed within a shell. @@ -3428,6 +3647,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic env: description: |- List of environment variables to set in the container. @@ -3463,10 +3683,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap or its @@ -3526,10 +3749,13 @@ spec: be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or its key @@ -3544,6 +3770,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: description: |- List of sources to populate environment variables in the container. @@ -3560,10 +3789,13 @@ spec: description: The ConfigMap to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap must be defined @@ -3578,10 +3810,13 @@ spec: description: The Secret to select from properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret must be defined @@ -3590,6 +3825,7 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: description: |- Container image name. @@ -3630,6 +3866,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3659,6 +3896,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3679,6 +3917,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3727,6 +3976,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. @@ -3756,6 +4006,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -3776,6 +4027,17 @@ spec: required: - port type: object + sleep: + description: Sleep represents the duration that the container + should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object tcpSocket: description: |- Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept @@ -3820,6 +4082,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -3836,11 +4099,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -3874,6 +4137,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4030,6 +4294,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4046,11 +4311,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4084,6 +4349,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4197,11 +4463,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. @@ -4212,6 +4476,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -4278,6 +4548,30 @@ spec: 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. type: boolean + appArmorProfile: + description: |- + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + type: string + type: + description: |- + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + type: string + required: + - type + type: object capabilities: description: |- The capabilities to add/drop when running containers. @@ -4291,6 +4585,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -4298,6 +4593,7 @@ spec: type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: description: |- @@ -4309,7 +4605,7 @@ spec: procMount: description: |- procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. @@ -4391,7 +4687,6 @@ spec: type indicates which kind of seccomp profile will be applied. Valid options are: - Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. @@ -4455,6 +4750,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: description: |- @@ -4471,11 +4767,11 @@ spec: format: int32 type: integer service: + default: "" description: |- Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. type: string required: @@ -4509,6 +4805,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. type: string @@ -4650,6 +4947,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: description: |- Pod volumes to mount into the container's filesystem. @@ -4669,6 +4969,8 @@ spec: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). type: string name: description: This must match the Name of a Volume. @@ -4678,6 +4980,25 @@ spec: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + If ReadOnly is false, this field has no meaning and must be unspecified. + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + If this field is not specified, it is treated as an equivalent of Disabled. + type: string subPath: description: |- Path within the volume from which the container's volume should be mounted. @@ -4695,6 +5016,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: description: |- Container's working directory. @@ -4861,10 +5185,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic diff --git a/charts/keptn-lifecycle-operator/templates/keptnworkload-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnworkload-crd.yaml index ac7f9b90..1214f813 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnworkload-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnworkload-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloads.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/keptnworkloadversion-crd.yaml b/charts/keptn-lifecycle-operator/templates/keptnworkloadversion-crd.yaml index 92d62191..b7f3b7c5 100644 --- a/charts/keptn-lifecycle-operator/templates/keptnworkloadversion-crd.yaml +++ b/charts/keptn-lifecycle-operator/templates/keptnworkloadversion-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: keptnworkloadversions.lifecycle.keptn.sh annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.5 {{- with .Values.global.caInjectionAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/charts/keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml b/charts/keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml index 1f45b3ff..a3238406 100644 --- a/charts/keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml +++ b/charts/keptn-lifecycle-operator/templates/lifecycle-operator-rbac.yaml @@ -10,42 +10,6 @@ metadata: labels: {{- include "common.labels.standard" ( dict "context" . ) | nindent 4 }} rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - rollouts - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - batch - resources: - - jobs/status - verbs: - - get - - list - apiGroups: - "" resources: @@ -91,8 +55,8 @@ rules: verbs: - get - list - - watch - update + - watch - apiGroups: - "" resources: @@ -100,120 +64,45 @@ rules: verbs: - get - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcontexts - verbs: - - get - - list - - watch -- apiGroups: - - lifecycle.keptn.sh + - apps resources: - - keptnappcreationrequests + - daemonsets + - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappcreationrequests/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - argoproj.io resources: - - keptnapps + - rollouts verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnapps/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversion + - jobs verbs: - create - - delete - get - list - - patch - update - watch - apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversion/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh + - batch resources: - - keptnappversions + - jobs/status verbs: - - create - - delete - get - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnappversions/status - verbs: - - get - - patch - - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcontexts - keptnevaluationdefinitions verbs: - get @@ -222,111 +111,15 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests + - keptnapps + - keptnappversion + - keptnappversions - keptnevaluations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnevaluations/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntaskdefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntaskdefinitions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptntasks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptntasks/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/finalizers - verbs: - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - - keptnworkloadversions/status - verbs: - - get - - patch - - update -- apiGroups: - - lifecycle.keptn.sh - resources: - keptnworkloads + - keptnworkloadversions verbs: - create - delete @@ -338,13 +131,29 @@ rules: - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/finalizers + - keptnapps/finalizers + - keptnappversion/finalizers + - keptnappversions/finalizers + - keptnevaluations/finalizers + - keptntaskdefinitions/finalizers + - keptntasks/finalizers - keptnworkloads/finalizers + - keptnworkloadversions/finalizers verbs: - update - apiGroups: - lifecycle.keptn.sh resources: + - keptnappcreationrequests/status + - keptnapps/status + - keptnappversion/status + - keptnappversions/status + - keptnevaluations/status + - keptntaskdefinitions/status + - keptntasks/status - keptnworkloads/status + - keptnworkloadversions/status verbs: - get - patch diff --git a/charts/keptn-lifecycle-operator/values.yaml b/charts/keptn-lifecycle-operator/values.yaml index 075ee0d4..0f75a02e 100644 --- a/charts/keptn-lifecycle-operator/values.yaml +++ b/charts/keptn-lifecycle-operator/values.yaml @@ -80,7 +80,7 @@ lifecycleOperator: type: RuntimeDefault ## @param lifecycleOperator.env.functionRunnerImage specify image for deno task runtime env: - functionRunnerImage: ghcr.io/keptn/deno-runtime:v2.0.5 + functionRunnerImage: ghcr.io/keptn/deno-runtime:v3.0.0 ## @param lifecycleOperator.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller keptnAppControllerLogLevel: "0" ## @param lifecycleOperator.env.keptnAppCreationRequestControllerLogLevel sets the log level of Keptn App Creation Request Controller @@ -102,14 +102,14 @@ lifecycleOperator: ## @param lifecycleOperator.env.optionsControllerLogLevel sets the log level of Keptn Options Controller optionsControllerLogLevel: "0" ## @param lifecycleOperator.env.pythonRunnerImage specify image for python task runtime - pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.6 + pythonRunnerImage: ghcr.io/keptn/python-runtime:v1.0.7 image: ## @param lifecycleOperator.image.registry specify the container registry for the lifecycle-operator image registry: "" ## @param lifecycleOperator.image.repository specify registry for manager image repository: keptn/lifecycle-operator ## @param lifecycleOperator.image.tag select tag for manager image - tag: v1.1.1 # x-release-please-version + tag: v1.2.0 # x-release-please-version ## @param lifecycleOperator.image.imagePullPolicy specify pull policy for the manager image. This overrides global values imagePullPolicy: "" ## @extra lifecycleOperator.livenessProbe custom liveness probe for manager container @@ -226,7 +226,7 @@ scheduler: ## @param scheduler.image.repository set image repository for scheduler repository: keptn/scheduler ## @param scheduler.image.tag set image tag for scheduler - tag: v1.0.1 + tag: v1.0.2 ## @param scheduler.image.imagePullPolicy specify pull policy for the manager image. This overrides global values imagePullPolicy: "" ## @extra scheduler.livenessProbe customizable liveness probe for the scheduler