From bccf8f19cea9c8c2b8b194c5f2f30f8eed1949c5 Mon Sep 17 00:00:00 2001 From: Christian Zunker <827818+czunker@users.noreply.github.com> Date: Tue, 20 Jun 2023 14:49:51 +0200 Subject: [PATCH] mondoo-operator-1.14.1 (#823) Signed-off-by: Christian Zunker --- bundle.Dockerfile | 2 +- charts/mondoo-operator/Chart.yaml | 4 +-- .../mondoo-operator/templates/deployment.yaml | 21 ++++------------ .../templates/manager-config.yaml | 18 ++----------- .../templates/metrics-service.yaml | 1 - charts/mondoo-operator/values.yaml | 25 +++++++++++++++---- config/manager/kustomization.yaml | 2 +- config/webhook/kustomization.yaml | 2 +- 8 files changed, 32 insertions(+), 43 deletions(-) diff --git a/bundle.Dockerfile b/bundle.Dockerfile index c9938fdb7..65fd4172c 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -6,7 +6,7 @@ LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=mondoo-operator LABEL operators.operatorframework.io.bundle.channels.v1=alpha -LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.1 +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.29.0 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4-alpha diff --git a/charts/mondoo-operator/Chart.yaml b/charts/mondoo-operator/Chart.yaml index 06afa6ac7..13a314aaf 100755 --- a/charts/mondoo-operator/Chart.yaml +++ b/charts/mondoo-operator/Chart.yaml @@ -13,9 +13,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.14.0 +version: 1.14.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "1.14.0" +appVersion: "1.14.1" diff --git a/charts/mondoo-operator/templates/deployment.yaml b/charts/mondoo-operator/templates/deployment.yaml index d3cd6c281..1b44ed237 100644 --- a/charts/mondoo-operator/templates/deployment.yaml +++ b/charts/mondoo-operator/templates/deployment.yaml @@ -29,30 +29,24 @@ spec: replicas: {{ .Values.controllerManager.replicas }} selector: matchLabels: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 6 }} template: metadata: labels: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager spec: containers: - - args: - - operator - - --health-probe-bind-address=:8081 - - --metrics-bind-address=:8080 - - --leader-elect + - args: {{- toYaml .Values.controllerManager.manager.args | nindent 8 }} command: - /mondoo-operator env: - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ .Values.kubernetesClusterDomain }} + value: {{ quote .Values.kubernetesClusterDomain }} image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag | default .Chart.AppVersion }} - imagePullPolicy: IfNotPresent + imagePullPolicy: {{ .Values.controllerManager.manager.imagePullPolicy }} livenessProbe: httpGet: path: /healthz @@ -72,13 +66,8 @@ spec: periodSeconds: 10 resources: {{- toYaml .Values.controllerManager.manager.resources | nindent 10 }} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true + securityContext: {{- toYaml .Values.controllerManager.manager.containerSecurityContext + | nindent 10 }} securityContext: runAsNonRoot: true serviceAccountName: {{ include "mondoo-operator.fullname" . }}-controller-manager diff --git a/charts/mondoo-operator/templates/manager-config.yaml b/charts/mondoo-operator/templates/manager-config.yaml index 10bbadc50..21660a437 100644 --- a/charts/mondoo-operator/templates/manager-config.yaml +++ b/charts/mondoo-operator/templates/manager-config.yaml @@ -5,19 +5,5 @@ metadata: labels: {{- include "mondoo-operator.labels" . | nindent 4 }} data: - controller_manager_config.yaml: | - apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 - health: - healthProbeBindAddress: {{ .Values.managerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress - | quote }} - kind: ControllerManagerConfig - leaderElection: - leaderElect: {{ .Values.managerConfig.controllerManagerConfigYaml.leaderElection.leaderElect - }} - resourceName: {{ .Values.managerConfig.controllerManagerConfigYaml.leaderElection.resourceName - | quote }} - metrics: - bindAddress: {{ .Values.managerConfig.controllerManagerConfigYaml.metrics.bindAddress - | quote }} - webhook: - port: {{ .Values.managerConfig.controllerManagerConfigYaml.webhook.port }} \ No newline at end of file + controller_manager_config.yaml: {{ .Values.managerConfig.controllerManagerConfigYaml + | toYaml | indent 1 }} \ No newline at end of file diff --git a/charts/mondoo-operator/templates/metrics-service.yaml b/charts/mondoo-operator/templates/metrics-service.yaml index 8cff6e776..2ffe9f1c9 100644 --- a/charts/mondoo-operator/templates/metrics-service.yaml +++ b/charts/mondoo-operator/templates/metrics-service.yaml @@ -7,7 +7,6 @@ metadata: spec: type: {{ .Values.metricsService.type }} selector: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 4 }} ports: {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/charts/mondoo-operator/values.yaml b/charts/mondoo-operator/values.yaml index c16b4ef10..7a452e486 100644 --- a/charts/mondoo-operator/values.yaml +++ b/charts/mondoo-operator/values.yaml @@ -1,8 +1,21 @@ controllerManager: manager: + args: + - operator + - --health-probe-bind-address=:8081 + - --metrics-bind-address=:8080 + - --leader-elect + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true image: repository: ghcr.io/mondoohq/mondoo-operator - tag: v1.14.0 + tag: v1.14.1 + imagePullPolicy: IfNotPresent resources: limits: cpu: 200m @@ -13,16 +26,18 @@ controllerManager: replicas: 1 kubernetesClusterDomain: cluster.local managerConfig: - controllerManagerConfigYaml: + controllerManagerConfigYaml: |- + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig health: healthProbeBindAddress: :8081 - leaderElection: - leaderElect: true - resourceName: 60679458.mondoo.com metrics: bindAddress: 127.0.0.1:8080 webhook: port: 9443 + leaderElection: + leaderElect: true + resourceName: 60679458.mondoo.com metricsService: ports: - name: metrics diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index cf2627e53..64084d29b 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -14,4 +14,4 @@ kind: Kustomization images: - name: controller newName: ghcr.io/mondoohq/mondoo-operator - newTag: v1.14.0 + newTag: v1.14.1 diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index ce2dc191d..5d4aacaab 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -7,4 +7,4 @@ resources: images: - name: controller newName: ghcr.io/mondoohq/mondoo-operator - newTag: v1.14.0 + newTag: v1.14.1