diff --git a/charts/kubezero-argo/README.md b/charts/kubezero-argo/README.md index e484cf82..9a816eda 100644 --- a/charts/kubezero-argo/README.md +++ b/charts/kubezero-argo/README.md @@ -1,6 +1,6 @@ # kubezero-argo -![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) +![Version: 0.4.1](https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square) KubeZero Argo - Events, Workflow, CD @@ -18,9 +18,9 @@ Kubernetes: `>= 1.30.0-0` | Repository | Name | Version | |------------|------|---------| -| https://argoproj.github.io/argo-helm | argo-cd | 8.0.9 | +| https://argoproj.github.io/argo-helm | argo-cd | 8.0.14 | | https://argoproj.github.io/argo-helm | argo-events | 2.4.15 | -| https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.1 | +| https://argoproj.github.io/argo-helm | argocd-image-updater | 0.12.2 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | 0.2.1 | ## Values @@ -53,7 +53,7 @@ Kubernetes: `>= 1.30.0-0` | argo-cd.dex.enabled | bool | `false` | | | argo-cd.enabled | bool | `false` | | | argo-cd.global.image.repository | string | `"public.ecr.aws/zero-downtime/zdt-argocd"` | | -| argo-cd.global.image.tag | string | `"v3.0.3"` | | +| argo-cd.global.image.tag | string | `"v3.0.5"` | | | argo-cd.global.logging.format | string | `"json"` | | | argo-cd.global.networkPolicy.create | bool | `true` | | | argo-cd.istio.enabled | bool | `false` | | @@ -83,8 +83,8 @@ Kubernetes: `>= 1.30.0-0` | argo-events.configs.jetstream.streamConfig.maxMsgs | int | `1000000` | Maximum number of messages before expiring oldest message | | argo-events.configs.jetstream.streamConfig.replicas | int | `1` | Number of replicas, defaults to 3 and requires minimal 3 | | argo-events.configs.jetstream.versions[0].configReloaderImage | string | `"natsio/nats-server-config-reloader:0.14.1"` | | -| argo-events.configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.17.2"` | | -| argo-events.configs.jetstream.versions[0].natsImage | string | `"nats:2.11.1-scratch"` | | +| argo-events.configs.jetstream.versions[0].metricsExporterImage | string | `"natsio/prometheus-nats-exporter:0.17.3"` | | +| argo-events.configs.jetstream.versions[0].natsImage | string | `"nats:2.11.4-scratch"` | | | argo-events.configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | | argo-events.configs.jetstream.versions[0].version | string | `"2.10.11"` | | | argo-events.enabled | bool | `false` | | diff --git a/charts/kubezero-argo/values.yaml b/charts/kubezero-argo/values.yaml index 6387ef1f..ac7285a5 100644 --- a/charts/kubezero-argo/values.yaml +++ b/charts/kubezero-argo/values.yaml @@ -38,7 +38,7 @@ argo-cd: format: json image: repository: public.ecr.aws/zero-downtime/zdt-argocd - tag: v3.0.3 + tag: v3.0.5 networkPolicy: create: true diff --git a/charts/kubezero-policy/templates/kyverno/certifcates.yaml b/charts/kubezero-policy/templates/kyverno/certifcates.yaml new file mode 100644 index 00000000..5ff7bc0d --- /dev/null +++ b/charts/kubezero-policy/templates/kyverno/certifcates.yaml @@ -0,0 +1,52 @@ +{{- if and false .Values.kyverno.enabled }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ template "kubezero-lib.fullname" . }}-admission-tls + namespace: {{ .Release.Namespace }} + labels: + {{ include "kubezero-lib.labels" . | nindent 4 }} +spec: + secretName: {{ template "kubezero-lib.fullname" . }}-kyverno-svc.{{ .Release.Namespace }}.svc.kyverno-tls-pair + issuerRef: + name: kubezero-local-ca-issuer + kind: ClusterIssuer + duration: 8760h0m0s + privateKey: + encoding: PKCS8 + usages: + - "client auth" + - "server auth" + commonName: {{ template "kubezero-lib.fullname" . }}-admission + dnsNames: + # -- + - 'kyverno-svc' + - 'kyverno-svc.{{ .Release.Namespace }}' + - 'kyverno-svc.{{ .Release.Namespace }}.svc' +--- + +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ template "kubezero-lib.fullname" . }}-cleanup-tls + namespace: {{ .Release.Namespace }} + labels: + {{ include "kubezero-lib.labels" . | nindent 4 }} +spec: + secretName: {{ template "kubezero-lib.fullname" . }}-kyverno-cleanup-controller.{{ .Release.Namespace }}.svc.kyverno-tls-pair + issuerRef: + name: kubezero-local-ca-issuer + kind: ClusterIssuer + duration: 8760h0m0s + privateKey: + encoding: PKCS8 + usages: + - "client auth" + - "server auth" + commonName: {{ template "kubezero-lib.fullname" . }}-cleanup-controller + dnsNames: + # -- + - 'kyverno-cleanup-controller' + - 'kyverno-cleanup-controller.{{ .Release.Namespace }}' + - 'kyverno-cleanup-controller.{{ .Release.Namespace }}.svc' +{{- end }} diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml index 9e1bc0bb..7c6db1ec 100644 --- a/charts/kubezero/values.yaml +++ b/charts/kubezero/values.yaml @@ -122,7 +122,7 @@ logging: argo: enabled: false namespace: argocd - targetRevision: 0.4.0 + targetRevision: 0.4.1 argo-cd: enabled: false istio: