From 917896b0c0392e401e093330249781768cfd728c Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Tue, 5 Mar 2024 10:18:05 -0800 Subject: [PATCH] release: update manifest and helm charts for v1.2.1 (#1279) Signed-off-by: Anish Ramasekar --- Makefile | 2 +- charts/workload-identity-webhook/Chart.yaml | 4 ++-- charts/workload-identity-webhook/README.md | 2 +- .../templates/azure-wi-webhook-manager-role-clusterrole.yaml | 1 - .../templates/azure-wi-webhook-manager-role-role.yaml | 1 - charts/workload-identity-webhook/values.yaml | 2 +- config/manager/kustomization.yaml | 2 +- deploy/azure-wi-webhook.yaml | 4 +--- docs/book/src/installation/mutating-admission-webhook.md | 2 +- examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml | 4 ++-- manifest_staging/charts/workload-identity-webhook/Chart.yaml | 4 ++-- manifest_staging/charts/workload-identity-webhook/README.md | 2 +- manifest_staging/charts/workload-identity-webhook/values.yaml | 2 +- manifest_staging/deploy/azure-wi-webhook.yaml | 2 +- pkg/cmd/podidentity/detect.go | 2 +- .../open-policy-agent/gatekeeper/helmify/static/Chart.yaml | 4 ++-- .../open-policy-agent/gatekeeper/helmify/static/README.md | 2 +- .../open-policy-agent/gatekeeper/helmify/static/values.yaml | 2 +- 18 files changed, 20 insertions(+), 24 deletions(-) diff --git a/Makefile b/Makefile index 3fd87b727..45d3de8a5 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ REGISTRY ?= mcr.microsoft.com/oss/azure/workload-identity PROXY_IMAGE_NAME := proxy INIT_IMAGE_NAME := proxy-init WEBHOOK_IMAGE_NAME := webhook -IMAGE_VERSION ?= v1.2.0 +IMAGE_VERSION ?= v1.2.1 ORG_PATH := github.com/Azure PROJECT_NAME := azure-workload-identity diff --git a/charts/workload-identity-webhook/Chart.yaml b/charts/workload-identity-webhook/Chart.yaml index 10a59ac44..5812d86f7 100644 --- a/charts/workload-identity-webhook/Chart.yaml +++ b/charts/workload-identity-webhook/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 1.2.0 -appVersion: v1.2.0 +version: 1.2.1 +appVersion: v1.2.1 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/charts/workload-identity-webhook/README.md b/charts/workload-identity-webhook/README.md index 45a7be462..ffd3d41b0 100644 --- a/charts/workload-identity-webhook/README.md +++ b/charts/workload-identity-webhook/README.md @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v1.2.0` | +| image.release | The image release tag to use | Current release version: `v1.2.1` | | imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | diff --git a/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-clusterrole.yaml b/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-clusterrole.yaml index 1c27a8230..edad39bb7 100644 --- a/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-clusterrole.yaml +++ b/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-clusterrole.yaml @@ -1,7 +1,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null labels: app: '{{ template "workload-identity-webhook.name" . }}' azure-workload-identity.io/system: "true" diff --git a/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-role.yaml b/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-role.yaml index 39a32733b..633aac1d1 100644 --- a/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-role.yaml +++ b/charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-role.yaml @@ -1,7 +1,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - creationTimestamp: null labels: app: '{{ template "workload-identity-webhook.name" . }}' azure-workload-identity.io/system: "true" diff --git a/charts/workload-identity-webhook/values.yaml b/charts/workload-identity-webhook/values.yaml index 305953bd3..84e742cae 100644 --- a/charts/workload-identity-webhook/values.yaml +++ b/charts/workload-identity-webhook/values.yaml @@ -7,7 +7,7 @@ image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v1.2.0 + release: v1.2.1 imagePullSecrets: [] nodeSelector: kubernetes.io/os: linux diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 26d8220cf..b2e235248 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization images: - name: manager newName: mcr.microsoft.com/oss/azure/workload-identity/webhook - newTag: v1.2.0 + newTag: v1.2.1 configMapGenerator: - literals: - AZURE_TENANT_ID="${AZURE_TENANT_ID}" diff --git a/deploy/azure-wi-webhook.yaml b/deploy/azure-wi-webhook.yaml index 278b10bb4..64d14004c 100644 --- a/deploy/azure-wi-webhook.yaml +++ b/deploy/azure-wi-webhook.yaml @@ -22,7 +22,6 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - creationTimestamp: null labels: azure-workload-identity.io/system: "true" name: azure-wi-webhook-manager-role @@ -44,7 +43,6 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null labels: azure-workload-identity.io/system: "true" name: azure-wi-webhook-manager-role @@ -162,7 +160,7 @@ spec: envFrom: - configMapRef: name: azure-wi-webhook-config - image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.2.0 + image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 6 diff --git a/docs/book/src/installation/mutating-admission-webhook.md b/docs/book/src/installation/mutating-admission-webhook.md index c35111056..32f08e061 100644 --- a/docs/book/src/installation/mutating-admission-webhook.md +++ b/docs/book/src/installation/mutating-admission-webhook.md @@ -73,7 +73,7 @@ The deployment YAML contains the environment variables we defined above and we r Install the webhook using the deployment YAML via `kubectl apply -f` and `envsubst`: ```bash -curl -sL https://github.com/Azure/azure-workload-identity/releases/download/v1.2.0/azure-wi-webhook.yaml | envsubst | kubectl apply -f - +curl -sL https://github.com/Azure/azure-workload-identity/releases/download/v1.2.1/azure-wi-webhook.yaml | envsubst | kubectl apply -f - ```
diff --git a/examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml b/examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml index 492f59174..c678f18ef 100644 --- a/examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml +++ b/examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml @@ -8,7 +8,7 @@ spec: serviceAccountName: workload-identity-sa initContainers: - name: init-networking - image: mcr.microsoft.com/oss/azure/workload-identity/proxy-init:v1.2.0 + image: mcr.microsoft.com/oss/azure/workload-identity/proxy-init:v1.2.1 securityContext: capabilities: add: @@ -26,6 +26,6 @@ spec: ports: - containerPort: 80 - name: proxy - image: mcr.microsoft.com/oss/azure/workload-identity/proxy:v1.2.0 + image: mcr.microsoft.com/oss/azure/workload-identity/proxy:v1.2.1 ports: - containerPort: 8000 diff --git a/manifest_staging/charts/workload-identity-webhook/Chart.yaml b/manifest_staging/charts/workload-identity-webhook/Chart.yaml index 10a59ac44..5812d86f7 100644 --- a/manifest_staging/charts/workload-identity-webhook/Chart.yaml +++ b/manifest_staging/charts/workload-identity-webhook/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 1.2.0 -appVersion: v1.2.0 +version: 1.2.1 +appVersion: v1.2.1 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/manifest_staging/charts/workload-identity-webhook/README.md b/manifest_staging/charts/workload-identity-webhook/README.md index 45a7be462..ffd3d41b0 100644 --- a/manifest_staging/charts/workload-identity-webhook/README.md +++ b/manifest_staging/charts/workload-identity-webhook/README.md @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v1.2.0` | +| image.release | The image release tag to use | Current release version: `v1.2.1` | | imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | diff --git a/manifest_staging/charts/workload-identity-webhook/values.yaml b/manifest_staging/charts/workload-identity-webhook/values.yaml index 305953bd3..84e742cae 100644 --- a/manifest_staging/charts/workload-identity-webhook/values.yaml +++ b/manifest_staging/charts/workload-identity-webhook/values.yaml @@ -7,7 +7,7 @@ image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v1.2.0 + release: v1.2.1 imagePullSecrets: [] nodeSelector: kubernetes.io/os: linux diff --git a/manifest_staging/deploy/azure-wi-webhook.yaml b/manifest_staging/deploy/azure-wi-webhook.yaml index aa4947e93..64d14004c 100644 --- a/manifest_staging/deploy/azure-wi-webhook.yaml +++ b/manifest_staging/deploy/azure-wi-webhook.yaml @@ -160,7 +160,7 @@ spec: envFrom: - configMapRef: name: azure-wi-webhook-config - image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.2.0 + image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 6 diff --git a/pkg/cmd/podidentity/detect.go b/pkg/cmd/podidentity/detect.go index eea80170f..1aa538133 100644 --- a/pkg/cmd/podidentity/detect.go +++ b/pkg/cmd/podidentity/detect.go @@ -35,7 +35,7 @@ var ( const ( imageRepository = "mcr.microsoft.com/oss/azure/workload-identity" - imageTag = "v1.2.0" + imageTag = "v1.2.1" proxyInitImageName = "proxy-init" proxyImageName = "proxy" diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml b/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml index 10a59ac44..5812d86f7 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: workload-identity-webhook description: A Helm chart to install the azure-workload-identity webhook type: application -version: 1.2.0 -appVersion: v1.2.0 +version: 1.2.1 +appVersion: v1.2.1 home: https://github.com/Azure/azure-workload-identity sources: - https://github.com/Azure/azure-workload-identity diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md index 45a7be462..ffd3d41b0 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/README.md +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/README.md @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide | replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` | | image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` | | image.pullPolicy | Image pullPolicy | `IfNotPresent` | -| image.release | The image release tag to use | Current release version: `v1.2.0` | +| image.release | The image release tag to use | Current release version: `v1.2.1` | | imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` | | nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` | | resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi | diff --git a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml index 305953bd3..84e742cae 100644 --- a/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml +++ b/third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml @@ -7,7 +7,7 @@ image: repository: mcr.microsoft.com/oss/azure/workload-identity/webhook pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - release: v1.2.0 + release: v1.2.1 imagePullSecrets: [] nodeSelector: kubernetes.io/os: linux