From 60e37ba54763f4e4b01a8ab40b9539263c744f6d Mon Sep 17 00:00:00 2001 From: Jan Martens Date: Sun, 1 Dec 2024 23:35:33 +0100 Subject: [PATCH 1/2] update openbao to 2.1.0 Signed-off-by: Jan Martens --- charts/openbao/Chart.yaml | 4 ++-- charts/openbao/README.md | 10 +++++----- charts/openbao/values.openshift.yaml | 4 ++-- charts/openbao/values.yaml | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/charts/openbao/Chart.yaml b/charts/openbao/Chart.yaml index f57d37f0..d09d1b1f 100644 --- a/charts/openbao/Chart.yaml +++ b/charts/openbao/Chart.yaml @@ -3,8 +3,8 @@ apiVersion: v2 name: openbao -version: 0.6.0 -appVersion: v2.0.2 +version: 0.7.0 +appVersion: v2.1.0 kubeVersion: ">= 1.27.0-0" description: Official OpenBao Chart home: https://github.com/openbao/openbao-helm diff --git a/charts/openbao/README.md b/charts/openbao/README.md index 70bc13c9..84b8e02f 100644 --- a/charts/openbao/README.md +++ b/charts/openbao/README.md @@ -1,6 +1,6 @@ # openbao -![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![AppVersion: v2.0.2](https://img.shields.io/badge/AppVersion-v2.0.2-informational?style=flat-square) +![Version: 0.7.0](https://img.shields.io/badge/Version-0.7.0-informational?style=flat-square) ![AppVersion: v2.1.0](https://img.shields.io/badge/AppVersion-v2.1.0-informational?style=flat-square) Official OpenBao Chart @@ -29,7 +29,7 @@ Kubernetes: `>= 1.27.0-0` | csi.agent.image.pullPolicy | string | `"IfNotPresent"` | image pull policy to use for agent image. if tag is "latest", set to "Always" | | csi.agent.image.registry | string | `"quay.io"` | image registry to use for agent image | | csi.agent.image.repository | string | `"openbao/openbao"` | image repo to use for agent image | -| csi.agent.image.tag | string | `"2.0.2"` | image tag to use for agent image | +| csi.agent.image.tag | string | `"2.1.0"` | image tag to use for agent image | | csi.agent.logFormat | string | `"standard"` | | | csi.agent.logLevel | string | `"info"` | | | csi.agent.resources | object | `{}` | | @@ -87,11 +87,11 @@ Kubernetes: `>= 1.27.0-0` | injector.agentDefaults.template | string | `"map"` | | | injector.agentDefaults.templateConfig.exitOnRetryFailure | bool | `true` | | | injector.agentDefaults.templateConfig.staticSecretRenderInterval | string | `""` | | -| injector.agentImage | object | `{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"openbao/openbao","tag":"2.0.2"}` | agentImage sets the repo and tag of the OpenBao image to use for the OpenBao Agent containers. This should be set to the official OpenBao image. OpenBao 1.3.1+ is required. | +| injector.agentImage | object | `{"pullPolicy":"IfNotPresent","registry":"quay.io","repository":"openbao/openbao","tag":"2.1.0"}` | agentImage sets the repo and tag of the OpenBao image to use for the OpenBao Agent containers. This should be set to the official OpenBao image. OpenBao 1.3.1+ is required. | | injector.agentImage.pullPolicy | string | `"IfNotPresent"` | image pull policy to use for agent image. if tag is "latest", set to "Always" | | injector.agentImage.registry | string | `"quay.io"` | image registry to use for agent image | | injector.agentImage.repository | string | `"openbao/openbao"` | image repo to use for agent image | -| injector.agentImage.tag | string | `"2.0.2"` | image tag to use for agent image | +| injector.agentImage.tag | string | `"2.1.0"` | image tag to use for agent image | | injector.annotations | object | `{}` | | | injector.authPath | string | `"auth/kubernetes"` | | | injector.certs.caBundle | string | `""` | | @@ -194,7 +194,7 @@ Kubernetes: `>= 1.27.0-0` | server.image.pullPolicy | string | `"IfNotPresent"` | image pull policy to use for server image. if tag is "latest", set to "Always" | | server.image.registry | string | `"quay.io"` | image registry to use for server image | | server.image.repository | string | `"openbao/openbao"` | image repo to use for server image | -| server.image.tag | string | `"2.0.2"` | image tag to use for server image | +| server.image.tag | string | `"2.1.0"` | image tag to use for server image | | server.ingress.activeService | bool | `true` | | | server.ingress.annotations | object | `{}` | | | server.ingress.enabled | bool | `false` | | diff --git a/charts/openbao/values.openshift.yaml b/charts/openbao/values.openshift.yaml index 04bed039..0795258b 100644 --- a/charts/openbao/values.openshift.yaml +++ b/charts/openbao/values.openshift.yaml @@ -14,13 +14,13 @@ injector: agentImage: registry: "quay.io" repository: "openbao/openbao" - tag: "v2.0.2-ubi" + tag: "v2.1.0-ubi" server: image: registry: "quay.io" repository: "openbao/openbao" - tag: "v2.0.2-ubi" + tag: "v2.1.0-ubi" readinessProbe: path: "/v1/sys/health?uninitcode=204" diff --git a/charts/openbao/values.yaml b/charts/openbao/values.yaml index 50c6859d..d9c59a68 100644 --- a/charts/openbao/values.yaml +++ b/charts/openbao/values.yaml @@ -84,7 +84,7 @@ injector: # -- image repo to use for agent image repository: "openbao/openbao" # -- image tag to use for agent image - tag: "2.0.2" + tag: "2.1.0" # -- image pull policy to use for agent image. if tag is "latest", set to "Always" pullPolicy: IfNotPresent @@ -380,7 +380,7 @@ server: # -- image repo to use for server image repository: "openbao/openbao" # -- image tag to use for server image - tag: "2.0.2" + tag: "2.1.0" # -- image pull policy to use for server image. if tag is "latest", set to "Always" pullPolicy: IfNotPresent @@ -1190,7 +1190,7 @@ csi: # -- image repo to use for agent image repository: "openbao/openbao" # -- image tag to use for agent image - tag: "2.0.2" + tag: "2.1.0" # -- image pull policy to use for agent image. if tag is "latest", set to "Always" pullPolicy: IfNotPresent From 925e36bf4973b06190366d71a6221b9e217fb51d Mon Sep 17 00:00:00 2001 From: Jan Martens Date: Sun, 1 Dec 2024 23:42:38 +0100 Subject: [PATCH 2/2] update tested kubernetes versions To include all versions which are currently not EOL: - 1.29 - 1.30 - 1.31 Signed-off-by: Jan Martens --- .github/workflows/acceptance.yaml | 2 +- README.md | 2 +- charts/openbao/README.md | 2 +- test/unit/injector-disruptionbudget.bats | 11 ------ test/unit/server-ha-disruptionbudget.bats | 12 ------- test/unit/server-ingress.bats | 41 ----------------------- test/unit/server-statefulset.bats | 35 ------------------- 7 files changed, 3 insertions(+), 102 deletions(-) diff --git a/.github/workflows/acceptance.yaml b/.github/workflows/acceptance.yaml index 9dec300c..746eb05a 100644 --- a/.github/workflows/acceptance.yaml +++ b/.github/workflows/acceptance.yaml @@ -5,7 +5,7 @@ jobs: strategy: fail-fast: false matrix: - kind-k8s-version: [1.27.11, 1.28.7, 1.29.2] + kind-k8s-version: [1.29.10, 1.30.6, 1.31.2] runs-on: ubuntu-latest steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/README.md b/README.md index 69c3aa84..fc42c0f6 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ this README. Please refer to the Kubernetes and Helm documentation. The versions required are: * **Helm 3.12+** - Earliest verison tested - * **Kubernetes 1.28+** - This is the earliest version of Kubernetes tested. + * **Kubernetes 1.29+** - This is the earliest version of Kubernetes tested. It is possible that this chart works with earlier versions but it is untested. diff --git a/charts/openbao/README.md b/charts/openbao/README.md index 84b8e02f..23184207 100644 --- a/charts/openbao/README.md +++ b/charts/openbao/README.md @@ -18,7 +18,7 @@ Official OpenBao Chart ## Requirements -Kubernetes: `>= 1.27.0-0` +Kubernetes: `>= 1.29.0-0` ## Values diff --git a/test/unit/injector-disruptionbudget.bats b/test/unit/injector-disruptionbudget.bats index a7af8711..8d248868 100755 --- a/test/unit/injector-disruptionbudget.bats +++ b/test/unit/injector-disruptionbudget.bats @@ -49,14 +49,3 @@ load _helpers yq '.spec.maxUnavailable == 3' | tee /dev/stderr) [ "${actual}" = "true" ] } - -@test "injector/DisruptionBudget: apiVersion is set correctly >= version 1.21 of kube" { - cd `chart_dir` - local actual=$(helm template \ - --show-only templates/injector-disruptionbudget.yaml \ - --set 'injector.podDisruptionBudget.minAvailable=2' \ - --kube-version 1.27.5 \ - . | tee /dev/stderr | - yq '.apiVersion == "policy/v1"' | tee /dev/stderr) - [ "${actual}" = "true" ] -} diff --git a/test/unit/server-ha-disruptionbudget.bats b/test/unit/server-ha-disruptionbudget.bats index 07321499..583fd21b 100755 --- a/test/unit/server-ha-disruptionbudget.bats +++ b/test/unit/server-ha-disruptionbudget.bats @@ -116,15 +116,3 @@ load _helpers yq '.spec.maxUnavailable' | tee /dev/stderr) [ "${actual}" = "2" ] } - -@test "server/DisruptionBudget: apiVersion is set correctly >= version 1.21 of kube" { - cd `chart_dir` - local actual=$(helm template \ - --show-only templates/server-disruptionbudget.yaml \ - --set 'server.ha.enabled=true' \ - --set 'server.ha.replicas=1' \ - --kube-version 1.27.5 \ - . | tee /dev/stderr | - yq '.apiVersion == "policy/v1"' | tee /dev/stderr) - [ "${actual}" = "true" ] -} diff --git a/test/unit/server-ingress.bats b/test/unit/server-ingress.bats index 11b137c4..9dd2c8cd 100755 --- a/test/unit/server-ingress.bats +++ b/test/unit/server-ingress.bats @@ -216,21 +216,6 @@ load _helpers [ "${actual}" = "release-name-openbao" ] } -@test "server/ingress: k8s 1.27.0 uses correct service format when not ha - yaml" { - cd `chart_dir` - - local actual=$(helm template \ - --show-only templates/server-ingress.yaml \ - --set 'server.ingress.enabled=true' \ - --set 'server.dev.enabled=false' \ - --set 'server.ha.enabled=false' \ - --set 'server.service.enabled=true' \ - --kube-version 1.27.0 \ - . | tee /dev/stderr | - yq -r '.spec.rules[0].http.paths[0].backend.service.name' | tee /dev/stderr) - [ "${actual}" = "release-name-openbao" ] -} - @test "server/ingress: uses regular service when not ha and activeService is true - yaml" { cd `chart_dir` @@ -245,29 +230,3 @@ load _helpers yq -r '.spec.rules[0].http.paths[0].backend.service.name' | tee /dev/stderr) [ "${actual}" = "release-name-openbao" ] } - -@test "server/ingress: pathType is added to Kubernetes version == 1.27.0" { - cd `chart_dir` - - local actual=$(helm template \ - --show-only templates/server-ingress.yaml \ - --set 'server.ingress.enabled=true' \ - --set server.ingress.pathType=ImplementationSpecific \ - --kube-version 1.27.0 \ - . | tee /dev/stderr | - yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) - [ "${actual}" = "ImplementationSpecific" ] -} - -@test "server/ingress: pathType is added to Kubernetes versions > 1.19" { - cd `chart_dir` - - local actual=$(helm template \ - --show-only templates/server-ingress.yaml \ - --set 'server.ingress.enabled=true' \ - --set server.ingress.pathType=Prefix \ - --kube-version 1.27.0 \ - . | tee /dev/stderr | - yq -r '.spec.rules[0].http.paths[0].pathType' | tee /dev/stderr) - [ "${actual}" = "Prefix" ] -} diff --git a/test/unit/server-statefulset.bats b/test/unit/server-statefulset.bats index aafd92d5..9a4bf3ef 100755 --- a/test/unit/server-statefulset.bats +++ b/test/unit/server-statefulset.bats @@ -221,41 +221,6 @@ load _helpers [ "${actual}" = "OnDelete" ] } -#-------------------------------------------------------------------- -# persistentVolumeClaimRetentionPolicy - -@test "server/standalone-StatefulSet: persistentVolumeClaimRetentionPolicy not set by default when kubernetes >= 1.23" { - cd `chart_dir` - local actual=$(helm template \ - -s templates/server-statefulset.yaml \ - --kube-version "1.27" \ - . | tee /dev/stderr | - yq -r '.spec.persistentVolumeClaimRetentionPolicy' | tee /dev/stderr) - [ "${actual}" = "null" ] -} - -@test "server/standalone-StatefulSet: can set persistentVolumeClaimRetentionPolicy.whenDeleted when kubernetes >= 1.23" { - cd `chart_dir` - local actual=$(helm template \ - -s templates/server-statefulset.yaml \ - --kube-version "1.27" \ - --set 'server.persistentVolumeClaimRetentionPolicy.whenDeleted=Delete' \ - . | tee /dev/stderr | - yq -r '.spec.persistentVolumeClaimRetentionPolicy.whenDeleted' | tee /dev/stderr) - [ "${actual}" = "Delete" ] -} - -@test "server/standalone-StatefulSet: can set persistentVolumeClaimRetentionPolicy.whenScaled when kubernetes >= 1.23" { - cd `chart_dir` - local actual=$(helm template \ - -s templates/server-statefulset.yaml \ - --kube-version "1.27" \ - --set 'server.persistentVolumeClaimRetentionPolicy.whenScaled=Delete' \ - . | tee /dev/stderr | - yq -r '.spec.persistentVolumeClaimRetentionPolicy.whenScaled' | tee /dev/stderr) - [ "${actual}" = "Delete" ] -} - #-------------------------------------------------------------------- # replicas