Skip to content

Commit

Permalink
release: update manifest and helm charts for v1.0.0-rc.0 (#807)
Browse files Browse the repository at this point in the history 
Signed-off-by: Anish Ramasekar <[email protected]>
  • Loading branch information
@aramase
aramase committed Mar 21, 2023
1 parent 251b2b9 commit b0a9152
Show file tree
Hide file tree
Showing 19 changed files with 26 additions and 32 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ REGISTRY ?= mcr.microsoft.com/oss/azure/workload-identity
PROXY_IMAGE_NAME := proxy
INIT_IMAGE_NAME := proxy-init
WEBHOOK_IMAGE_NAME := webhook
IMAGE_VERSION ?= v1.0.0-beta.0
IMAGE_VERSION ?= v1.0.0-rc.0

ORG_PATH := github.com/Azure
PROJECT_NAME := azure-workload-identity
Expand Down
4 changes: 2 additions & 2 deletions charts/workload-identity-webhook/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: workload-identity-webhook
description: A Helm chart to install the azure-workload-identity webhook
type: application
version: 1.0.0-beta.0
appVersion: v1.0.0-beta.0
version: 1.0.0-rc.0
appVersion: v1.0.0-rc.0
home: https://github.com/Azure/azure-workload-identity
sources:
- https://github.com/Azure/azure-workload-identity
3 changes: 2 additions & 1 deletion charts/workload-identity-webhook/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide
| replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` |
| image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` |
| image.pullPolicy | Image pullPolicy | `IfNotPresent` |
| image.release | The image release tag to use | Current release version: `v1.0.0-beta.0` |
| image.release | The image release tag to use | Current release version: `v1.0.0-rc.0` |
| imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` |
| nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` |
| resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi |
Expand All @@ -51,6 +51,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide
| priorityClassName | The priority class name for webhook manager | `system-cluster-critical` |
| mutatingWebhookAnnotations | The annotations to add to the MutatingWebhookConfiguration | `{}` |
| podLabels | The labels to add to the azure-workload-identity webhook pods | `{}` |
| podAnnotations | The annotations to add to the azure-workload-identity webhook pods | `{}` |
| mutatingWebhookNamespaceSelector | The namespace selector to further refine which namespaces will be selected by the webhook. | `{}` |

## Contributing Changes
Expand Down
2 changes: 2 additions & 0 deletions ...s/workload-identity-webhook/templates/azure-wi-webhook-controller-manager-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ spec:
release: '{{ .Release.Name }}'
template:
metadata:
annotations:
{{- toYaml .Values.podAnnotations | trim | nindent 8 }}
labels:
{{- include "workload-identity-webhook.podLabels" . }}
app: '{{ template "workload-identity-webhook.name" . }}'
Expand Down
6 changes: 0 additions & 6 deletions charts/workload-identity-webhook/templates/azure-wi-webhook-manager-role-clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,21 +14,15 @@ rules:
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
1 change: 1 addition & 0 deletions ...mplates/azure-wi-webhook-mutating-webhook-configuration-mutatingwebhookconfiguration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ webhooks:
objectSelector:
matchLabels:
azure.workload.identity/use: "true"
reinvocationPolicy: IfNeeded
rules:
- apiGroups:
- ""
Expand Down
3 changes: 2 additions & 1 deletion charts/workload-identity-webhook/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ image:
repository: mcr.microsoft.com/oss/azure/workload-identity/webhook
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
release: v1.0.0-beta.0
release: v1.0.0-rc.0
imagePullSecrets: []
nodeSelector:
kubernetes.io/os: linux
Expand All @@ -32,4 +32,5 @@ metricsBackend: prometheus
priorityClassName: system-cluster-critical
mutatingWebhookAnnotations: {}
podLabels: {}
podAnnotations: {}
mutatingWebhookNamespaceSelector: {}
2 changes: 1 addition & 1 deletion config/manager/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ kind: Kustomization
images:
- name: manager
newName: mcr.microsoft.com/oss/azure/workload-identity/webhook
newTag: v1.0.0-beta.0
newTag: v1.0.0-rc.0
configMapGenerator:
- literals:
- AZURE_TENANT_ID="${AZURE_TENANT_ID}"
Expand Down
9 changes: 2 additions & 7 deletions deploy/azure-wi-webhook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,22 +54,16 @@ rules:
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
---
Expand Down Expand Up @@ -168,7 +162,7 @@ spec:
envFrom:
- configMapRef:
name: azure-wi-webhook-config
image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.0.0-beta.0
image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.0.0-rc.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
Expand Down Expand Up @@ -260,6 +254,7 @@ webhooks:
objectSelector:
matchLabels:
azure.workload.identity/use: "true"
reinvocationPolicy: IfNeeded
rules:
- apiGroups:
- ""
Expand Down
2 changes: 1 addition & 1 deletion docs/book/src/installation/mutating-admission-webhook.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ The deployment YAML contains the environment variables we defined above and we r
Install the webhook using the deployment YAML via `kubectl apply -f` and `envsubst`:

```bash
curl -sL https://github.com/Azure/azure-workload-identity/releases/download/v1.0.0-beta.0/azure-wi-webhook.yaml | envsubst | kubectl apply -f -
curl -sL https://github.com/Azure/azure-workload-identity/releases/download/v1.0.0-rc.0/azure-wi-webhook.yaml | envsubst | kubectl apply -f -
```

<details>
Expand Down
4 changes: 2 additions & 2 deletions examples/migration/pod-with-proxy-init-and-proxy-sidecar.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ spec:
serviceAccountName: workload-identity-sa
initContainers:
- name: init-networking
image: mcr.microsoft.com/oss/azure/workload-identity/proxy-init:v1.0.0-beta.0
image: mcr.microsoft.com/oss/azure/workload-identity/proxy-init:v1.0.0-rc.0
securityContext:
capabilities:
add:
Expand All @@ -26,6 +26,6 @@ spec:
ports:
- containerPort: 80
- name: proxy
image: mcr.microsoft.com/oss/azure/workload-identity/proxy:v1.0.0-beta.0
image: mcr.microsoft.com/oss/azure/workload-identity/proxy:v1.0.0-rc.0
ports:
- containerPort: 8000
4 changes: 2 additions & 2 deletions manifest_staging/charts/workload-identity-webhook/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: workload-identity-webhook
description: A Helm chart to install the azure-workload-identity webhook
type: application
version: 1.0.0-beta.0
appVersion: v1.0.0-beta.0
version: 1.0.0-rc.0
appVersion: v1.0.0-rc.0
home: https://github.com/Azure/azure-workload-identity
sources:
- https://github.com/Azure/azure-workload-identity
2 changes: 1 addition & 1 deletion manifest_staging/charts/workload-identity-webhook/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide
| replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` |
| image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` |
| image.pullPolicy | Image pullPolicy | `IfNotPresent` |
| image.release | The image release tag to use | Current release version: `v1.0.0-beta.0` |
| image.release | The image release tag to use | Current release version: `v1.0.0-rc.0` |
| imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` |
| nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` |
| resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi |
Expand Down
2 changes: 1 addition & 1 deletion manifest_staging/charts/workload-identity-webhook/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ image:
repository: mcr.microsoft.com/oss/azure/workload-identity/webhook
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
release: v1.0.0-beta.0
release: v1.0.0-rc.0
imagePullSecrets: []
nodeSelector:
kubernetes.io/os: linux
Expand Down
2 changes: 1 addition & 1 deletion manifest_staging/deploy/azure-wi-webhook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ spec:
envFrom:
- configMapRef:
name: azure-wi-webhook-config
image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.0.0-beta.0
image: mcr.microsoft.com/oss/azure/workload-identity/webhook:v1.0.0-rc.0
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 6
Expand Down
2 changes: 1 addition & 1 deletion pkg/cmd/podidentity/detect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ var (

const (
imageRepository = "mcr.microsoft.com/oss/azure/workload-identity"
imageTag = "v1.0.0-beta.0"
imageTag = "v1.0.0-rc.0"

proxyInitImageName = "proxy-init"
proxyImageName = "proxy"
Expand Down
4 changes: 2 additions & 2 deletions third_party/open-policy-agent/gatekeeper/helmify/static/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: workload-identity-webhook
description: A Helm chart to install the azure-workload-identity webhook
type: application
version: 1.0.0-beta.0
appVersion: v1.0.0-beta.0
version: 1.0.0-rc.0
appVersion: v1.0.0-rc.0
home: https://github.com/Azure/azure-workload-identity
sources:
- https://github.com/Azure/azure-workload-identity
2 changes: 1 addition & 1 deletion third_party/open-policy-agent/gatekeeper/helmify/static/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ helm upgrade -n azure-workload-identity-system [RELEASE_NAME] azure-workload-ide
| replicaCount | The number of azure-workload-identity replicas to deploy for the webhook | `2` |
| image.repository | Image repository | `mcr.microsoft.com/oss/azure/workload-identity/webhook` |
| image.pullPolicy | Image pullPolicy | `IfNotPresent` |
| image.release | The image release tag to use | Current release version: `v1.0.0-beta.0` |
| image.release | The image release tag to use | Current release version: `v1.0.0-rc.0` |
| imagePullSecrets | Image pull secrets to use for retrieving images from private registries | `[]` |
| nodeSelector | The node selector to use for pod scheduling | `kubernetes.io/os: linux` |
| resources | The resource request/limits for the container image | limits: 100m CPU, 30Mi, requests: 100m CPU, 20Mi |
Expand Down
2 changes: 1 addition & 1 deletion third_party/open-policy-agent/gatekeeper/helmify/static/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ image:
repository: mcr.microsoft.com/oss/azure/workload-identity/webhook
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
release: v1.0.0-beta.0
release: v1.0.0-rc.0
imagePullSecrets: []
nodeSelector:
kubernetes.io/os: linux
Expand Down

0 comments on commit b0a9152

Please sign in to comment.