From 835a5d930693d5a0d27e72617f73c36473a0e08f Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Wed, 5 Apr 2023 14:50:05 -0700 Subject: [PATCH] release: update manifest and helm charts for v1.4.1 (#1112) Signed-off-by: Anish Ramasekar --- Makefile | 2 +- .../csi-secrets-store-provider-azure/Chart.yaml | 4 ++-- .../csi-secrets-store-provider-azure/README.md | 5 +++-- .../arc-values.yaml | 8 ++++---- .../provider-azure-installer-windows.yaml | 17 ++++++++++++++++- .../values.yaml | 4 ++-- .../provider-azure-installer-windows.yaml | 2 +- deployment/provider-azure-installer.yaml | 2 +- .../csi-secrets-store-provider-azure/Chart.yaml | 4 ++-- .../csi-secrets-store-provider-azure/README.md | 5 +++-- .../arc-values.yaml | 4 ++-- .../values.yaml | 4 ++-- .../provider-azure-installer-windows.yaml | 2 +- .../deployment/provider-azure-installer.yaml | 2 +- test/e2e/framework/config.go | 2 +- website/content/en/_index.md | 2 +- 16 files changed, 43 insertions(+), 26 deletions(-) diff --git a/Makefile b/Makefile index 23eed5e02..410c09629 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ REPO_PATH="$(ORG_PATH)/$(PROJECT_NAME)" REGISTRY_NAME ?= upstream REPO_PREFIX ?= k8s/csi/secrets-store REGISTRY ?= $(REGISTRY_NAME).azurecr.io/$(REPO_PREFIX) -IMAGE_VERSION ?= v1.4.0 +IMAGE_VERSION ?= v1.4.1 IMAGE_NAME ?= provider-azure CONFORMANCE_IMAGE_NAME ?= provider-azure-arc-conformance IMAGE_TAG := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) diff --git a/charts/csi-secrets-store-provider-azure/Chart.yaml b/charts/csi-secrets-store-provider-azure/Chart.yaml index ab6369906..b4a82fc67 100644 --- a/charts/csi-secrets-store-provider-azure/Chart.yaml +++ b/charts/csi-secrets-store-provider-azure/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: csi-secrets-store-provider-azure -version: 1.4.1 -appVersion: 1.4.0 +version: 1.4.2 +appVersion: 1.4.1 kubeVersion: ">=1.16.0-0" description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster. sources: diff --git a/charts/csi-secrets-store-provider-azure/README.md b/charts/csi-secrets-store-provider-azure/README.md index e3933bc9e..4689f0b15 100644 --- a/charts/csi-secrets-store-provider-azure/README.md +++ b/charts/csi-secrets-store-provider-azure/README.md @@ -20,6 +20,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c | `1.3.0` | `1.2.3` | `1.3.0` | | `1.4.0` | `1.3.0` | `1.4.0` | | `1.4.1` | `1.3.2` | `1.4.0` | +| `1.4.2` | `1.3.2` | `1.4.1` | ## Installation @@ -67,7 +68,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `linux.enabled` | Install azure keyvault provider on linux nodes | true | | `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` | | `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` | -| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.0` | +| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` | | `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` | | `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` | | `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` | @@ -88,7 +89,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `windows.enabled` | Install azure keyvault provider on windows nodes | false | | `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` | | `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` | -| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.0` | +| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` | | `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` | | `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` | | `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` | diff --git a/charts/csi-secrets-store-provider-azure/arc-values.yaml b/charts/csi-secrets-store-provider-azure/arc-values.yaml index d3510cb40..0f8c85bb3 100644 --- a/charts/csi-secrets-store-provider-azure/arc-values.yaml +++ b/charts/csi-secrets-store-provider-azure/arc-values.yaml @@ -15,7 +15,7 @@ logVerbosity: 0 linux: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] @@ -58,11 +58,11 @@ linux: windows: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] - enabled: false + enabled: true resources: requests: cpu: 100m @@ -132,7 +132,7 @@ secrets-store-csi-driver: prometheus.io/port: "8080" windows: - enabled: false + enabled: true kubeletRootDir: C:\var\lib\kubelet metricsAddr: ":8080" image: diff --git a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml index 39ac6fdad..83a1aabc0 100644 --- a/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml +++ b/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml @@ -17,9 +17,17 @@ spec: {{- if .Values.windows.podLabels }} {{- toYaml .Values.windows.podLabels | nindent 8 }} {{- end }} -{{- if .Values.windows.podAnnotations }} +{{- if or .Values.windows.podAnnotations .Values.enableArcExtension }} annotations: +{{- if .Values.windows.podAnnotations}} {{- toYaml .Values.windows.podAnnotations | nindent 8 }} +{{- end }} +{{- if .Values.enableArcExtension }} +{{- if .Values.arc.enableMonitoring }} + prometheus.io/scrape: "true" + prometheus.io/port: "8898" +{{- end }} +{{- end }} {{- end }} spec: {{- if .Values.imagePullSecrets }} @@ -61,6 +69,13 @@ spec: periodSeconds: 30 resources: {{ toYaml .Values.windows.resources | indent 12 }} + {{- if .Values.enableArcExtension }} + {{- if .Values.Azure.proxySettings.isProxyEnabled }} + envFrom: + - secretRef: + name: arc-proxy-config + {{- end }} + {{- end }} volumeMounts: - name: provider-vol mountPath: "C:\\provider" diff --git a/charts/csi-secrets-store-provider-azure/values.yaml b/charts/csi-secrets-store-provider-azure/values.yaml index 55ecaba85..5b570b8b2 100644 --- a/charts/csi-secrets-store-provider-azure/values.yaml +++ b/charts/csi-secrets-store-provider-azure/values.yaml @@ -17,7 +17,7 @@ enableArcExtension: false linux: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ @@ -63,7 +63,7 @@ linux: windows: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ diff --git a/deployment/provider-azure-installer-windows.yaml b/deployment/provider-azure-installer-windows.yaml index 1e4c28cd1..0e3812be8 100644 --- a/deployment/provider-azure-installer-windows.yaml +++ b/deployment/provider-azure-installer-windows.yaml @@ -23,7 +23,7 @@ spec: serviceAccountName: csi-secrets-store-provider-azure containers: - name: provider-azure-installer - image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0 + image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1 imagePullPolicy: IfNotPresent args: - --endpoint=unix://C:\\provider\\azure.sock diff --git a/deployment/provider-azure-installer.yaml b/deployment/provider-azure-installer.yaml index fb059ba0c..5b0ddcceb 100644 --- a/deployment/provider-azure-installer.yaml +++ b/deployment/provider-azure-installer.yaml @@ -24,7 +24,7 @@ spec: hostNetwork: true containers: - name: provider-azure-installer - image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0 + image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1 imagePullPolicy: IfNotPresent args: - --endpoint=unix:///provider/azure.sock diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml index ab6369906..b4a82fc67 100644 --- a/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml +++ b/manifest_staging/charts/csi-secrets-store-provider-azure/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: csi-secrets-store-provider-azure -version: 1.4.1 -appVersion: 1.4.0 +version: 1.4.2 +appVersion: 1.4.1 kubeVersion: ">=1.16.0-0" description: A Helm chart to install the Secrets Store CSI Driver and the Azure Keyvault Provider inside a Kubernetes cluster. sources: diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md index e3933bc9e..4689f0b15 100644 --- a/manifest_staging/charts/csi-secrets-store-provider-azure/README.md +++ b/manifest_staging/charts/csi-secrets-store-provider-azure/README.md @@ -20,6 +20,7 @@ Azure Key Vault provider for Secrets Store CSI driver allows you to get secret c | `1.3.0` | `1.2.3` | `1.3.0` | | `1.4.0` | `1.3.0` | `1.4.0` | | `1.4.1` | `1.3.2` | `1.4.0` | +| `1.4.2` | `1.3.2` | `1.4.1` | ## Installation @@ -67,7 +68,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `linux.enabled` | Install azure keyvault provider on linux nodes | true | | `linux.image.repository` | Linux image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` | | `linux.image.pullPolicy` | Linux image pull policy | `IfNotPresent` | -| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.0` | +| `linux.image.tag` | Azure Keyvault Provider Linux image tag | `v1.4.1` | | `linux.nodeSelector` | Node Selector for the daemonset on linux nodes | `{}` | | `linux.tolerations` | Tolerations for the daemonset on linux nodes | `[{"operator": "Exists"}]` | | `linux.resources` | Resource limit for provider pods on linux nodes | `requests.cpu: 50m`
`requests.memory: 100Mi`
`limits.cpu: 50m`
`limits.memory: 100Mi` | @@ -88,7 +89,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p | `windows.enabled` | Install azure keyvault provider on windows nodes | false | | `windows.image.repository` | Windows image repository | `mcr.microsoft.com/oss/azure/secrets-store/provider-azure` | | `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` | -| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.0` | +| `windows.image.tag` | Azure Keyvault Provider Windows image tag | `v1.4.1` | | `windows.nodeSelector` | Node Selector for the daemonset on windows nodes | `{}` | | `windows.tolerations` | Tolerations for the daemonset on windows nodes | `{}` | | `windows.resources` | Resource limit for provider pods on windows nodes | `requests.cpu: 100m`
`requests.memory: 200Mi`
`limits.cpu: 100m`
`limits.memory: 200Mi` | diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml index b431767b7..0f8c85bb3 100644 --- a/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml +++ b/manifest_staging/charts/csi-secrets-store-provider-azure/arc-values.yaml @@ -15,7 +15,7 @@ logVerbosity: 0 linux: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] @@ -58,7 +58,7 @@ linux: windows: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] diff --git a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml index 55ecaba85..5b570b8b2 100644 --- a/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml +++ b/manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml @@ -17,7 +17,7 @@ enableArcExtension: false linux: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ @@ -63,7 +63,7 @@ linux: windows: image: repository: mcr.microsoft.com/oss/azure/secrets-store/provider-azure - tag: v1.4.0 + tag: v1.4.1 pullPolicy: IfNotPresent nodeSelector: {} # ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ diff --git a/manifest_staging/deployment/provider-azure-installer-windows.yaml b/manifest_staging/deployment/provider-azure-installer-windows.yaml index 1e4c28cd1..0e3812be8 100644 --- a/manifest_staging/deployment/provider-azure-installer-windows.yaml +++ b/manifest_staging/deployment/provider-azure-installer-windows.yaml @@ -23,7 +23,7 @@ spec: serviceAccountName: csi-secrets-store-provider-azure containers: - name: provider-azure-installer - image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0 + image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1 imagePullPolicy: IfNotPresent args: - --endpoint=unix://C:\\provider\\azure.sock diff --git a/manifest_staging/deployment/provider-azure-installer.yaml b/manifest_staging/deployment/provider-azure-installer.yaml index fb059ba0c..5b0ddcceb 100644 --- a/manifest_staging/deployment/provider-azure-installer.yaml +++ b/manifest_staging/deployment/provider-azure-installer.yaml @@ -24,7 +24,7 @@ spec: hostNetwork: true containers: - name: provider-azure-installer - image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.0 + image: mcr.microsoft.com/oss/azure/secrets-store/provider-azure:v1.4.1 imagePullPolicy: IfNotPresent args: - --endpoint=unix:///provider/azure.sock diff --git a/test/e2e/framework/config.go b/test/e2e/framework/config.go index 6ecefc6c7..45075f10c 100644 --- a/test/e2e/framework/config.go +++ b/test/e2e/framework/config.go @@ -18,7 +18,7 @@ type Config struct { KeyvaultName string `envconfig:"KEYVAULT_NAME"` Registry string `envconfig:"REGISTRY" default:"mcr.microsoft.com/oss/azure/secrets-store"` ImageName string `envconfig:"IMAGE_NAME" default:"provider-azure"` - ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.4.0"` + ImageVersion string `envconfig:"IMAGE_VERSION" default:"v1.4.1"` IsSoakTest bool `envconfig:"IS_SOAK_TEST" default:"false"` IsWindowsTest bool `envconfig:"TEST_WINDOWS" default:"false"` IsGPUTest bool `envconfig:"TEST_GPU" default:"false"` diff --git a/website/content/en/_index.md b/website/content/en/_index.md index b48a5da98..ca26ec82e 100644 --- a/website/content/en/_index.md +++ b/website/content/en/_index.md @@ -33,4 +33,4 @@ For Secrets Store CSI Driver project status and supported versions, check the do ## Managed Add-ons Azure Key Vault provider for Secrets Store CSI Driver is available as a managed add-on in: - Azure Kubernetes Service (AKS). For more information, see [Use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster](https://learn.microsoft.com/en-us/azure/aks/csi-secrets-store-driver). -- Azure Arc enabled Kubernetes. For more information, see [Use the Azure Key Vault Secrets Provider extension to fetch secrets into Azure Arc-enabled Kubernetes clusters](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider). \ No newline at end of file +- Azure Arc enabled Kubernetes. For more information, see [Use the Azure Key Vault Secrets Provider extension to fetch secrets into Azure Arc-enabled Kubernetes clusters](https://learn.microsoft.com/en-us/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider).