Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Helm release vault to v0.27.0 - autoclosed #39

Closed
wants to merge 1 commit into from

Conversation

vshn-renovate
Copy link
Contributor

@vshn-renovate vshn-renovate commented May 16, 2022

This PR contains the following updates:

Package Update Change
vault (source) minor 0.19.0 -> 0.27.0

Release Notes

hashicorp/vault-helm (vault)

v0.27.0

Compare Source

Changes:

  • Default vault version updated to 1.15.2

Features:

  • server: Support setting persistentVolumeClaimRetentionPolicy on the StatefulSet GH-965
  • server: Support setting labels on PVCs GH-969
  • server: Support setting ingress rules for networkPolicy GH-877

Improvements:

  • Support exec in the server liveness probe GH-971

v0.26.1

Compare Source

Bugs:

  • Fix templating of server.ha.replicas when set via override file. The 0.26.0 chart would ignore server.ha.replicas and always deploy 3 server replicas when server.ha.enabled=true unless overridden by command line when issuing the helm command: --set server.ha.replicas=<some_number>. Fixed in GH-961

v0.26.0

Compare Source

Changes:

  • Default vault version updated to 1.15.1
  • Default vault-k8s version updated to 1.3.1
  • Default vault-csi-provider version updated to 1.4.1
  • Tested with Kubernetes versions 1.24-1.28
  • server: OpenShift default readiness probe returns 204 when uninitialized GH-966

Features:

  • server: Add support for dual stack clusters GH-833
  • server: Support hostAliases for the StatefulSet pods GH-955
  • server: Add server.service.active.annotations and server.service.standby.annotations GH-896
  • server: Add long-lived service account token option GH-923

Bugs:

  • csi: Add namespace field to csi-role and csi-rolebindings. GH-909

Improvements:

  • global: Add global.namespace to override the helm installation namespace. GH-909
  • server: use vault.fullname in Helm test GH-912
  • server: Allow scaling HA replicas to zero GH-943

v0.25.0

Compare Source

Changes:

  • Latest Kubernetes version tested is now 1.27
  • server: Headless service ignores server.service.publishNotReadyAddresses setting and always sets it as true GH-902
  • vault updated to 1.14.0 GH-916
  • vault-csi-provider updated to 1.4.0 GH-916

Improvements:

  • CSI: Make nodeSelector and affinity configurable for CSI daemonset's pods GH-862
  • injector: Add ephemeralLimit and ephemeralRequest as options for configuring Agent's ephemeral storage resources GH-798
  • Minimum kubernetes version for chart reverted to 1.20.0 to allow installation on clusters older than the oldest tested version GH-916

Bugs:

  • server: Set the default for prometheusRules.rules to an empty list GH-886

v0.24.1

Compare Source

Bugs:

  • csi: Add RBAC required by v1.3.0 to create secret for HMAC key used to generate secret versions GH-872

v0.24.0

Compare Source

Changes:

  • Earliest Kubernetes version tested is now 1.22
  • vault updated to 1.13.1 GH-863
  • vault-k8s updated to 1.2.1 GH-868
  • vault-csi-provider updated to 1.3.0 GH-749

Features:

  • server: New extraPorts option for adding ports to the Vault server statefulset GH-841
  • server: Add configurable Port Number in readinessProbe and livenessProbe for the server-statefulset GH-831
  • injector: Make livenessProbe and readinessProbe configurable and add configurable startupProbe GH-852
  • csi: Add an Agent sidecar to Vault CSI Provider pods to provide lease caching and renewals GH-749

v0.23.0

Compare Source

Changes:

  • vault updated to 1.12.1 GH-814
  • vault-k8s updated to 1.1.0 GH-814
  • vault-csi-provider updated to 1.2.1 GH-814

Features:

  • server: Add extraLabels for Vault server serviceAccount GH-806
  • server: Add server.service.active.enabled and server.service.standby.enabled options to selectively disable additional services GH-811
  • server: Add server.serviceAccount.serviceDiscovery.enabled option to selectively disable a Vault service discovery role and role binding GH-811
  • server: Add server.service.instanceSelector.enabled option to allow selecting pods outside the helm chart deployment GH-813

Bugs:

  • server: Quote .server.ha.clusterAddr value GH-810

v0.22.1

Compare Source

Changes:

  • vault updated to 1.12.0 GH-803
  • vault-k8s updated to 1.0.1 GH-803

v0.22.0

Compare Source

Features:

  • Add PrometheusOperator support for collecting Vault server metrics. GH-772

Changes:

  • vault-k8s to 1.0.0 GH-784
  • Test against Kubernetes 1.25 GH-784
  • vault updated to 1.11.3 GH-785

v0.21.0

Compare Source

CHANGES:

  • vault-k8s updated to 0.17.0. GH-771
  • vault-csi-provider updated to 1.2.0 GH-771
  • vault updated to 1.11.2 GH-771
  • Start testing against Kubernetes 1.24. GH-744
  • Deprecated injector.externalVaultAddr. Added global.externalVaultAddr, which applies to both the Injector and the CSI Provider. GH-745
  • CSI Provider pods now set the VAULT_ADDR environment variable to either the internal Vault service or the configured external address. GH-745

Features:

  • server: Add server.statefulSet.securityContext to override pod and container securityContext. GH-767
  • csi: Add csi.daemonSet.securityContext to override pod and container securityContext. GH-767
  • injector: Add injector.securityContext to override pod and container securityContext. GH-750 and GH-767
  • Add server.service.activeNodePort and server.service.standbyNodePort to specify the nodePort for active and standby services. GH-610
  • Support for setting annotations on the injector's serviceAccount GH-753

v0.20.1

Compare Source

CHANGES:

  • vault-k8s updated to 0.16.1 GH-739

Improvements:

  • Mutating webhook will no longer target the agent injector pod GH-736

Bugs:

  • vault service account is now created even if the server is set to disabled, as per before 0.20.0 GH-737

v0.20.0

Compare Source

CHANGES:

  • global.enabled now works as documented, that is, setting global.enabled to false will disable everything, with individual components able to be turned on individually GH-703
  • Default value of - used for injector and server to indicate that they follow global.enabled. GH-703
  • Vault default image to 1.10.3
  • CSI provider default image to 1.1.0
  • Vault K8s default image to 0.16.0
  • Earliest Kubernetes version tested is now 1.16
  • Helm 3.6+ now required

Features:

  • Support topologySpreadConstraints in server and injector. GH-652

Improvements:

  • CSI: Set extraLabels for daemonset, pods, and service account GH-690
  • Add namespace to injector-leader-elector role, rolebinding and secret GH-683
  • Support policy/v1 PodDisruptionBudget in Kubernetes 1.21+ for server and injector GH-710
  • Make the Cluster Address (CLUSTER_ADDR) configurable GH-629
  • server: Make publishNotReadyAddresses configurable for services GH-694
  • server: Allow config to be defined as a YAML object in the values file GH-684
  • Maintain default MutatingWebhookConfiguration values from v1beta1 GH-692

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.20.0 Update Helm release vault to v0.20.1 May 26, 2022
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 2736255 to 5c2cf79 Compare May 26, 2022 17:10
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.20.1 Update Helm release vault to v0.21.0 Aug 10, 2022
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 5c2cf79 to 8434c91 Compare August 10, 2022 22:21
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.21.0 Update Helm release vault to v0.22.0 Sep 8, 2022
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 8434c91 to f94689f Compare September 8, 2022 20:41
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from f94689f to 4ff4f19 Compare October 10, 2023 16:38
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.22.0 Update Helm release vault to v0.25.0 Oct 10, 2023
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 4ff4f19 to 5c8a2d9 Compare October 27, 2023 20:57
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.25.0 Update Helm release vault to v0.26.0 Oct 27, 2023
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 5c8a2d9 to 73d3355 Compare October 30, 2023 20:16
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.26.0 Update Helm release vault to v0.26.1 Oct 30, 2023
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from 73d3355 to ba633ad Compare November 16, 2023 22:21
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.26.1 Update Helm release vault to v0.27.0 Nov 16, 2023
@vshn-renovate vshn-renovate force-pushed the commodore-renovate/vault branch from ba633ad to d1e6111 Compare November 24, 2023 13:19
@vshn-renovate vshn-renovate changed the title Update Helm release vault to v0.27.0 Update Helm release vault to v0.27.0 - autoclosed Nov 24, 2023
@vshn-renovate vshn-renovate deleted the commodore-renovate/vault branch November 24, 2023 13:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant