diff --git a/charts/spire/Chart.yaml b/charts/spire/Chart.yaml index 188efc3f4..d016b132b 100644 --- a/charts/spire/Chart.yaml +++ b/charts/spire/Chart.yaml @@ -3,7 +3,7 @@ name: spire description: > A Helm chart for deploying the complete Spire stack including: spire-server, spire-agent, spiffe-csi-driver, spiffe-oidc-discovery-provider and spire-controller-manager. type: application -version: 0.15.0 +version: 0.15.1 appVersion: "1.8.4" keywords: ["spiffe", "spire", "spire-server", "spire-agent", "oidc", "spire-controller-manager"] home: https://github.com/spiffe/helm-charts/tree/main/charts/spire diff --git a/charts/spire/README.md b/charts/spire/README.md index 9d62bfcff..659c2f9d3 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -1,6 +1,6 @@ # spire -![Version: 0.15.0](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.7.2](https://img.shields.io/badge/AppVersion-1.7.2-informational?style=flat-square) +![Version: 0.15.1](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.7.2](https://img.shields.io/badge/AppVersion-1.7.2-informational?style=flat-square) [![Development Phase](https://github.com/spiffe/spiffe/blob/main/.img/maturity/dev.svg)](https://github.com/spiffe/spiffe/blob/main/MATURITY.md#development) A Helm chart for deploying the complete Spire stack including: spire-server, spire-agent, spiffe-csi-driver, spiffe-oidc-discovery-provider and spire-controller-manager. @@ -42,7 +42,7 @@ If you have not loaded any SPIRE custom resources yourself, the upgrade process ### 0.14.X -If coming from a chart version before 0.15.0, you must relabel your crds to switch to using the new spire-crds chart. To migrate to the spire-crds chart +If coming from a chart version before 0.14.0, you must relabel your crds to switch to using the new spire-crds chart. To migrate to the spire-crds chart run the following: Replace the spire-server namespace in the commands below with the namespace you want to install the spire-crds chart in. diff --git a/examples/openshift/openshift-values.yaml b/examples/openshift/openshift-values.yaml index 5d9ae79b2..013a63667 100644 --- a/examples/openshift/openshift-values.yaml +++ b/examples/openshift/openshift-values.yaml @@ -10,7 +10,6 @@ spire-server: registry: ghcr.io repository: spiffe/tornjak-backend tag: ubi-v1.4.1 - nodeAttestor: k8sPsat: serviceAccountAllowList: ["spire-system:spire-agent"] diff --git a/examples/tornjak/README.md b/examples/tornjak/README.md index cbe74180a..f0a5b518f 100644 --- a/examples/tornjak/README.md +++ b/examples/tornjak/README.md @@ -22,7 +22,7 @@ helm upgrade --install --namespace spire-server \ helm test spire -n spire-server ``` -## Access tornjak +## Access Tornjak To access Tornjak you will have to use port-forwarding for the time being *(until we add authentication and ingress)*. @@ -41,3 +41,36 @@ kubectl -n spire-server port-forward service/spire-tornjak-frontend 3000:3000 You can now access Tornjak at [localhost:3000](http://localhost:3000). See [values.yaml](./values.yaml) for more details on the chart configurations to achieve this setup. + +## Tornjak and Ingress with ingress-nginx + +Update examples/production/example-your-values.yaml with your information, most importantly, trustDomain. + +```shell +helm upgrade --install --namespace spire-server spire charts/spire \ +--values examples/production/values.yaml \ +--values examples/tornjak/values.yaml \ +--values examples/tornjak/values-ingress.yaml \ +--set global.spire.ingressControllerType=ingress-nginx \ +--values examples/production/example-your-values.yaml \ +--render-subchart-notes --debug +``` + +## Tornjak and Ingress on Openshift + +When deploying on Openshift, follow the deployment setup as described in +[Openshift README](../openshift/README.md) + +Then just add Openshift specific configuration to the above command: + +```shell +--values examples/openshift/openshift-values.yaml +``` + +When running on Openshift in some environments like IBM Cloud, +you might need to add the following configurations: + +```shell +--set spiffe-csi-driver.kubeletPath=/var/data/kubelet \ +--set spiffe-csi-driver.restrictedScc.enabled=true \ +``` diff --git a/examples/tornjak/values-ingress.yaml b/examples/tornjak/values-ingress.yaml new file mode 100644 index 000000000..f890467bf --- /dev/null +++ b/examples/tornjak/values-ingress.yaml @@ -0,0 +1,8 @@ +spire-server: + tornjak: + ingress: + enabled: true + +tornjak-frontend: + ingress: + enabled: true diff --git a/release-chart.sh b/release-chart.sh index ee856cdba..136956746 100755 --- a/release-chart.sh +++ b/release-chart.sh @@ -6,7 +6,7 @@ ## ## Usage example(s): ## -## ./__PROG__ --chart spire --current-version 0.3.0 --new-version 0.4.0 +## ./__PROG__ --chart spire --current-version 0.15.1 --new-version 0.16.0 ## ## Options: ## --help Show this help message @@ -105,7 +105,7 @@ branch_name="bump-${chart}-version" git checkout main git pull git checkout --track -B "${branch_name}" main -commits_since_previous_release="$(git log "${chart}-${current_version}..HEAD" --pretty=format:'* %h %s')" +commits_since_previous_release="$(git log "${chart}-${current_version}..HEAD" --pretty=format:'* %h %s' "charts/${chart}")" "${SED}" -i "s/version: ${current_version}/version: ${new_version}/" "charts/${chart}/Chart.yaml" "${SED}" -i "s/${current_version}/${new_version}/" "charts/${chart}/README.md" git add "charts/${chart}/"{Chart.yaml,README.md} @@ -129,7 +129,7 @@ Please review the below changelog to ensure this matches up with the semantic ve > git push > \`\`\` -**Changes in this release** +## Changes in this release ${commits_since_previous_release} EOF