diff --git a/apis/installer/v1alpha1/reloader_types.go b/apis/installer/v1alpha1/reloader_types.go
index 8cf5e4474..201ea49a8 100644
--- a/apis/installer/v1alpha1/reloader_types.go
+++ b/apis/installer/v1alpha1/reloader_types.go
@@ -18,6 +18,7 @@ package v1alpha1
import (
core "k8s.io/api/core/v1"
+ networking "k8s.io/api/networking/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
@@ -62,6 +63,7 @@ type ReloaderKubernetes struct {
}
type ReloaderDetails struct {
+ AutoReloadAll bool `json:"autoReloadAll"`
IsArgoRollouts bool `json:"isArgoRollouts"`
IsOpenshift bool `json:"isOpenshift"`
IgnoreSecrets bool `json:"ignoreSecrets"`
@@ -86,6 +88,8 @@ type ReloaderDetails struct {
ServiceMonitor ReloaderServiceMonitorSpec `json:"serviceMonitor"`
PodMonitor ReloaderPodMonitorSpec `json:"podMonitor"`
PodDisruptionBudget ReloaderPodDisruptionBudget `json:"podDisruptionBudget"`
+ Netpol ReloaderNetpol `json:"netpol"`
+ WebhookUrl string `json:"webhookUrl"`
}
type ReloaderLegacy struct {
@@ -194,6 +198,14 @@ type ReloaderPodDisruptionBudget struct {
Enabled bool `json:"enabled"`
}
+type ReloaderNetpol struct {
+ Enabled bool `json:"enabled"`
+ // +optional
+ From []networking.NetworkPolicyPeer `json:"from"`
+ // +optional
+ To []networking.NetworkPolicyPeer `json:"to"`
+}
+
// EnvVar represents an environment variable present in a Container.
type EnvVar struct {
// Name of the environment variable. Must be a C_IDENTIFIER.
diff --git a/apis/installer/v1alpha1/types_test.go b/apis/installer/v1alpha1/types_test.go
index a53282c15..c1c873a1d 100644
--- a/apis/installer/v1alpha1/types_test.go
+++ b/apis/installer/v1alpha1/types_test.go
@@ -53,7 +53,7 @@ func TestDefaultValues(t *testing.T) {
sc.TestCase{Obj: v1alpha1.SmtprelaySpec{}},
sc.TestCase{Obj: v1alpha1.StashPresetsSpec{}},
sc.TestCase{Obj: v1alpha1.NatsSpec{}, File: "https://github.com/nats-io/k8s/raw/nats-0.19.17/helm/charts/nats/values.yaml"},
- sc.TestCase{Obj: v1alpha1.ReloaderSpec{}, File: "https://github.com/stakater/Reloader/raw/v1.0.24/deployments/kubernetes/chart/reloader/values.yaml"},
+ sc.TestCase{Obj: v1alpha1.ReloaderSpec{}, File: "https://github.com/stakater/Reloader/raw/v1.0.50/deployments/kubernetes/chart/reloader/values.yaml"},
)
checker.TestAll(t)
}
diff --git a/apis/installer/v1alpha1/zz_generated.deepcopy.go b/apis/installer/v1alpha1/zz_generated.deepcopy.go
index d10ea7022..ff24b664a 100644
--- a/apis/installer/v1alpha1/zz_generated.deepcopy.go
+++ b/apis/installer/v1alpha1/zz_generated.deepcopy.go
@@ -6345,6 +6345,7 @@ func (in *ReloaderDetails) DeepCopyInto(out *ReloaderDetails) {
in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
in.PodMonitor.DeepCopyInto(&out.PodMonitor)
out.PodDisruptionBudget = in.PodDisruptionBudget
+ in.Netpol.DeepCopyInto(&out.Netpol)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloaderDetails.
@@ -6532,6 +6533,35 @@ func (in *ReloaderList) DeepCopyObject() runtime.Object {
return nil
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ReloaderNetpol) DeepCopyInto(out *ReloaderNetpol) {
+ *out = *in
+ if in.From != nil {
+ in, out := &in.From, &out.From
+ *out = make([]networkingv1.NetworkPolicyPeer, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.To != nil {
+ in, out := &in.To, &out.To
+ *out = make([]networkingv1.NetworkPolicyPeer, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloaderNetpol.
+func (in *ReloaderNetpol) DeepCopy() *ReloaderNetpol {
+ if in == nil {
+ return nil
+ }
+ out := new(ReloaderNetpol)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ReloaderPodDisruptionBudget) DeepCopyInto(out *ReloaderPodDisruptionBudget) {
*out = *in
diff --git a/charts/ace-installer/README.md b/charts/ace-installer/README.md
index 52fbecd77..b645b7016 100644
--- a/charts/ace-installer/README.md
+++ b/charts/ace-installer/README.md
@@ -88,7 +88,7 @@ The following table lists the configurable parameters of the `ace-installer` cha
| helm.releases.panopticon.version | | "v2023.10.1" |
| helm.releases.panopticon.values | | {"monitoring":{"agent":"prometheus.io/operator","enabled":true,"serviceMonitor":{"labels":{"release":"kube-prometheus-stack"}}}} |
| helm.releases.reloader.enabled | | true |
-| helm.releases.reloader.version | | "v1.0.24" |
+| helm.releases.reloader.version | | "v1.0.50" |
| helm.releases.stash.enabled | | true |
| helm.releases.stash.version | | "v2023.10.9" |
| helm.releases.stash.values | | {"features":{"enterprise":true}} |
diff --git a/charts/ace-installer/values.yaml b/charts/ace-installer/values.yaml
index 601688a9f..1bc386a7f 100644
--- a/charts/ace-installer/values.yaml
+++ b/charts/ace-installer/values.yaml
@@ -108,7 +108,7 @@ helm:
release: kube-prometheus-stack
reloader:
enabled: true
- version: "v1.0.24"
+ version: "v1.0.50"
stash:
enabled: true
version: "v2023.10.9"
diff --git a/charts/opscenter-features/README.md b/charts/opscenter-features/README.md
index 65bd28716..b698aae48 100644
--- a/charts/opscenter-features/README.md
+++ b/charts/opscenter-features/README.md
@@ -100,7 +100,7 @@ The following table lists the configurable parameters of the `opscenter-features
| helm.releases.stash-opscenter.version | | "v2023.10.9" |
| helm.releases.stash-presets.version | | "v2023.10.18" |
| helm.releases.supervisor.version | | "v2023.10.1" |
-| helm.releases.reloader.version | | "v1.0.24" |
+| helm.releases.reloader.version | | "v1.0.50" |
| helm.releases.voyager.version | | "v2023.9.18" |
| clusterManagers | | [] |
| capi.provider | | "" |
diff --git a/charts/opscenter-features/values.yaml b/charts/opscenter-features/values.yaml
index 8c70daa1d..3cf2f018b 100644
--- a/charts/opscenter-features/values.yaml
+++ b/charts/opscenter-features/values.yaml
@@ -128,7 +128,7 @@ helm:
supervisor:
version: "v2023.10.1"
reloader:
- version: "v1.0.24"
+ version: "v1.0.50"
voyager:
version: "v2023.9.18"
diff --git a/schema/reloader/values.openapiv3_schema.yaml b/schema/reloader/values.openapiv3_schema.yaml
index c1fa54efa..7511bea3c 100644
--- a/schema/reloader/values.openapiv3_schema.yaml
+++ b/schema/reloader/values.openapiv3_schema.yaml
@@ -21,6 +21,8 @@ properties:
type: string
reloader:
properties:
+ autoReloadAll:
+ type: boolean
custom_annotations:
additionalProperties:
type: string
@@ -1768,6 +1770,269 @@ properties:
type: object
namespaceSelector:
type: string
+ netpol:
+ properties:
+ enabled:
+ type: boolean
+ from:
+ items:
+ description: NetworkPolicyPeer describes a peer to allow traffic to/from.
+ Only certain combinations of fields are allowed
+ properties:
+ ipBlock:
+ description: IPBlock defines policy on a particular IPBlock. If
+ this field is set then neither of the other fields can be.
+ properties:
+ cidr:
+ description: CIDR is a string representing the IP Block Valid
+ examples are "192.168.1.1/24" or "2001:db9::/64"
+ type: string
+ except:
+ description: Except is a slice of CIDRs that should not be included
+ within an IP Block Valid examples are "192.168.1.1/24" or
+ "2001:db9::/64" Except values will be rejected if they are
+ outside the CIDR range
+ items:
+ type: string
+ type: array
+ required:
+ - cidr
+ type: object
+ namespaceSelector:
+ description: "Selects Namespaces using cluster-scoped labels. This\
+ \ field follows standard label selector semantics; if present\
+ \ but empty, it selects all namespaces. \n If PodSelector is also\
+ \ set, then the NetworkPolicyPeer as a whole selects the Pods\
+ \ matching PodSelector in the Namespaces selected by NamespaceSelector.\
+ \ Otherwise it selects all Pods in the Namespaces selected by\
+ \ NamespaceSelector."
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ podSelector:
+ description: "This is a label selector which selects Pods. This\
+ \ field follows standard label selector semantics; if present\
+ \ but empty, it selects all pods. \n If NamespaceSelector is also\
+ \ set, then the NetworkPolicyPeer as a whole selects the Pods\
+ \ matching PodSelector in the Namespaces selected by NamespaceSelector.\
+ \ Otherwise it selects the Pods matching PodSelector in the policy's\
+ \ own Namespace."
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ to:
+ items:
+ description: NetworkPolicyPeer describes a peer to allow traffic to/from.
+ Only certain combinations of fields are allowed
+ properties:
+ ipBlock:
+ description: IPBlock defines policy on a particular IPBlock. If
+ this field is set then neither of the other fields can be.
+ properties:
+ cidr:
+ description: CIDR is a string representing the IP Block Valid
+ examples are "192.168.1.1/24" or "2001:db9::/64"
+ type: string
+ except:
+ description: Except is a slice of CIDRs that should not be included
+ within an IP Block Valid examples are "192.168.1.1/24" or
+ "2001:db9::/64" Except values will be rejected if they are
+ outside the CIDR range
+ items:
+ type: string
+ type: array
+ required:
+ - cidr
+ type: object
+ namespaceSelector:
+ description: "Selects Namespaces using cluster-scoped labels. This\
+ \ field follows standard label selector semantics; if present\
+ \ but empty, it selects all namespaces. \n If PodSelector is also\
+ \ set, then the NetworkPolicyPeer as a whole selects the Pods\
+ \ matching PodSelector in the Namespaces selected by NamespaceSelector.\
+ \ Otherwise it selects all Pods in the Namespaces selected by\
+ \ NamespaceSelector."
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ podSelector:
+ description: "This is a label selector which selects Pods. This\
+ \ field follows standard label selector semantics; if present\
+ \ but empty, it selects all pods. \n If NamespaceSelector is also\
+ \ set, then the NetworkPolicyPeer as a whole selects the Pods\
+ \ matching PodSelector in the Namespaces selected by NamespaceSelector.\
+ \ Otherwise it selects the Pods matching PodSelector in the policy's\
+ \ own Namespace."
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ required:
+ - enabled
+ type: object
podDisruptionBudget:
properties:
enabled:
@@ -1906,7 +2171,10 @@ properties:
type: boolean
watchGlobally:
type: boolean
+ webhookUrl:
+ type: string
required:
+ - autoReloadAll
- custom_annotations
- deployment
- enableHA
@@ -1919,6 +2187,7 @@ properties:
- logFormat
- matchLabels
- namespaceSelector
+ - netpol
- podDisruptionBudget
- podMonitor
- rbac
@@ -1931,6 +2200,7 @@ properties:
- serviceMonitor
- syncAfterRestart
- watchGlobally
+ - webhookUrl
type: object
required:
- global