Merge branch 'main' into release

spiffe · Nov 10, 2023 · b469b62 · b469b62
2 parents c07ca25 + 250666a
commit b469b62
Show file tree

Hide file tree

Showing 6 changed files with 48 additions and 8 deletions.
diff --git a/charts/spire/Chart.yaml b/charts/spire/Chart.yaml
@@ -3,7 +3,7 @@ name: spire
 description: >
  A Helm chart for deploying the complete Spire stack including: spire-server, spire-agent, spiffe-csi-driver, spiffe-oidc-discovery-provider and spire-controller-manager.
 type: application
-version: 0.15.0
+version: 0.15.1
 appVersion: "1.8.4"
 keywords: ["spiffe", "spire", "spire-server", "spire-agent", "oidc", "spire-controller-manager"]
 home: https://github.com/spiffe/helm-charts/tree/main/charts/spire

diff --git a/charts/spire/README.md b/charts/spire/README.md
@@ -1,6 +1,6 @@
 # spire
 
-![Version: 0.15.0](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.7.2](https://img.shields.io/badge/AppVersion-1.7.2-informational?style=flat-square)
+![Version: 0.15.1](https://img.shields.io/badge/Version-0.13.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.7.2](https://img.shields.io/badge/AppVersion-1.7.2-informational?style=flat-square)
 [![Development Phase](https://github.com/spiffe/spiffe/blob/main/.img/maturity/dev.svg)](https://github.com/spiffe/spiffe/blob/main/MATURITY.md#development)
 
 A Helm chart for deploying the complete Spire stack including: spire-server, spire-agent, spiffe-csi-driver, spiffe-oidc-discovery-provider and spire-controller-manager.
@@ -42,7 +42,7 @@ If you have not loaded any SPIRE custom resources yourself, the upgrade process
 
 ### 0.14.X
 
-If coming from a chart version before 0.15.0, you must relabel your crds to switch to using the new spire-crds chart. To migrate to the spire-crds chart
+If coming from a chart version before 0.14.0, you must relabel your crds to switch to using the new spire-crds chart. To migrate to the spire-crds chart
 run the following:
 
 Replace the spire-server namespace in the commands below with the namespace you want to install the spire-crds chart in.

diff --git a/examples/openshift/openshift-values.yaml b/examples/openshift/openshift-values.yaml
@@ -10,7 +10,6 @@ spire-server:
  registry: ghcr.io
  repository: spiffe/tornjak-backend
  tag: ubi-v1.4.1
-
  nodeAttestor:
  k8sPsat:
  serviceAccountAllowList: ["spire-system:spire-agent"]

diff --git a/examples/tornjak/README.md b/examples/tornjak/README.md
@@ -22,7 +22,7 @@ helm upgrade --install --namespace spire-server \
 helm test spire -n spire-server
 ```
 
-## Access tornjak
+## Access Tornjak
 
 To access Tornjak you will have to use port-forwarding for the time being *(until we add authentication and ingress)*.
 
@@ -41,3 +41,36 @@ kubectl -n spire-server port-forward service/spire-tornjak-frontend 3000:3000
 You can now access Tornjak at [localhost:3000](http://localhost:3000).
 
 See [values.yaml](./values.yaml) for more details on the chart configurations to achieve this setup.
+
+## Tornjak and Ingress with ingress-nginx
+
+Update examples/production/example-your-values.yaml with your information, most importantly, trustDomain.
+
+```shell
+helm upgrade --install --namespace spire-server spire charts/spire \
+--values examples/production/values.yaml \
+--values examples/tornjak/values.yaml \
+--values examples/tornjak/values-ingress.yaml \
+--set global.spire.ingressControllerType=ingress-nginx \
+--values examples/production/example-your-values.yaml \
+--render-subchart-notes --debug
+```
+
+## Tornjak and Ingress on Openshift
+
+When deploying on Openshift, follow the deployment setup as described in
+[Openshift README](../openshift/README.md)
+
+Then just add Openshift specific configuration to the above command:
+
+```shell
+--values examples/openshift/openshift-values.yaml
+```
+
+When running on Openshift in some environments like IBM Cloud,
+you might need to add the following configurations:
+
+```shell
+--set spiffe-csi-driver.kubeletPath=/var/data/kubelet \
+--set spiffe-csi-driver.restrictedScc.enabled=true \
+```
diff --git a/examples/tornjak/values-ingress.yaml b/examples/tornjak/values-ingress.yaml
@@ -0,0 +1,8 @@
+spire-server:
+ tornjak:
+ ingress:
+ enabled: true
+
+tornjak-frontend:
+ ingress:
+ enabled: true
diff --git a/release-chart.sh b/release-chart.sh
@@ -6,7 +6,7 @@
 ##
 ## Usage example(s):
 ##
-## ./__PROG__ --chart spire --current-version 0.3.0 --new-version 0.4.0
+## ./__PROG__ --chart spire --current-version 0.15.1 --new-version 0.16.0
 ##
 ## Options:
 ## --help Show this help message
@@ -105,7 +105,7 @@ branch_name="bump-${chart}-version"
 git checkout main
 git pull
 git checkout --track -B "${branch_name}" main
-commits_since_previous_release="$(git log "${chart}-${current_version}..HEAD" --pretty=format:'* %h %s')"
+commits_since_previous_release="$(git log "${chart}-${current_version}..HEAD" --pretty=format:'* %h %s' "charts/${chart}")"
 "${SED}" -i "s/version: ${current_version}/version: ${new_version}/" "charts/${chart}/Chart.yaml"
 "${SED}" -i "s/${current_version}/${new_version}/" "charts/${chart}/README.md"
 git add "charts/${chart}/"{Chart.yaml,README.md}
@@ -129,7 +129,7 @@ Please review the below changelog to ensure this matches up with the semantic ve
 > git push
 > \`\`\`
 
-**Changes in this release**
+## Changes in this release
 
 ${commits_since_previous_release}
 EOF