Added flag to create a network policy #159
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Add new documentations to helm-charts repo Signed-off-by: Peter Zhu <[email protected]> * Replace devops with helm charts keywords Signed-off-by: Peter Zhu <[email protected]> * Grammar improvements Signed-off-by: Peter Zhu <[email protected]> * Update README Signed-off-by: Peter Zhu <[email protected]>
* Add issue templates and fix readme typos Signed-off-by: Peter Zhu <[email protected]> * Replace component name with chart name Signed-off-by: Peter Zhu <[email protected]> * Replace OS/Version to the Helm/Kube versions Signed-off-by: Peter Zhu <[email protected]> * Replace OS/Version to the Helm/Kube versions Signed-off-by: Peter Zhu <[email protected]>
* Adding a new folder to host Helm related code Signed-off-by: Barani <[email protected]> * Helm Chart for OpenSearch (#4) * Create basic structure of OpenSearch helm chart Signed-off-by: Dhiraj Jain <[email protected]> * Add templates and change values Signed-off-by: Dhiraj Jain <[email protected]> * Change statefulset and configmap to resolve indentation issue Signed-off-by: Dhiraj Jain <[email protected]> * Fix issues in templates Signed-off-by: Dhiraj Jain <[email protected]> * Fix typos in statefulset.yaml * Add multinode deployment feature Signed-off-by: Dhiraj Jain <[email protected]> * Update version to reflect the OpenSearch version * Add explicit security configuration * Update values.yaml * Create placeholder README.md Signed-off-by: Dhiraj Jain <[email protected]> * Minimum masters should be 3 * Add YAML support for config. sysctl vm.mem fix. * Fixing PSP. Adding better sysctl logic. * Adding ref for systctl * PSP False by default * Disable HTTP SSL by default for Demo. * Fix Chart version to sync with OpenSearch Version Signed-off-by: Dhiraj Jain <[email protected]> * Change cluster name and enable SSL by default Signed-off-by: Dhiraj Jain <[email protected]> Co-authored-by: Aaron Layfield <[email protected]> * fix: give networkpolicy objects a unique name (#16) This fixes the problem of installing this chart multiple times in the same namespace and having the network policy name conflict. Signed-off-by: Scott Leggett <[email protected]> * fix: use the stable chart appVersion as image tag by default (#17) Using :latest by default is going to lead to clusters with version skew as pods schedule onto new nodes. So use a stable tag instead. Signed-off-by: Scott Leggett <[email protected]> * OpenSearch Dashboards Helm Chart (#10) * Scaffold OpenSearch Dashboards Helm Chart Signed-off-by: Dhiraj Jain <[email protected]> * Fix error for connection refused Signed-off-by: Dhiraj Jain <[email protected]> * Add RBAC functionality Signed-off-by: Dhiraj Jain <[email protected]> * Add security configurations in the chart Signed-off-by: Dhiraj Jain <[email protected]> * Address issues and comments Signed-off-by: Dhiraj Jain <[email protected]> * Fix templates Signed-off-by: Dhiraj Jain <[email protected]> * Disable SSL by default * Address comments for beautification * Address comments Signed-off-by: Dhiraj Jain <[email protected]> * chore: update demo config section (#24) This snippet doesn't make sense in a kubernetes statefulset. Signed-off-by: Scott Leggett <[email protected]> * added secretMounts to values.yaml w/ example config (#29) Signed-off-by: johannes.reppin <[email protected]> Co-authored-by: johannes.reppin <[email protected]> * Change persistence config to make it more coherent w/ other helm charts (#33) Signed-off-by: johannes.reppin <[email protected]> Co-authored-by: johannes.reppin <[email protected]> * add Volumes and change broken (!) yaml indentation (#31) Signed-off-by: johannes.reppin <[email protected]> Co-authored-by: johannes.reppin <[email protected]> * support for current ingress apiVersion (#47) * Helm Chart Fixes for Env variables and volumes (#35) * Helm Chart Fixes for Env variables and volumes The opensearch-dashboards chart failed to render correctly when utilizing the extraEnvs flag, caused by incorrect indentation. The opensearch chart failed to render when utlizing the secrets for the security config, this was due to them being in the env section. This pull request reqolves both issues, verified via running helm template with the minumal values files included here: ```yaml envFrom: - secretRef: name: kibana-secrets extraEnvs: - name: TENANT_ID valueFrom: secretKeyRef: name: kibana-secrets key: tenantID ``` ```yaml securityConfig: enabled: true configSecret: "security-config" internalUsersSecret: "internal-users-config" rolesMappingSecret: "roles-mapping-config" rolesSecret: "roles-config" ``` Signed-off-by: Harrison Goscenski <[email protected]> * Updating paths in sts to be dynamic Updating the paths specified in the sts for opensearch to utilize .Values.opensearchHome to allow for dynamic paths, with a default of `/usr/share/opensearch` which should be sufficient for most users. Signed-off-by: Harrison Goscenski <[email protected]> * Fixing config path in opensearch-dashboards (#38) * Fixing config path in opensearch-dashboards The manifests rendered by the Helm chart place the user provided config into the incorrect directory. This simply updates that location to the correct path and updates the values.yaml file to use the correct default config file so that the user provided setting override the defaults. Signed-off-by: Harrison Goscenski <[email protected]> * Updating cert paths to opensearch-dashboards Cert paths also need to utilize new filesystem location for opensearch-dashboards config. Signed-off-by: Harrison Goscenski <[email protected]> * Resolves issue with securityConfig path (#41) * Resolves issue with securityConfig path Issue #39 This updates the securityConfig path in values to use the correct value for opensearch. Signed-off-by: Harrison Goscenski <[email protected]> * Fixing bad auto formatting Removing unneeded indentation/newlines. Signed-off-by: Harrison Goscenski <[email protected]> * Fixing missed auto formatting errors Signed-off-by: Harrison Goscenski <[email protected]> * resolve issue about .Values.opensearchHome (#52) refer to this: opensearch-project/opensearch-devops@fe831db#commitcomment-55395428 Error Msg: nil pointer evaluating interface {}.opensearchHome * Fix helm chart can not be deployed without ssl (#56) * Fixing issue exposed by changes in #38 After switching the name of the config file, and removing the shadowing between the default (from the docker container opensearch-dashbaords.yaml) and the default from the helm chart (dashboards.yaml) there is an issue with the certs that are attempting to be used. In order for this to work with the defaults, disabled TLS verification will be needed, and then disabling TLS to remain in line with the defaults. I added a commented out section showing what could potentially be used as TLS config if the user chooses to enable it. Signed-off-by: Harrison Goscenski <[email protected]> * Using conventional yaml formatting for ssl config Moving comments around to follow relevant code and utilizing nested yaml format rather than dot format. Signed-off-by: Harrison Goscenski <[email protected]> * Changing Folder name to Charts * Change deafult configuration for dashboards Signed-off-by: TheAlgo <[email protected]> * Update securityconfig.yaml to remove extra spaces Signed-off-by: TheAlgo <[email protected]> Co-authored-by: Barani <[email protected]> Co-authored-by: Aaron Layfield <[email protected]> Co-authored-by: Scott Leggett <[email protected]> Co-authored-by: Johannes Reppin <[email protected]> Co-authored-by: johannes.reppin <[email protected]> Co-authored-by: paltryeffort <[email protected]> Co-authored-by: hgoscenski-imanage <[email protected]> Co-authored-by: Nagle Zhang <[email protected]>
Signed-off-by: Scott Leggett <[email protected]>
The opensearch-dashboards.standard did not properly escape chart version, and anyway we should be using the same set of standard labels as all the other templates. Signed-off-by: Scott Leggett <[email protected]>
It is not in $PATH. Signed-off-by: Scott Leggett <[email protected]>
Signed-off-by: Scott Leggett <[email protected]>
Signed-off-by: Avery Khoo <[email protected]>
This fixes the case where a parameter on one of the items is silently missing. Signed-off-by: Scott Leggett <[email protected]>
Signed-off-by: Scott Leggett <[email protected]>
ES_JAVA_OPTS has been renamed in Opensearch to OPENSEARCH_JAVA_OPTS. Signed-off-by: Scott Leggett <[email protected]>
…25) Signed-off-by: Scott Leggett <[email protected]>
* Add DandyDeveloper as the new maintainer of the repo Signed-off-by: Peter Zhu <[email protected]> * Add TheAlgo as part of the maintainer list Signed-off-by: Peter Zhu <[email protected]>
* feat: modify majorVersion fallback logic * Look in both .Values.imageTag and .Chart.AppVersion before falling back to a default value. * Use the built-in semver parsing function. * Don't ignore the version for non-opensearch images. Signed-off-by: Scott Leggett <[email protected]> * fix: use fallback major version 1 instead of 7 Opensearch is currently version 1.x. 7 seems to be a remnant of Elasticsearch. Signed-off-by: Scott Leggett <[email protected]>
* Add README for OpenSearch Signed-off-by: TheAlgo <[email protected]> * Address comments Signed-off-by: TheAlgo <[email protected]>
* - Added support for the Helm chart testing action. - Added support for the Helm chart releaser action. - Fixed minor lint issues in Helm chart values files. Signed-off-by: Michael Primeaux <[email protected]> * Added support for testing in addition to linting. Signed-off-by: Michael Primeaux <[email protected]> * - Relaxed event triggers on GitHub actions workflow for lint and test. - Now using `ubuntu-latest` for GitHub runner references. - Added `maintainers` to all charts. - Incremented patch version for each chart. Signed-off-by: Michael Primeaux <[email protected]> * - Added title for Installation Signed-off-by: Michael Primeaux <[email protected]> * - Added missing helm update step in installation. Signed-off-by: Michael Primeaux <[email protected]>
This is required to work around bugs in the version string returned by kubernetes distros such as EKS and GKE, where they have invalid Semantic Version strings. See helm/helm#3810. Signed-off-by: Scott Leggett <[email protected]>
Signed-off-by: TheAlgo <[email protected]>
* - Added change logs for the opensearch and opensearch-dashboards Helm charts. - Amended README files to reflect the intended installation and usage. - Incremented the version numbers to 1.0.2 for both Helm charts in adherence to linting rules and Semver 2. Signed-off-by: Michael Primeaux <[email protected]> * - Modified OpenSearch chart description Signed-off-by: Michael Primeaux <[email protected]> * - Reverted to previous chart installation instructions until we can verify the new method succeeds. Signed-off-by: Michael Primeaux <[email protected]>
* - Incremented Helm charts to ensure the releaser workflow triggers a difference. Signed-off-by: Michael Primeaux <[email protected]> * - Added the `workflow_dispatch` option for manually pushing action workflows. Signed-off-by: Michael Primeaux <[email protected]>
Signed-off-by: TheAlgo <[email protected]>
… in `statefulset.yaml`. (#80) * Changes - Fixes incorrect indentation for `extraVolumeMounts`, `extraEnvs`, and `envFrom`. Signed-off-by: Michael Primeaux <[email protected]> * Changes: - Increment version of the opensearch dashboards chart until PR #75 is merged. Signed-off-by: Michael Primeaux <[email protected]> * - Amended CHANGELOGs Signed-off-by: Michael Primeaux <[email protected]>
Signed-off-by: Kenan Erdogan <[email protected]>
* Adding support for plugins & Prometheus support. * Updated annotations * Add support for plugin installation * Bumping chart patch. * Bumping again post merge with origin * Linting fixes. * Adding to CI. Updating changelog. * Possibly fixing linting issues. * Updating plugin * Increment chart again * Bumping chart patch. * CHANGELOG Updates
* fix: use the correct master configuration for majorversion 1 Signed-off-by: Scott Leggett <[email protected]> * chore: bump opensearch chart version Signed-off-by: Scott Leggett <[email protected]>
* Amended installation instruction and relaxed linting and testing workflow triggers. Signed-off-by: Michael Primeaux <[email protected]> * Minor typographic error. Signed-off-by: Michael Primeaux <[email protected]> * - Reverted linting and testing trigger globbing. Signed-off-by: Michael Primeaux <[email protected]> * - Added path globbing. Signed-off-by: Michael Primeaux <[email protected]> * - Removed path globbing. Signed-off-by: Michael Primeaux <[email protected]> * Revert "- Amended CHANGELOGs" This reverts commit e0ab178. * - Bumped chart versions. - Amended CHANGELOGs. Signed-off-by: Michael Primeaux <[email protected]> * Incremented opensearcn chart version to 1.0.8 Signed-off-by: Michael Primeaux <[email protected]> * - Added specific references to the underlying charts folder from the root-level README. - Addressed clarifications from @TheAlgo. Signed-off-by: Michael Primeaux <[email protected]> * - Modified change log for the OpenSearch Helm chart. Signed-off-by: Michael Primeaux <[email protected]>
* feat: per-install name for securityconfig secret Give the securityconfig secret an autogenerated unique name to facilitate installing the chart multiple times in the same namespace. This helps with the common case of sharing the securityconfig between multiple instantiations of this chart to construct an Opensearch cluster. Signed-off-by: Scott Leggett <[email protected]> * feat: update logic to handle externally defined secrets See the comments describing how this is intended to work. Signed-off-by: Scott Leggett <[email protected]> * chore: bump opensearch chart version Signed-off-by: Scott Leggett <[email protected]> * chore: add securityConfig to README Signed-off-by: Scott Leggett <[email protected]>
) * feat: rework labels to match standard recommendations https://helm.sh/docs/chart_best_practices/labels/#standard-labels https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/ Signed-off-by: Scott Leggett <[email protected]> * chore: bump opensearch chart version Signed-off-by: Scott Leggett <[email protected]>
* Fix node.roles environment variable Signed-off-by: Tomas Odehnal <[email protected]> * forgotten version bump Signed-off-by: Tomas Odehnal <[email protected]>
* Fix url to values.yaml in README.md in opensearch chart Signed-off-by: Dmytro Gorbunov <[email protected]> * Make URL to values.yaml in README.md more consistent (with reference section) Signed-off-by: Dmytro Gorbunov <[email protected]> * Increment the Chart version and update the Changelog Signed-off-by: Dmytro Gorbunov <[email protected]> * Update version of opensearch chart after resolving merge conflict Signed-off-by: Dmytro Gorbunov <[email protected]> Co-authored-by: Dmytro Gorbunov <[email protected]>
* Added support for the `ingressClassName` field. The `kubernetes.io/ingress.class` annotation was deprecated in Kubernetes 1.18. Signed-off-by: Michael Primeaux <[email protected]> * - Fixed trailing spaces as per chart lint rules. Signed-off-by: Michael Primeaux <[email protected]>
* docs: fix typo Signed-off-by: Michael Kriese <[email protected]> * Bump version Signed-off-by: Peter Zhu <[email protected]> * Add changelog Signed-off-by: Peter Zhu <[email protected]> * Add changelog Signed-off-by: Peter Zhu <[email protected]> Co-authored-by: Peter Zhu <[email protected]>
Thank you for the help. I think that now it's following the requirements. I had one question relative to the Changelog compare between versions, can you check if that it's the correct way? My question is relative to the links to the unreleased version, i've checked the issue #152 and tried follow that. |
Signed-off-by: Rubem Mota <[email protected]>
Signed-off-by: Rubem Mota <[email protected]>
Signed-off-by: Rubem Mota <[email protected]>
Signed-off-by: Rubem Mota <[email protected]>
Updated Changelog of opensearch to bump version to 1.5.1 Updated README.MD to include the flag on documentation Signed-off-by: Rubem Mota <[email protected]>
Signed-off-by: Rubem Mota <[email protected]>
Yes it is , just that you need to resolve the conflicts. Also I see some extra lines added to the Changelog |
Signed-off-by: Rubem Mota <[email protected]>
|
@TheAlgo just fixed the merge conflicts. |
|
Hi @rubemlrm seems like you need to rebase to one commit then sign. |
Signed-off-by: Rubem Mota <[email protected]>
|
i will create a new PR, to sign off the needed commits. I'm having some issues regarding the sign off of previous commits and to avoid any problem, i've closed this one and will create a new one. |
This was referenced Dec 16, 2021
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This change was relative to a new flag that will validate the need to create a network policy. I had an use case where the user accounts can't create network policies.
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.