diff --git a/README.md b/README.md index bb43272..6bd5ea2 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ For an easy start in non-production environments, you may deploy the same cert-m ### Deploy cert-manager ```bash # Install cert-manager -kubectl apply -k https://github.com/airlock/microgateway/examples/utilities/cert-manager/?ref=4.2.6 +kubectl apply -k https://github.com/airlock/microgateway/examples/utilities/cert-manager/?ref=4.2.7 # Wait for the cert-manager to be up and running kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kubernetes.io/instance=cert-manager @@ -72,17 +72,17 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub > **Note**: Certain environments such as OpenShift or GKE require non-default configurations when installing the CNI plugin. For the most common setups, values files are provided in the [chart folder](/deploy/charts/airlock-microgateway-cni). ```bash # Standard setup - helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' kubectl -n kube-system rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` ```bash # GKE setup - helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.6/deploy/charts/airlock-microgateway-cni/gke-values.yaml + helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.7/deploy/charts/airlock-microgateway-cni/gke-values.yaml kubectl -n kube-system rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` ```bash # OpenShift setup - helm install airlock-microgateway-cni -n openshift-operators oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.6/deploy/charts/airlock-microgateway-cni/openshift-values.yaml + helm install airlock-microgateway-cni -n openshift-operators oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.7/deploy/charts/airlock-microgateway-cni/openshift-values.yaml kubectl -n openshift-operators rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` **Important:** On OpenShift, all pods which should be protected by Airlock Microgateway must explicitly reference the Airlock Microgateway CNI NetworkAttachmentDefinition via the annotation `k8s.v1.cni.cncf.io/networks` (see [documentation](https://docs.airlock.com/microgateway/latest/#data/1658483168033.html) for details). @@ -90,15 +90,15 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub 2. (Recommended) You can verify the correctness of the installation with `helm test`. ```bash # Standard and GKE setup - helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' helm test airlock-microgateway-cni -n kube-system --logs - helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' ``` ```bash # OpenShift setup - helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' helm test airlock-microgateway-cni -n openshift-operators --logs - helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' ``` Consult our [documentation](https://docs.airlock.com/microgateway/latest/#data/1699611533587.html) in case of any installation error. @@ -116,14 +116,14 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub kubectl -n airlock-microgateway-system create secret generic airlock-microgateway-license --from-file=microgateway-license.txt # Install Operator (CRDs are included via the standard Helm 3 mechanism, i.e. Helm will handle initial installation but not upgrades) - helm install airlock-microgateway -n airlock-microgateway-system oci://quay.io/airlockcharts/microgateway --version '4.2.6' --wait + helm install airlock-microgateway -n airlock-microgateway-system oci://quay.io/airlockcharts/microgateway --version '4.2.7' --wait ``` 2. (Recommended) You can verify the correctness of the installation with `helm test`. ```bash - helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.6' + helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.7' helm test airlock-microgateway -n airlock-microgateway-system --logs - helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.6' + helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.7' ``` ### Upgrading CRDs @@ -131,7 +131,7 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub The `helm install/upgrade` command currently does not support upgrading CRDs that already exist in the cluster. CRDs should instead be manually upgraded before upgrading the Operator itself via the following command: ```bash -kubectl apply -k https://github.com/airlock/microgateway/deploy/charts/airlock-microgateway/crds/?ref=4.2.6 --server-side --force-conflicts +kubectl apply -k https://github.com/airlock/microgateway/deploy/charts/airlock-microgateway/crds/?ref=4.2.7 --server-side --force-conflicts ``` **Note**: Certain GitOps solutions such as e.g. Argo CD or Flux CD have their own mechanisms for automatically upgrading CRDs included with Helm charts. diff --git a/deploy/charts/airlock-microgateway-cni/Chart.yaml b/deploy/charts/airlock-microgateway-cni/Chart.yaml index aa98a9a..0f9688c 100644 --- a/deploy/charts/airlock-microgateway-cni/Chart.yaml +++ b/deploy/charts/airlock-microgateway-cni/Chart.yaml @@ -3,8 +3,8 @@ name: microgateway-cni description: A Helm chart for deploying the Airlock Microgateway CNI plugin type: application home: https://www.airlock.com/en/microgateway -version: "4.2.6" -appVersion: "4.2.6" +version: "4.2.7" +appVersion: "4.2.7" annotations: charts.openshift.io/name: Airlock Microgateway CNI artifacthub.io/category: security diff --git a/deploy/charts/airlock-microgateway-cni/README.md b/deploy/charts/airlock-microgateway-cni/README.md index 4845f8a..77183e5 100644 --- a/deploy/charts/airlock-microgateway-cni/README.md +++ b/deploy/charts/airlock-microgateway-cni/README.md @@ -1,6 +1,6 @@ # Airlock Microgateway CNI -![Version: 4.2.6](https://img.shields.io/badge/Version-4.2.6-informational?style=flat-square) ![AppVersion: 4.2.6](https://img.shields.io/badge/AppVersion-4.2.6-informational?style=flat-square) +![Version: 4.2.7](https://img.shields.io/badge/Version-4.2.7-informational?style=flat-square) ![AppVersion: 4.2.7](https://img.shields.io/badge/AppVersion-4.2.7-informational?style=flat-square) *Airlock Microgateway is a Kubernetes native WAAP (Web Application and API Protection) solution to protect microservices.* @@ -13,7 +13,7 @@ Modern application security is embedded in the development workflow and follows DevSecOps paradigms. Airlock Microgateway is the perfect fit for these requirements. It is a lightweight alternative to the Airlock Gateway appliance, optimized for Kubernetes environments. Airlock Microgateway protects your applications and microservices with the tried-and-tested Airlock security features against attacks, while also providing a high degree of scalability. -__This Helm chart is part of Airlock Microgateway. See our [GitHub repo](https://github.com/airlock/microgateway/tree/4.2.6).__ +__This Helm chart is part of Airlock Microgateway. See our [GitHub repo](https://github.com/airlock/microgateway/tree/4.2.7).__ ### Features * Kubernetes native integration with its Operator, Custom Resource Definitions, hot-reload, automatic sidecar injection. @@ -47,17 +47,17 @@ The instructions below provide a quick start guide. Detailed information are pro > **Note**: Certain environments such as OpenShift or GKE require non-default configurations when installing the CNI plugin. For the most common setups, values files are provided in the [chart folder](/deploy/charts/airlock-microgateway-cni). ```bash # Standard setup - helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' kubectl -n kube-system rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` ```bash # GKE setup - helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.6/deploy/charts/airlock-microgateway-cni/gke-values.yaml + helm install airlock-microgateway-cni -n kube-system oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.7/deploy/charts/airlock-microgateway-cni/gke-values.yaml kubectl -n kube-system rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` ```bash # OpenShift setup - helm install airlock-microgateway-cni -n openshift-operators oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.6/deploy/charts/airlock-microgateway-cni/openshift-values.yaml + helm install airlock-microgateway-cni -n openshift-operators oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' -f https://raw.githubusercontent.com/airlock/microgateway/4.2.7/deploy/charts/airlock-microgateway-cni/openshift-values.yaml kubectl -n openshift-operators rollout status daemonset -l app.kubernetes.io/instance=airlock-microgateway-cni ``` **Important:** On OpenShift, all pods which should be protected by Airlock Microgateway must explicitly reference the Airlock Microgateway CNI NetworkAttachmentDefinition via the annotation `k8s.v1.cni.cncf.io/networks` (see [documentation](https://docs.airlock.com/microgateway/latest/#data/1658483168033.html) for details). @@ -65,15 +65,15 @@ The instructions below provide a quick start guide. Detailed information are pro 2. (Recommended) You can verify the correctness of the installation with `helm test`. ```bash # Standard and GKE setup - helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' helm test airlock-microgateway-cni -n kube-system --logs - helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n kube-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' ``` ```bash # OpenShift setup - helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' helm test airlock-microgateway-cni -n openshift-operators --logs - helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.6' + helm upgrade airlock-microgateway-cni -n openshift-operators --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway-cni --version '4.2.7' ``` Consult our [documentation](https://docs.airlock.com/microgateway/latest/#data/1699611533587.html) in case of any installation error. @@ -98,10 +98,10 @@ For the community edition, check our **[Airlock community forum](https://forum.a | config.installMode | string | `"chained"` | Whether to install the CNI plugin as a `chained` plugin (default, required with most interface CNI providers), as a `standalone` plugin (required for use with Multus CNI, e.g. on OpenShift) or in `manual` mode, where no CNI network configuration is written. | | config.logLevel | string | `"info"` | Log level for the CNI installer and plugin. | | fullnameOverride | string | `""` | Allows overriding the name to use as full name of resources. | -| image.digest | string | `"sha256:d73d501e46c1bd419b3b40cfce881453dad58b0384e5d1a4ab9ae5684d800ddb"` | SHA256 image digest to pull (in the format "sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a"). Overrides tag when specified. | +| image.digest | string | `"sha256:3d6bf1e5b72aae239d91d836c9170986b8af5650140c1624d0a41e31a9308993"` | SHA256 image digest to pull (in the format "sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a"). Overrides tag when specified. | | image.pullPolicy | string | `"IfNotPresent"` | Pull policy for this image. | | image.repository | string | `"quay.io/airlock/microgateway-cni"` | Image repository from which to pull the Airlock Microgateway CNI image. | -| image.tag | string | `"4.2.6"` | Image tag to pull. | +| image.tag | string | `"4.2.7"` | Image tag to pull. | | imagePullSecrets | list | `[]` | ImagePullSecrets to use when pulling images. | | multusNetworkAttachmentDefinition.create | bool | `false` | Whether a NetworkAttachmentDefinition CR should be created, which can be used for applying the CNI plugin to Pods. | | multusNetworkAttachmentDefinition.namespace | string | `"default"` | Namespace in which the NetworkAttachmentDefinition is deployed. Note: If namespace is set to a custom value, referencing the created NetworkAttachmentDefinition from other namespaces may not work if Multus namespace isolation is enabled. https://github.com/k8snetworkplumbingwg/multus-cni/blob/v4.0.2/docs/configuration.md#namespace-isolation | diff --git a/deploy/charts/airlock-microgateway-cni/values.yaml b/deploy/charts/airlock-microgateway-cni/values.yaml index 25ce57d..d205857 100644 --- a/deploy/charts/airlock-microgateway-cni/values.yaml +++ b/deploy/charts/airlock-microgateway-cni/values.yaml @@ -15,10 +15,10 @@ image: # -- Image repository from which to pull the Airlock Microgateway CNI image. repository: "quay.io/airlock/microgateway-cni" # -- Image tag to pull. - tag: "4.2.6" + tag: "4.2.7" # -- SHA256 image digest to pull (in the format "sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a"). # Overrides tag when specified. - digest: "sha256:d73d501e46c1bd419b3b40cfce881453dad58b0384e5d1a4ab9ae5684d800ddb" + digest: "sha256:3d6bf1e5b72aae239d91d836c9170986b8af5650140c1624d0a41e31a9308993" # -- Pull policy for this image. pullPolicy: IfNotPresent # -- Annotations to add to all Pods. diff --git a/deploy/charts/airlock-microgateway/Chart.yaml b/deploy/charts/airlock-microgateway/Chart.yaml index 62710bd..9b94c1a 100644 --- a/deploy/charts/airlock-microgateway/Chart.yaml +++ b/deploy/charts/airlock-microgateway/Chart.yaml @@ -3,8 +3,8 @@ name: microgateway description: A Helm chart for deploying the Airlock Microgateway type: application home: https://www.airlock.com/en/microgateway -version: "4.2.6" -appVersion: "4.2.6" +version: "4.2.7" +appVersion: "4.2.7" annotations: charts.openshift.io/name: Airlock Microgateway artifacthub.io/category: security diff --git a/deploy/charts/airlock-microgateway/README.md b/deploy/charts/airlock-microgateway/README.md index 66f7d5f..419ca40 100644 --- a/deploy/charts/airlock-microgateway/README.md +++ b/deploy/charts/airlock-microgateway/README.md @@ -1,6 +1,6 @@ # Airlock Microgateway -![Version: 4.2.6](https://img.shields.io/badge/Version-4.2.6-informational?style=flat-square) ![AppVersion: 4.2.6](https://img.shields.io/badge/AppVersion-4.2.6-informational?style=flat-square) +![Version: 4.2.7](https://img.shields.io/badge/Version-4.2.7-informational?style=flat-square) ![AppVersion: 4.2.7](https://img.shields.io/badge/AppVersion-4.2.7-informational?style=flat-square) *Airlock Microgateway is a Kubernetes native WAAP (Web Application and API Protection) solution to protect microservices.* @@ -13,7 +13,7 @@ Modern application security is embedded in the development workflow and follows DevSecOps paradigms. Airlock Microgateway is the perfect fit for these requirements. It is a lightweight alternative to the Airlock Gateway appliance, optimized for Kubernetes environments. Airlock Microgateway protects your applications and microservices with the tried-and-tested Airlock security features against attacks, while also providing a high degree of scalability. -__This Helm chart is part of Airlock Microgateway. See our [GitHub repo](https://github.com/airlock/microgateway/tree/4.2.6).__ +__This Helm chart is part of Airlock Microgateway. See our [GitHub repo](https://github.com/airlock/microgateway/tree/4.2.7).__ ### Features * Kubernetes native integration with its Operator, Custom Resource Definitions, hot-reload, automatic sidecar injection. @@ -57,7 +57,7 @@ For an easy start in non-production environments, you may deploy the same cert-m ### Deploy cert-manager ```bash # Install cert-manager -kubectl apply -k https://github.com/airlock/microgateway/examples/utilities/cert-manager/?ref=4.2.6 +kubectl apply -k https://github.com/airlock/microgateway/examples/utilities/cert-manager/?ref=4.2.7 # Wait for the cert-manager to be up and running kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kubernetes.io/instance=cert-manager @@ -76,14 +76,14 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub kubectl -n airlock-microgateway-system create secret generic airlock-microgateway-license --from-file=microgateway-license.txt # Install Operator (CRDs are included via the standard Helm 3 mechanism, i.e. Helm will handle initial installation but not upgrades) - helm install airlock-microgateway -n airlock-microgateway-system oci://quay.io/airlockcharts/microgateway --version '4.2.6' --wait + helm install airlock-microgateway -n airlock-microgateway-system oci://quay.io/airlockcharts/microgateway --version '4.2.7' --wait ``` 2. (Recommended) You can verify the correctness of the installation with `helm test`. ```bash - helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.6' + helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=true --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.7' helm test airlock-microgateway -n airlock-microgateway-system --logs - helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.6' + helm upgrade airlock-microgateway -n airlock-microgateway-system --set tests.enabled=false --reuse-values oci://quay.io/airlockcharts/microgateway --version '4.2.7' ``` ### Upgrading CRDs @@ -91,7 +91,7 @@ kubectl -n cert-manager wait --for=condition=ready --timeout=600s pod -l app.kub The `helm install/upgrade` command currently does not support upgrading CRDs that already exist in the cluster. CRDs should instead be manually upgraded before upgrading the Operator itself via the following command: ```bash -kubectl apply -k https://github.com/airlock/microgateway/deploy/charts/airlock-microgateway/crds/?ref=4.2.6 --server-side --force-conflicts +kubectl apply -k https://github.com/airlock/microgateway/deploy/charts/airlock-microgateway/crds/?ref=4.2.7 --server-side --force-conflicts ``` **Note**: Certain GitOps solutions such as e.g. Argo CD or Flux CD have their own mechanisms for automatically upgrading CRDs included with Helm charts. @@ -110,10 +110,10 @@ For the community edition, check our **[Airlock community forum](https://forum.a | commonAnnotations | object | `{}` | Annotations to add to all resources. | | commonLabels | object | `{}` | Labels to add to all resources. | | crds.skipVersionCheck | bool | `false` | Whether to skip the sanity check which prevents installing/upgrading the helm chart in a cluster with outdated Airlock Microgateway CRDs. The check aims to prevent unexpected behavior and issues due to Helm v3 not automatically upgrading CRDs which are already present in the cluster when performing a "helm install/upgrade". | -| engine.image.digest | string | `"sha256:d49c0f0e592a8f3bd6360c02b592d4a7adda5b17d3b3742337848ff9d81893ef"` | SHA256 image digest to pull (in the format "sha256:a3051f42d3013813b05f7513bb86ed6a3209cb3003f1bb2f7b72df249aa544d3"). Overrides tag when specified. | +| engine.image.digest | string | `"sha256:e43ad143279181c872a879932433e19b000b68906ffe6607de6cf20f9f3de65c"` | SHA256 image digest to pull (in the format "sha256:a3051f42d3013813b05f7513bb86ed6a3209cb3003f1bb2f7b72df249aa544d3"). Overrides tag when specified. | | engine.image.pullPolicy | string | `"IfNotPresent"` | Pull policy for this image. | | engine.image.repository | string | `"quay.io/airlock/microgateway-engine"` | Image repository from which to pull the Airlock Microgateway Engine image. | -| engine.image.tag | string | `"4.2.6"` | Image tag to pull. | +| engine.image.tag | string | `"4.2.7"` | Image tag to pull. | | engine.resources | object | `{}` | Resource restrictions to apply to the Airlock Microgateway Engine container. | | engine.sidecar.podMonitor.create | bool | `false` | Whether to create a PodMonitor resource for monitoring. | | engine.sidecar.podMonitor.labels | object | `{}` | Labels to add to the PodMonitor. | @@ -121,16 +121,16 @@ For the community edition, check our **[Airlock community forum](https://forum.a | imagePullSecrets | list | `[]` | ImagePullSecrets to use when pulling images. | | license.secretName | string | `"airlock-microgateway-license"` | Name of the secret containing the "microgateway-license.txt" key. | | nameOverride | string | `""` | Allows overriding the name to use instead of "microgateway". | -| networkValidator.image.digest | string | `"sha256:d1c484f4b9ea6218e2b1925f6b08d54dd352c7aaf653977bbbbeeb21eb3e19dd"` | SHA256 image digest to pull (in the format "sha256:d1c484f4b9ea6218e2b1925f6b08d54dd352c7aaf653977bbbbeeb21eb3e19dd"). Overrides tag when specified. | +| networkValidator.image.digest | string | `"sha256:6051975a14c51b9d3b525a06004d62a4d323c08ca58e3468343095a55a42fff2"` | SHA256 image digest to pull (in the format "sha256:6051975a14c51b9d3b525a06004d62a4d323c08ca58e3468343095a55a42fff2"). Overrides tag when specified. | | networkValidator.image.pullPolicy | string | `"IfNotPresent"` | Pull policy for this image. | | networkValidator.image.repository | string | `"cgr.dev/chainguard/netcat"` | Image repository from which to pull the netcat image for the Airlock Microgateway Network Validator init-container. | | networkValidator.image.tag | string | `""` | Image tag to pull. | | operator.affinity | object | `{}` | Custom affinity to apply to the operator Deployment. Used to influence the scheduling. | | operator.config.logLevel | string | `"info"` | Operator application log level. | -| operator.image.digest | string | `"sha256:c41b87bad62024d0547c322be15a2bcd1b2c5586c5b9e29f806de1bc6fd176ea"` | SHA256 image digest to pull (in the format "sha256:c79ee3f85862fb386e9dd62b901b607161d27807f512d7fbdece05e9ee3d7c63"). Overrides tag when specified. | +| operator.image.digest | string | `"sha256:524f37bee6a77a95fd91be78177af78614c22adae2d11650c7f4ffd79b664b26"` | SHA256 image digest to pull (in the format "sha256:c79ee3f85862fb386e9dd62b901b607161d27807f512d7fbdece05e9ee3d7c63"). Overrides tag when specified. | | operator.image.pullPolicy | string | `"IfNotPresent"` | Pull policy for this image. | | operator.image.repository | string | `"quay.io/airlock/microgateway-operator"` | Image repository from which to pull the Airlock Microgateway Operator image. | -| operator.image.tag | string | `"4.2.6"` | Image tag to pull. | +| operator.image.tag | string | `"4.2.7"` | Image tag to pull. | | operator.nodeSelector | object | `{}` | Custom nodeSelector to apply to the operator Deployment in order to constrain its Pods to certain nodes. | | operator.podAnnotations | object | `{}` | Annotations to add to all Pods. | | operator.podLabels | object | `{}` | Labels to add to all Pods. | diff --git a/deploy/charts/airlock-microgateway/crds/accesscontrols.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/accesscontrols.microgateway.airlock.com.yaml index 7dec091..3901aaf 100644 --- a/deploy/charts/airlock-microgateway/crds/accesscontrols.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/accesscontrols.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: accesscontrols.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/contentsecurities.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/contentsecurities.microgateway.airlock.com.yaml index 8f6d325..2c40dd3 100644 --- a/deploy/charts/airlock-microgateway/crds/contentsecurities.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/contentsecurities.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: contentsecurities.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/denyrules.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/denyrules.microgateway.airlock.com.yaml index ad55c6e..66d3c71 100644 --- a/deploy/charts/airlock-microgateway/crds/denyrules.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/denyrules.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: denyrules.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/envoyclusters.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/envoyclusters.microgateway.airlock.com.yaml index 68fac36..d7d5aa9 100644 --- a/deploy/charts/airlock-microgateway/crds/envoyclusters.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/envoyclusters.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: envoyclusters.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/envoyconfigurations.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/envoyconfigurations.microgateway.airlock.com.yaml index 1afcab3..711f364 100644 --- a/deploy/charts/airlock-microgateway/crds/envoyconfigurations.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/envoyconfigurations.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: envoyconfigurations.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/envoyhttpfilters.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/envoyhttpfilters.microgateway.airlock.com.yaml index 350f45f..0ca1ab8 100644 --- a/deploy/charts/airlock-microgateway/crds/envoyhttpfilters.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/envoyhttpfilters.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: envoyhttpfilters.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/headerrewrites.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/headerrewrites.microgateway.airlock.com.yaml index cc86ff3..8370edd 100644 --- a/deploy/charts/airlock-microgateway/crds/headerrewrites.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/headerrewrites.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: headerrewrites.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/identitypropagations.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/identitypropagations.microgateway.airlock.com.yaml index 7549b92..292e262 100644 --- a/deploy/charts/airlock-microgateway/crds/identitypropagations.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/identitypropagations.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: identitypropagations.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/limits.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/limits.microgateway.airlock.com.yaml index 26f10aa..0622077 100644 --- a/deploy/charts/airlock-microgateway/crds/limits.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/limits.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: limits.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/oidcproviders.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/oidcproviders.microgateway.airlock.com.yaml index c95e724..edcd24d 100644 --- a/deploy/charts/airlock-microgateway/crds/oidcproviders.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/oidcproviders.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: oidcproviders.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/oidcrelyingparties.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/oidcrelyingparties.microgateway.airlock.com.yaml index 66fde1b..8ae5991 100644 --- a/deploy/charts/airlock-microgateway/crds/oidcrelyingparties.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/oidcrelyingparties.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: oidcrelyingparties.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/openapis.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/openapis.microgateway.airlock.com.yaml index a6475b1..ea94790 100644 --- a/deploy/charts/airlock-microgateway/crds/openapis.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/openapis.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: openapis.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/parsers.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/parsers.microgateway.airlock.com.yaml index a31b782..01d3adf 100644 --- a/deploy/charts/airlock-microgateway/crds/parsers.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/parsers.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: parsers.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/sidecargateways.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/sidecargateways.microgateway.airlock.com.yaml index 5cf028a..522dfa7 100644 --- a/deploy/charts/airlock-microgateway/crds/sidecargateways.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/sidecargateways.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: sidecargateways.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/crds/telemetries.microgateway.airlock.com.yaml b/deploy/charts/airlock-microgateway/crds/telemetries.microgateway.airlock.com.yaml index bb65ea3..cbf8e7c 100644 --- a/deploy/charts/airlock-microgateway/crds/telemetries.microgateway.airlock.com.yaml +++ b/deploy/charts/airlock-microgateway/crds/telemetries.microgateway.airlock.com.yaml @@ -5,7 +5,7 @@ metadata: controller-gen.kubebuilder.io/version: v0.14.0 labels: app.kubernetes.io/name: airlock-microgateway-operator - app.kubernetes.io/version: 4.2.6 + app.kubernetes.io/version: 4.2.7 name: telemetries.microgateway.airlock.com spec: group: microgateway.airlock.com diff --git a/deploy/charts/airlock-microgateway/values.yaml b/deploy/charts/airlock-microgateway/values.yaml index 26a8c5c..a16d218 100644 --- a/deploy/charts/airlock-microgateway/values.yaml +++ b/deploy/charts/airlock-microgateway/values.yaml @@ -26,10 +26,10 @@ operator: # -- Image repository from which to pull the Airlock Microgateway Operator image. repository: "quay.io/airlock/microgateway-operator" # -- Image tag to pull. - tag: "4.2.6" + tag: "4.2.7" # -- SHA256 image digest to pull (in the format "sha256:c79ee3f85862fb386e9dd62b901b607161d27807f512d7fbdece05e9ee3d7c63"). # Overrides tag when specified. - digest: "sha256:c41b87bad62024d0547c322be15a2bcd1b2c5586c5b9e29f806de1bc6fd176ea" + digest: "sha256:524f37bee6a77a95fd91be78177af78614c22adae2d11650c7f4ffd79b664b26" # -- Pull policy for this image. pullPolicy: IfNotPresent # -- Annotations to add to all Pods. @@ -89,10 +89,10 @@ engine: # -- Image repository from which to pull the Airlock Microgateway Engine image. repository: "quay.io/airlock/microgateway-engine" # -- Image tag to pull. - tag: "4.2.6" + tag: "4.2.7" # -- SHA256 image digest to pull (in the format "sha256:a3051f42d3013813b05f7513bb86ed6a3209cb3003f1bb2f7b72df249aa544d3"). # Overrides tag when specified. - digest: "sha256:d49c0f0e592a8f3bd6360c02b592d4a7adda5b17d3b3742337848ff9d81893ef" + digest: "sha256:e43ad143279181c872a879932433e19b000b68906ffe6607de6cf20f9f3de65c" # -- Pull policy for this image. pullPolicy: IfNotPresent # -- Resource restrictions to apply to the Airlock Microgateway Engine container. @@ -121,9 +121,9 @@ networkValidator: repository: "cgr.dev/chainguard/netcat" # -- Image tag to pull. tag: "" - # -- SHA256 image digest to pull (in the format "sha256:d1c484f4b9ea6218e2b1925f6b08d54dd352c7aaf653977bbbbeeb21eb3e19dd"). + # -- SHA256 image digest to pull (in the format "sha256:6051975a14c51b9d3b525a06004d62a4d323c08ca58e3468343095a55a42fff2"). # Overrides tag when specified. - digest: "sha256:d1c484f4b9ea6218e2b1925f6b08d54dd352c7aaf653977bbbbeeb21eb3e19dd" + digest: "sha256:6051975a14c51b9d3b525a06004d62a4d323c08ca58e3468343095a55a42fff2" # -- Pull policy for this image. pullPolicy: IfNotPresent license: