Skip to content

Commit

Permalink
Merge pull request #102 from sighupio/develop
Browse files Browse the repository at this point in the history 
chore: release 1.10.0
  • Loading branch information
@ralgozino
ralgozino authored Nov 6, 2023
2 parents 7d174ba + 2e5af75 commit ca68d8c
Show file tree
Hide file tree
Showing 9 changed files with 318 additions and 86 deletions.
76 changes: 38 additions & 38 deletions .drone.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,10 +58,10 @@ steps:
- render
commands:
# we use --ignore-deprecations because we don't want the CI to fail when the API has not been removed yet.
- /pluto detect gatekeeper.yml --target-versions=k8s=v1.26.0 --ignore-deprecations
- /pluto detect gatekeeper.yml --target-versions=k8s=v1.27.0 --ignore-deprecations

---
name: e2e-kubernetes-1.23
name: e2e-kubernetes-1.24
kind: pipeline
type: docker

Expand Down Expand Up @@ -92,10 +92,10 @@ steps:
path: /shared
depends_on: [clone]
settings:
action: custom-cluster-123
pipeline_id: cluster-123
action: custom-cluster-124
pipeline_id: cluster-124
local_kind_config_path: katalog/tests/kind/config.yml
cluster_version: "1.23.0"
cluster_version: "1.24.0"
instance_path: /shared
aws_default_region:
from_secret: aws_region
Expand All @@ -117,14 +117,14 @@ steps:
from_secret: dockerhub_password

- name: e2e
image: quay.io/sighup/e2e-testing:1.1.0_0.2.2_2.16.1_1.9.4_1.23.0_3.8.7_2.4.1
image: quay.io/sighup/e2e-testing:1.1.0_0.7.0_3.1.1_1.9.4_1.24.1_3.8.7_4.21.1
pull: always
volumes:
- name: shared
path: /shared
depends_on: [init]
commands:
- export KUBECONFIG=/shared/kube/kubeconfig-123
- export KUBECONFIG=/shared/kube/kubeconfig-124
- bats -t katalog/tests/gatekeeper.sh

- name: destroy
Expand All @@ -133,7 +133,7 @@ steps:
depends_on: [e2e]
settings:
action: destroy
pipeline_id: cluster-123
pipeline_id: cluster-124
aws_default_region:
from_secret: aws_region
aws_access_key_id:
Expand All @@ -160,9 +160,8 @@ steps:
volumes:
- name: shared
temp: {}

---
name: e2e-kubernetes-1.24
name: e2e-kubernetes-1.25
kind: pipeline
type: docker

Expand All @@ -186,17 +185,17 @@ trigger:

steps:
- name: init
image: quay.io/sighup/e2e-testing-drone-plugin:v1.24.0
image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
pull: always
volumes:
- name: shared
path: /shared
depends_on: [clone]
settings:
action: custom-cluster-124
pipeline_id: cluster-124
action: custom-cluster-125
pipeline_id: cluster-125
local_kind_config_path: katalog/tests/kind/config.yml
cluster_version: "1.24.0"
cluster_version: "1.25.3"
instance_path: /shared
aws_default_region:
from_secret: aws_region
Expand All @@ -218,23 +217,24 @@ steps:
from_secret: dockerhub_password

- name: e2e
image: quay.io/sighup/e2e-testing:1.1.0_0.7.0_3.1.1_1.9.4_1.24.1_3.8.7_4.21.1
# KUBECTL 1.25.3 - KUSTOMIZE 3.5.3 - HELM 3.1.1 - YQ 4.21.1 - ISTIOCTL 1.9.4 - FURYCTL 0.9.0 - BATS 1.1.0
image: quay.io/sighup/e2e-testing:1.1.0_0.9.0_3.1.1_1.9.4_1.25.3_3.5.3_4.21.1
pull: always
volumes:
- name: shared
path: /shared
depends_on: [init]
commands:
- export KUBECONFIG=/shared/kube/kubeconfig-124
- export KUBECONFIG=/shared/kube/kubeconfig-125
- bats -t katalog/tests/gatekeeper.sh

- name: destroy
image: quay.io/sighup/e2e-testing-drone-plugin:v1.24.0
image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
pull: always
depends_on: [e2e]
settings:
action: destroy
pipeline_id: cluster-124
pipeline_id: cluster-125
aws_default_region:
from_secret: aws_region
aws_access_key_id:
Expand Down Expand Up @@ -262,7 +262,7 @@ volumes:
- name: shared
temp: {}
---
name: e2e-kubernetes-1.25
name: e2e-kubernetes-1.26
kind: pipeline
type: docker

Expand All @@ -286,17 +286,17 @@ trigger:

steps:
- name: init
image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
pull: always
volumes:
- name: shared
path: /shared
depends_on: [clone]
settings:
action: custom-cluster-125
pipeline_id: cluster-125
action: custom-cluster-126
pipeline_id: cluster-126
local_kind_config_path: katalog/tests/kind/config.yml
cluster_version: "1.25.3"
cluster_version: "1.26.4"
instance_path: /shared
aws_default_region:
from_secret: aws_region
Expand All @@ -318,24 +318,23 @@ steps:
from_secret: dockerhub_password

- name: e2e
# KUBECTL 1.25.3 - KUSTOMIZE 3.5.3 - HELM 3.1.1 - YQ 4.21.1 - ISTIOCTL 1.9.4 - FURYCTL 0.9.0 - BATS 1.1.0
image: quay.io/sighup/e2e-testing:1.1.0_0.9.0_3.1.1_1.9.4_1.25.3_3.5.3_4.21.1
image: quay.io/sighup/e2e-testing:1.1.0_0.11.0_3.1.1_1.9.4_1.26.3_3.5.3_4.33.3
pull: always
volumes:
- name: shared
path: /shared
depends_on: [init]
commands:
- export KUBECONFIG=/shared/kube/kubeconfig-125
- export KUBECONFIG=/shared/kube/kubeconfig-126
- bats -t katalog/tests/gatekeeper.sh

- name: destroy
image: quay.io/sighup/e2e-testing-drone-plugin:v1.25.3
image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
pull: always
depends_on: [e2e]
settings:
action: destroy
pipeline_id: cluster-125
pipeline_id: cluster-126
aws_default_region:
from_secret: aws_region
aws_access_key_id:
Expand All @@ -362,8 +361,9 @@ steps:
volumes:
- name: shared
temp: {}

---
name: e2e-kubernetes-1.26
name: e2e-kubernetes-1.27
kind: pipeline
type: docker

Expand All @@ -387,17 +387,17 @@ trigger:

steps:
- name: init
image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
image: quay.io/sighup/e2e-testing-drone-plugin:v1.27.1
pull: always
volumes:
- name: shared
path: /shared
depends_on: [clone]
settings:
action: custom-cluster-126
pipeline_id: cluster-126
action: custom-cluster-127
pipeline_id: cluster-127
local_kind_config_path: katalog/tests/kind/config.yml
cluster_version: "1.26.4"
cluster_version: "1.27.1"
instance_path: /shared
aws_default_region:
from_secret: aws_region
Expand All @@ -419,23 +419,23 @@ steps:
from_secret: dockerhub_password

- name: e2e
image: quay.io/sighup/e2e-testing:1.1.0_0.11.0_3.1.1_1.9.4_1.26.3_3.5.3_4.33.3
image: quay.io/sighup/e2e-testing:1.1.0_0.11.0_3.12.0_1.9.4_1.27.1_3.5.3_4.33.3
pull: always
volumes:
- name: shared
path: /shared
depends_on: [init]
commands:
- export KUBECONFIG=/shared/kube/kubeconfig-126
- export KUBECONFIG=/shared/kube/kubeconfig-127
- bats -t katalog/tests/gatekeeper.sh

- name: destroy
image: quay.io/sighup/e2e-testing-drone-plugin:v1.26.4
image: quay.io/sighup/e2e-testing-drone-plugin:v1.27.1
pull: always
depends_on: [e2e]
settings:
action: destroy
pipeline_id: cluster-126
pipeline_id: cluster-127
aws_default_region:
from_secret: aws_region
aws_access_key_id:
Expand Down Expand Up @@ -469,10 +469,10 @@ kind: pipeline
type: docker

depends_on:
- e2e-kubernetes-1.23
- e2e-kubernetes-1.24
- e2e-kubernetes-1.25
- e2e-kubernetes-1.26
- e2e-kubernetes-1.27

platform:
os: linux
Expand Down
11 changes: 6 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
</h1>
<!-- markdownlint-enable MD033 -->

![Release](https://img.shields.io/badge/Latest%20Release-v1.9.0-blue)
![Release](https://img.shields.io/badge/Latest%20Release-v1.10.0-blue)
![License](https://img.shields.io/github/license/sighupio/fury-kubernetes-opa?label=License)
![Slack](https://img.shields.io/badge/slack-@kubernetes/fury-yellow.svg?logo=slack&label=Slack)

Expand All @@ -29,21 +29,22 @@ Fury Kubernetes OPA provides the following packages:

| Package | Version | Description |
| ------------------------------------------------------ | --------- | ----------------------------------------------------------------- |
| [Gatekeeper Core](katalog/gatekeeper/core) | `v3.12.0` | Gatekeeper deployment, ready to enforce rules. |
| [Gatekeeper Core](katalog/gatekeeper/core) | `v3.14.0` | Gatekeeper deployment, ready to enforce rules. |
| [Gatekeeper Rules](katalog/gatekeeper/rules) | `N.A.` | A set of custom rules to get started with policy enforcement. |
| [Gatekeeper Monitoring](katalog/gatekeeper/monitoring) | `N.A.` | Metrics, alerts and dashboard for monitoring Gatekeeper. |
| [Gatekeeper Policy Manager](katalog/gatekeeper/gpm) | `v1.0.4` | Gatekeeper Policy Manager, a simple to use web-ui for Gatekeeper. |
| [Gatekeeper Policy Manager](katalog/gatekeeper/gpm) | `v1.0.9` | Gatekeeper Policy Manager, a simple to use web-ui for Gatekeeper. |

Click on each package name to see its full documentation.

## Compatibility

| Kubernetes Version | Compatibility | Notes |
| ------------------ | :----------------: | ---------------- |
| `1.23.x` | :white_check_mark: | No known issues. |
| `1.24.x` | :white_check_mark: | No known issues. |
| `1.25.x` | :white_check_mark: | No known issues. |
| `1.26.x` | :white_check_mark: | No known issues |
| `1.27.x` | :white_check_mark: | No known issues |


Check the [compatibility matrix][compatibility-matrix] for additional information on previous releases of the module.

Expand All @@ -66,7 +67,7 @@ Check the [compatibility matrix][compatibility-matrix] for additional informatio
```yaml
bases:
- name: opa/gatekeeper
version: "1.9.0"
version: "1.10.0"
```
> See `furyctl` [documentation][furyctl-repo] for additional details about `Furyfile.yml` format.
Expand Down
19 changes: 10 additions & 9 deletions docs/COMPATIBILITY_MATRIX.md
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,16 @@

# Compatibility Matrix

| Module Version / Kubernetes Version | 1.19.X | 1.20.X | 1.21.X | 1.22.X | 1.23.X | 1.24.X | 1.25.X | 1.26.X |
| ----------------------------------- | :----------------: | :----------------: | :----------------: | :----------------: | ------------------ | ------------------ | ------------------ | ------------------ |
| v1.6.2 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | | | |
| v1.7.0 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | | |
| v1.7.1 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
| v1.7.2 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
| v1.7.3 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
| v1.8.0 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
| v1.9.0 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |
| Module Version / Kubernetes Version | 1.19.X | 1.20.X | 1.21.X | 1.22.X | 1.23.X | 1.24.X | 1.25.X | 1.26.X | 1.27.X |
| ----------------------------------- | :----------------: | :----------------: | :----------------: | :----------------: | ------------------ | ------------------ | ------------------ | ------------------ | ------------------ |
| v1.6.2 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | | | | |
| v1.7.0 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | | | |
| v1.7.1 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | |
| v1.7.2 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | |
| v1.7.3 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | |
| v1.8.0 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | | |
| v1.9.0 | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | |
| v1.10.0 | | | | | | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: |

:white_check_mark: Compatible

Expand Down
28 changes: 28 additions & 0 deletions docs/releases/v1.10.0.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# OPA Core Module Release 1.10.0

Welcome to the latest release of `OPA` module of [Kubernetes Fury Distribution](https://github.com/sighupio/fury-distribution) maintained by team SIGHUP.

This is a minor release including the following changes:

- Added support for Kubernetes 1.27
- Update Gatekeeper to version 3.14.0
- Update Gatekeeper Policy Manager to version 1.0.9

## Component Images 🚢

| Component | Supported Version | Previous Version |
| --------------------------- | ------------------------------------------------------------------------------------- | ---------------- |
| `gatekeeper` | [`v3.14.0`](https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.14.0) | `v3.12.0` |
| `gatekeeper-policy-manager` | [`v1.0.9`](https://github.com/sighupio/gatekeeper-policy-manager/releases/tag/v1.0.9) | `v1.0.4` |

> Please refer the individual release notes to get a detailed information on each release.
## Update Guide 🦮

### Process

To upgrade this core module from `v1.9.0` to `v1.10.0`, you need to download this new version, then apply the `kustomize` project. No further action is required.

```bash
kustomize build katalog/gatekeeper | kubectl apply -f -
```
2 changes: 1 addition & 1 deletion katalog/gatekeeper/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ This module can easily be added to your existing Fury setup adding to your `Fury
bases:
(...)
- name: opa/gatekeeper
version: "1.8.0"
version: "1.10.0"
```
Once you'll do this, you can then proceed to integrate Gatekeeper into your Kustomize project.
Expand Down
Loading

0 comments on commit ca68d8c

Please sign in to comment.