Managed Apps
Changed
- Chart: Update Helm release vertical-pod-autoscaler to v9.8.3. (#301)
- added support for simplified configuration of the auth bundle apps, which minimizes the number pf properties the user needs to provide manually.
Changed
- Upgrade app and chart to upstream version 2.11.2 to support kubernetes 1.25 to 1.27.
Changes
- Update kubectl-apply-job to 0.8.0 for enabling
readOnlyRootFilesystem: true for kubectl CRD install job container.
Fix
- Remove quotes from acme-http01-solver-image argument. The quotes are used when looking up the image which causes an error.
Changed
- Reduce security exceptions #89.
- Enable readOnly FS moving config to emptyDir volume.
- Remove
NET_ADMIN and drop ALL capabilities. - Add
NET_BIND_SERVICE capability. - Add policy exception for
require-non-root-groups/autogen-check-runasgroup. - Remove disallow-capabilities-* policy exceptions.
Added
- Improves container security by setting
runAsGroup and runAsUser greater than zero for all deployments.
Changed
- Upgraded chart dependency to kube-prometheus-stack-61.0.0
- prometheus-operator from 0.73.2 to 0.75.0 - adding remoteWrite.proxyFromEnvironment support
- prometheus upgraded from 2.52.0 to 2.53.0
- grafana from 7.3.12 to 8.2.0
- thanos ruler upgraded from 0.35.0 to 0.35.1
- prometheus-node-exporter upgraded from 1.8.0 to 1.8.1
- Replace
in-addr.arpa records in zone label for coredns_cache_.* metrics due to large cardinality.
Changed
- Upgraded chart dependency to kube-prometheus-stack-61.0.0
- prometheus-operator from 0.73.2 to 0.75.0 - adding remoteWrite.proxyFromEnvironment support
- prometheus upgraded from 2.52.0 to 2.53.0
- grafana from 7.3.12 to 8.2.0
- thanos ruler upgraded from 0.35.0 to 0.35.1
- prometheus-node-exporter upgraded from 1.8.0 to 1.8.1
- Replace
in-addr.arpa records in zone label for coredns_cache_.* metrics due to large cardinality.
Changed
- Changed the way registry is being parsed in helm templates
