From 20e4045d1ad45a5047f4f81a544b96643528dda7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 08:37:53 -0400 Subject: [PATCH 1/5] chore(deps): update docker/login-action digest to 0689575 (#714) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/release-please.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 1f52bc813..cd266346c 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -52,7 +52,7 @@ jobs: ref: ${{ needs.release-please.outputs.release_tag_name }} - name: Log in to the Container registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 + uses: docker/login-action@06895751d15a223ec091bea144ad5c7f50d228d0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From 69efcf021dfa4915bba9c943d0b8a8d137bfb2b2 Mon Sep 17 00:00:00 2001 From: Woody Hill Date: Wed, 30 Oct 2024 23:02:47 +1000 Subject: [PATCH 2/5] fix: Add missing poddisruption budget permissions in manager cluster role (#718) Signed-off-by: woodyh --- config/rbac/role.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index ec7affce1..5fb6e3c25 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -147,3 +147,11 @@ rules: verbs: - get - update +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - list + - create + - watch From 52bac10723c29f7e68db0b755e02082d95cb8237 Mon Sep 17 00:00:00 2001 From: Michael Beemer Date: Wed, 30 Oct 2024 10:45:46 -0400 Subject: [PATCH 3/5] ci(trivy): fetch vulnerabilities DB from ERC (#721) Signed-off-by: Michael Beemer --- .github/workflows/pr-checks.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index 23f25c225..e01476a0d 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -75,13 +75,15 @@ jobs: cache-from: type=gha,scope=${{ github.ref_name }}-ofo cache-to: type=gha,scope=${{ github.ref_name }}-ofo - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.27.0 + uses: aquasecurity/trivy-action@0.28.0 with: input: ${{ github.workspace }}/open-feature-operator-local.tar - format: "template" - template: "@/contrib/sarif.tpl" + format: "sarif" output: "trivy-results.sarif" severity: "CRITICAL,HIGH" + env: + # use an alternative trivvy db to avoid rate limits + TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2,ghcr.io/aquasecurity/trivy-db:2 - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: From 8ae6ee81ac48589d01fd6e75f9c16bcd62c336b0 Mon Sep 17 00:00:00 2001 From: Matthias Riegler Date: Wed, 30 Oct 2024 15:54:03 +0100 Subject: [PATCH 4/5] fix: make flagd replica count configureable in helm chart (#716) Signed-off-by: Matthias Riegler Co-authored-by: Michael Beemer --- CONTRIBUTING.md | 3 +++ chart/open-feature-operator/README.md | 3 ++- chart/open-feature-operator/values.yaml | 2 ++ config/overlays/helm/manager.yaml | 2 ++ 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8c633a522..3272b10b5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -36,6 +36,9 @@ and deploying to your cluster. Please be aware that it is using the cluster your Some part of the project docs may be autogenerated and require running a script. +#### Re-generating helm docs after modifying the chart +` ./.github/scripts/generate-helm-docs.sh` + #### CRDs Docs If you modified or added crds to the project, then you should recreate the crds.md file. To do so run: diff --git a/chart/open-feature-operator/README.md b/chart/open-feature-operator/README.md index f9facc3d1..c25984031 100644 --- a/chart/open-feature-operator/README.md +++ b/chart/open-feature-operator/README.md @@ -148,6 +148,7 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------------------------------ | ------------------------------------------------------------------------------- | ---------------------------------- | +| `flagdProxyConfiguration.replicaCount` | sets the number of replicas for the flagd-proxy deployment. | `1` | | `flagdProxyConfiguration.port` | Sets the port to expose the sync API on. | `8015` | | `flagdProxyConfiguration.managementPort` | Sets the port to expose the management API on. | `8016` | | `flagdProxyConfiguration.image.repository` | Sets the image for the flagd-proxy deployment. | `ghcr.io/open-feature/flagd-proxy` | @@ -177,7 +178,7 @@ The command removes all the Kubernetes components associated with the chart and | `controllerManager.kubeRbacProxy.resources.requests.cpu` | Sets cpu resource requests for kube-rbac-proxy. | `5m` | | `controllerManager.kubeRbacProxy.resources.requests.memory` | Sets memory resource requests for kube-rbac-proxy. | `64Mi` | | `controllerManager.manager.image.repository` | Sets the image for the operator. | `ghcr.io/open-feature/open-feature-operator` | -| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.7.2` | +| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.8.0` | | `controllerManager.manager.resources.limits.cpu` | Sets cpu resource limits for operator. | `500m` | | `controllerManager.manager.resources.limits.memory` | Sets memory resource limits for operator. | `128Mi` | | `controllerManager.manager.resources.requests.cpu` | Sets cpu resource requests for operator. | `10m` | diff --git a/chart/open-feature-operator/values.yaml b/chart/open-feature-operator/values.yaml index 9a4034966..9f34b3120 100644 --- a/chart/open-feature-operator/values.yaml +++ b/chart/open-feature-operator/values.yaml @@ -84,6 +84,8 @@ inProcessConfiguration: ## @section Flagd-proxy configuration flagdProxyConfiguration: + ## @param flagdProxyConfiguration.replicaCount sets the number of replicas for the flagd-proxy deployment. + replicaCount: 1 ## @param flagdProxyConfiguration.port Sets the port to expose the sync API on. port: 8015 ## @param flagdProxyConfiguration.managementPort Sets the port to expose the management API on. diff --git a/config/overlays/helm/manager.yaml b/config/overlays/helm/manager.yaml index 3fbfc2983..5232c2c0f 100644 --- a/config/overlays/helm/manager.yaml +++ b/config/overlays/helm/manager.yaml @@ -61,6 +61,8 @@ spec: value: "{{ .Values.sidecarConfiguration.probesEnabled }}" - name: FLAGD_PROXY_IMAGE value: "{{ .Values.flagdProxyConfiguration.image.repository }}" + - name: FLAGD_PROXY_REPLICA_COUNT + value: "{{ .Values.flagdProxyConfiguration.replicaCount }}" - name: FLAGD_PROXY_TAG value: "{{ .Values.flagdProxyConfiguration.image.tag }}" - name: FLAGD_PROXY_PORT From 838bddaabce67ff611bee520ccb5e83123dbabbc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 30 Oct 2024 12:24:27 -0400 Subject: [PATCH 5/5] chore: release 0.8.1 (#720) Signed-off-by: Michael Beemer --- .release-please-manifest.json | 2 +- CHANGELOG.md | 13 +++++++++++++ Makefile | 2 +- chart/open-feature-operator/Chart.yaml | 4 ++-- chart/open-feature-operator/README.md | 2 +- chart/open-feature-operator/values.yaml | 2 +- docs/installation.md | 4 ++-- docs/quick_start.md | 2 +- 8 files changed, 22 insertions(+), 9 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 5dbff2251..5999da042 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,4 +1,4 @@ { - ".": "0.8.0", + ".": "0.8.1", "apis": "0.2.44" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 2273848ab..5153c39bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # Changelog +## [0.8.1](https://github.com/open-feature/open-feature-operator/compare/v0.8.0...v0.8.1) (2024-10-30) + + +### ๐Ÿ› Bug Fixes + +* Add missing poddisruption budget permissions in manager cluster role ([#718](https://github.com/open-feature/open-feature-operator/issues/718)) ([69efcf0](https://github.com/open-feature/open-feature-operator/commit/69efcf021dfa4915bba9c943d0b8a8d137bfb2b2)) +* make flagd replica count configureable in helm chart ([#716](https://github.com/open-feature/open-feature-operator/issues/716)) ([8ae6ee8](https://github.com/open-feature/open-feature-operator/commit/8ae6ee81ac48589d01fd6e75f9c16bcd62c336b0)) + + +### ๐Ÿงน Chore + +* **deps:** update docker/login-action digest to 0689575 ([#714](https://github.com/open-feature/open-feature-operator/issues/714)) ([20e4045](https://github.com/open-feature/open-feature-operator/commit/20e4045d1ad45a5047f4f81a544b96643528dda7)) + ## [0.8.0](https://github.com/open-feature/open-feature-operator/compare/v0.7.2...v0.8.0) (2024-10-22) diff --git a/Makefile b/Makefile index daf422545..15a066837 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ ARCH?=amd64 IMG?=$(RELEASE_REGISTRY)/$(RELEASE_IMAGE) # customize overlay to be used in the build, DEFAULT or HELM KUSTOMIZE_OVERLAY ?= DEFAULT -CHART_VERSION=v0.8.0# x-release-please-version +CHART_VERSION=v0.8.1# x-release-please-version # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.26.1 WAIT_TIMEOUT_SECONDS?=60 diff --git a/chart/open-feature-operator/Chart.yaml b/chart/open-feature-operator/Chart.yaml index f3263636e..c0f864869 100755 --- a/chart/open-feature-operator/Chart.yaml +++ b/chart/open-feature-operator/Chart.yaml @@ -13,12 +13,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "v0.8.0" # x-release-please-version +version: "v0.8.1" # x-release-please-version # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v0.8.0" # x-release-please-version +appVersion: "v0.8.1" # x-release-please-version home: https://openfeature.dev icon: https://open-feature.github.io/open-feature-operator/chart/open-feature-operator/openfeature-logo.png diff --git a/chart/open-feature-operator/README.md b/chart/open-feature-operator/README.md index c25984031..5ebd9e89b 100644 --- a/chart/open-feature-operator/README.md +++ b/chart/open-feature-operator/README.md @@ -178,7 +178,7 @@ The command removes all the Kubernetes components associated with the chart and | `controllerManager.kubeRbacProxy.resources.requests.cpu` | Sets cpu resource requests for kube-rbac-proxy. | `5m` | | `controllerManager.kubeRbacProxy.resources.requests.memory` | Sets memory resource requests for kube-rbac-proxy. | `64Mi` | | `controllerManager.manager.image.repository` | Sets the image for the operator. | `ghcr.io/open-feature/open-feature-operator` | -| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.8.0` | +| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.8.1` | | `controllerManager.manager.resources.limits.cpu` | Sets cpu resource limits for operator. | `500m` | | `controllerManager.manager.resources.limits.memory` | Sets memory resource limits for operator. | `128Mi` | | `controllerManager.manager.resources.requests.cpu` | Sets cpu resource requests for operator. | `10m` | diff --git a/chart/open-feature-operator/values.yaml b/chart/open-feature-operator/values.yaml index 9f34b3120..b7fb45faa 100644 --- a/chart/open-feature-operator/values.yaml +++ b/chart/open-feature-operator/values.yaml @@ -140,7 +140,7 @@ controllerManager: ## @param controllerManager.manager.image.repository Sets the image for the operator. repository: ghcr.io/open-feature/open-feature-operator ## @param controllerManager.manager.image.tag Sets the version tag for the operator. - tag: v0.8.0 # x-release-please-version + tag: v0.8.1 # x-release-please-version resources: limits: ## @param controllerManager.manager.resources.limits.cpu Sets cpu resource limits for operator. diff --git a/docs/installation.md b/docs/installation.md index 7883f3bb4..0170daa66 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -62,13 +62,13 @@ Apply the release yaml directly via kubectl ```sh kubectl create namespace open-feature-operator-system && -kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.0/release.yaml +kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.1/release.yaml ``` ### Uninstall ```sh -kubectl delete -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.0/release.yaml && +kubectl delete -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.1/release.yaml && kubectl delete namespace open-feature-operator-system ``` diff --git a/docs/quick_start.md b/docs/quick_start.md index f1085d506..2a77e290a 100644 --- a/docs/quick_start.md +++ b/docs/quick_start.md @@ -40,7 +40,7 @@ helm upgrade --install openfeature openfeature/open-feature-operator ```sh kubectl create namespace open-feature-operator-system && -kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.0/release.yaml +kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.1/release.yaml ```