Skip to content

Commit 58c586d

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #498 from aramase/release-v0.0.21
release: update manifest and helm charts for v0.0.21
2 parents dd71508 + 9eb3d6e commit 58c586d

17 files changed

+51
-42
lines changed

Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ REGISTRY ?= gcr.io/k8s-staging-csi-secrets-store
2525
IMAGE_NAME ?= driver
2626
# Release version is the current supported release for the driver
2727
# Update this version when the helm chart is being updated for release
28-
RELEASE_VERSION := v0.0.20
28+
RELEASE_VERSION := v0.0.21
2929
IMAGE_VERSION ?= v0.0.21
3030
# Use a custom version for E2E tests if we are testing in CI
3131
ifdef CI
@@ -293,7 +293,7 @@ e2e-helm-deploy:
293293
e2e-helm-deploy-release:
294294
set -x; \
295295
current_release=$(shell (echo ${RELEASE_VERSION} | sed s/"v"//)); \
296-
helm install csi charts/secrets-store-csi-driver-$${current_release}.tgz --namespace default --wait --timeout=15m -v=5 --debug \
296+
helm install csi-secrets-store charts/secrets-store-csi-driver-$${current_release}.tgz --namespace default --wait --timeout=15m -v=5 --debug \
297297
--set linux.image.pullPolicy="IfNotPresent" \
298298
--set windows.image.pullPolicy="IfNotPresent" \
299299
--set windows.enabled=true \

charts/index.yaml

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,22 @@
11
apiVersion: v1
22
entries:
33
secrets-store-csi-driver:
4+
- apiVersion: v1
5+
appVersion: 0.0.21
6+
created: "2021-04-01T09:50:24.248603-07:00"
7+
description: A Helm chart to install the SecretsStore CSI Driver inside a Kubernetes cluster.
8+
digest: cab95625686b388faa1e298dc913a14c5b28ffff7888074664e98dc392c94814
9+
icon: https://github.com/kubernetes/kubernetes/blob/master/logo/logo.png
10+
kubeVersion: '>=1.16.0-0'
11+
maintainers:
12+
- email: ritazh@microsoft.com
13+
name: Rita Zhang
14+
name: secrets-store-csi-driver
15+
sources:
16+
- https://github.com/kubernetes-sigs/secrets-store-csi-driver
17+
urls:
18+
- https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts/secrets-store-csi-driver-0.0.21.tgz
19+
version: 0.0.21
420
- apiVersion: v1
521
appVersion: 0.0.20
622
created: "2021-02-18T11:02:39.04869-08:00"
@@ -193,4 +209,4 @@ entries:
193209
urls:
194210
- https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts/secrets-store-csi-driver-0.0.9.tgz
195211
version: 0.0.9
196-
generated: "2021-02-18T11:02:39.046817-08:00"
212+
generated: "2021-04-01T09:50:24.246699-07:00"

charts/secrets-store-csi-driver-0.0.21.tgz

6.97 KB
Binary file not shown.

charts/secrets-store-csi-driver/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
apiVersion: v1
22
name: secrets-store-csi-driver
3-
version: 0.0.20
4-
appVersion: 0.0.20
3+
version: 0.0.21
4+
appVersion: 0.0.21
55
kubeVersion: ">=1.16.0-0"
66
description: A Helm chart to install the SecretsStore CSI Driver inside a Kubernetes cluster.
77
icon: https://github.com/kubernetes/kubernetes/blob/master/logo/logo.png

charts/secrets-store-csi-driver/README.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
2525
| `fullnameOverride` | String to fully override secrets-store-csi-driver.fullname template with a string | `""` |
2626
| `linux.image.repository` | Linux image repository | `k8s.gcr.io/csi-secrets-store/driver` |
2727
| `linux.image.pullPolicy` | Linux image pull policy | `Always` |
28-
| `linux.image.tag` | Linux image tag | `v0.0.20` |
28+
| `linux.image.tag` | Linux image tag | `v0.0.21` |
2929
| `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` |
3030
| `linux.enabled` | Install secrets store csi driver on linux nodes | true |
3131
| `linux.kubeletRootDir` | Configure the kubelet root dir | `/var/lib/kubelet` |
@@ -50,7 +50,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
5050
| `linux.updateStrategy` | Configure a custom update strategy for the daemonset on linux nodes | `RollingUpdate with 1 maxUnavailable` |
5151
| `windows.image.repository` | Windows image repository | `k8s.gcr.io/csi-secrets-store/driver` |
5252
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
53-
| `windows.image.tag` | Windows image tag | `v0.0.20` |
53+
| `windows.image.tag` | Windows image tag | `v0.0.21` |
5454
| `windows.driver.resources` | The resource request/limits for the windows secrets-store container image | `limits: 400m CPU, 400Mi; requests: 50m CPU, 100Mi` |
5555
| `windows.enabled` | Install secrets store csi driver on windows nodes | false |
5656
| `windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |
@@ -80,6 +80,6 @@ The following table lists the configurable parameters of the csi-secrets-store-p
8080
| `rbac.install` | Install default rbac roles and bindings | true |
8181
| `syncSecret.enabled` | Enable rbac roles and bindings required for syncing to Kubernetes native secrets (the default will change to false after v0.0.14) | true |
8282
| `minimumProviderVersions` | [**DEPRECATED**] A comma delimited list of key-value pairs of minimum provider versions with driver | `""` |
83-
| `grpcSupportedProviders` | A `;` delimited list of providers that support grpc for driver-provider | `"gcp;azure;vault;"` |
8483
| `enableSecretRotation` | Enable secret rotation feature [alpha] | `false` |
8584
| `rotationPollInterval` | Secret rotation poll interval duration | `"120s"` |
85+
| `filteredWatchSecret` | Enable filtered watch for NodePublishSecretRef secrets with label `secrets-store.csi.k8s.io/used=true` | `false` |

charts/secrets-store-csi-driver/templates/secrets-store-csi-driver-windows.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -66,16 +66,16 @@ spec:
6666
{{- if and (semverCompare ">= v0.0.9-0" .Values.windows.image.tag) .Values.minimumProviderVersions }}
6767
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
6868
{{- end }}
69-
{{- if and (semverCompare ">= v0.0.14-0" .Values.windows.image.tag) .Values.grpcSupportedProviders }}
70-
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
71-
{{- end }}
7269
{{- if and (semverCompare ">= v0.0.15-0" .Values.windows.image.tag) .Values.enableSecretRotation }}
7370
- "--enable-secret-rotation={{ .Values.enableSecretRotation }}"
7471
{{- end }}
7572
{{- if and (semverCompare ">= v0.0.15-0" .Values.windows.image.tag) .Values.rotationPollInterval }}
7673
- "--rotation-poll-interval={{ .Values.rotationPollInterval }}"
7774
{{- end }}
7875
- "--metrics-addr={{ .Values.windows.metricsAddr }}"
76+
{{- if and (semverCompare ">= v0.0.21-0" .Values.windows.image.tag) .Values.filteredWatchSecret }}
77+
- "--filtered-watch-secret={{ .Values.filteredWatchSecret }}"
78+
{{- end }}
7979
env:
8080
{{- with .Values.windows.env }}
8181
{{- toYaml . | nindent 10 }}

charts/secrets-store-csi-driver/templates/secrets-store-csi-driver.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -66,16 +66,16 @@ spec:
6666
{{- if and (semverCompare ">= v0.0.8-0" .Values.linux.image.tag) .Values.minimumProviderVersions }}
6767
- "--min-provider-version={{ .Values.minimumProviderVersions }}"
6868
{{- end }}
69-
{{- if and (semverCompare ">= v0.0.14-0" .Values.linux.image.tag) .Values.grpcSupportedProviders }}
70-
- "--grpc-supported-providers={{ .Values.grpcSupportedProviders }}"
71-
{{- end }}
7269
{{- if and (semverCompare ">= v0.0.15-0" .Values.linux.image.tag) .Values.enableSecretRotation }}
7370
- "--enable-secret-rotation={{ .Values.enableSecretRotation }}"
7471
{{- end }}
7572
{{- if and (semverCompare ">= v0.0.15-0" .Values.linux.image.tag) .Values.rotationPollInterval }}
7673
- "--rotation-poll-interval={{ .Values.rotationPollInterval }}"
7774
{{- end }}
7875
- "--metrics-addr={{ .Values.linux.metricsAddr }}"
76+
{{- if and (semverCompare ">= v0.0.21-0" .Values.linux.image.tag) .Values.filteredWatchSecret }}
77+
- "--filtered-watch-secret={{ .Values.filteredWatchSecret }}"
78+
{{- end }}
7979
env:
8080
{{- with .Values.linux.env }}
8181
{{- toYaml . | nindent 10 }}

charts/secrets-store-csi-driver/values.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ linux:
22
enabled: true
33
image:
44
repository: k8s.gcr.io/csi-secrets-store/driver
5-
tag: v0.0.20
5+
tag: v0.0.21
66
pullPolicy: Always
77

88
driver:
@@ -63,7 +63,7 @@ windows:
6363
enabled: false
6464
image:
6565
repository: k8s.gcr.io/csi-secrets-store/driver
66-
tag: v0.0.20
66+
tag: v0.0.21
6767
pullPolicy: IfNotPresent
6868

6969
driver:
@@ -144,11 +144,11 @@ syncSecret:
144144
## e.g. provider1=0.0.2,provider2=0.0.3
145145
minimumProviderVersions:
146146

147-
## ; delimited list of providers that support grpc for driver-provider [alpha]
148-
grpcSupportedProviders: gcp;azure;vault;
149-
150147
## Enable secret rotation feature [alpha]
151148
enableSecretRotation: false
152149

153150
## Secret rotation poll interval duration
154151
rotationPollInterval:
152+
153+
## Filtered watch nodePublishSecretRef secrets
154+
filteredWatchSecret: false

deploy/csidriver-1.15.yaml

Lines changed: 0 additions & 7 deletions
This file was deleted.

deploy/secrets-store-csi-driver-windows.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,15 +42,15 @@ spec:
4242
cpu: 10m
4343
memory: 20Mi
4444
- name: secrets-store
45-
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.20
45+
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.21
4646
args:
4747
- "--endpoint=$(CSI_ENDPOINT)"
4848
- "--nodeid=$(KUBE_NODE_NAME)"
4949
- "--provider-volume=C:\\k\\secrets-store-csi-providers"
5050
- "--metrics-addr=:8095"
51-
- "--grpc-supported-providers=azure;"
5251
- "--enable-secret-rotation=false"
5352
- "--rotation-poll-interval=2m"
53+
- "--filtered-watch-secret=false"
5454
env:
5555
- name: CSI_ENDPOINT
5656
value: unix://C:\\csi\\csi.sock

deploy/secrets-store-csi-driver.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,15 +42,15 @@ spec:
4242
cpu: 10m
4343
memory: 20Mi
4444
- name: secrets-store
45-
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.20
45+
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.21
4646
args:
4747
- "--endpoint=$(CSI_ENDPOINT)"
4848
- "--nodeid=$(KUBE_NODE_NAME)"
4949
- "--provider-volume=/etc/kubernetes/secrets-store-csi-providers"
5050
- "--metrics-addr=:8095"
51-
- "--grpc-supported-providers=gcp;azure;vault;"
5251
- "--enable-secret-rotation=false"
5352
- "--rotation-poll-interval=2m"
53+
- "--filtered-watch-secret=false"
5454
env:
5555
- name: CSI_ENDPOINT
5656
value: unix:///csi/csi.sock

docs/book/src/load-tests.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ As of Secrets Store CSI Driver `v0.0.21`, the memory consumption for the driver
6161
If the secret rotation feature is enabled and filtered secret watch is not enabled, it'll cache Kubernetes secrets across all namespaces. To only cache the secrets with the above 2 labels:
6262

6363
1. Label all existing `nodePublishSecretRef` secrets with `secrets-store.csi.k8s.io/used=true` by running `kubectl label secret <node publish secret ref name> secrets-store.csi.k8s.io/used=true`.
64-
2. Enable filtered secret watch by setting `--filtered-secret-watch=true` in `secrets-store` container or via helm using `--set filteredSecretWatch=true`.
64+
2. Enable filtered secret watch by setting `--filtered-watch-secret=true` in `secrets-store` container or via helm using `--set filteredWatchSecret=true`.
6565

66-
**NOTE:** `--filtered-secret-watch=true` will be enabled by default in n+3 releases (`v0.0.25`). Please take the necessary action to label the `nodePublishSecretRef` secrets with the `secrets-store.csi.k8s.io/used=true` label.
66+
**NOTE:** `--filtered-watch-secret=true` will be enabled by default in n+3 releases (`v0.0.25`). Please take the necessary action to label the `nodePublishSecretRef` secrets with the `secrets-store.csi.k8s.io/used=true` label.
6767
</aside>

manifest_staging/charts/secrets-store-csi-driver/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
apiVersion: v1
22
name: secrets-store-csi-driver
3-
version: 0.0.20
4-
appVersion: 0.0.20
3+
version: 0.0.21
4+
appVersion: 0.0.21
55
kubeVersion: ">=1.16.0-0"
66
description: A Helm chart to install the SecretsStore CSI Driver inside a Kubernetes cluster.
77
icon: https://github.com/kubernetes/kubernetes/blob/master/logo/logo.png

manifest_staging/charts/secrets-store-csi-driver/README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
2525
| `fullnameOverride` | String to fully override secrets-store-csi-driver.fullname template with a string | `""` |
2626
| `linux.image.repository` | Linux image repository | `k8s.gcr.io/csi-secrets-store/driver` |
2727
| `linux.image.pullPolicy` | Linux image pull policy | `Always` |
28-
| `linux.image.tag` | Linux image tag | `v0.0.20` |
28+
| `linux.image.tag` | Linux image tag | `v0.0.21` |
2929
| `linux.driver.resources` | The resource request/limits for the linux secrets-store container image | `limits: 200m CPU, 200Mi; requests: 50m CPU, 100Mi` |
3030
| `linux.enabled` | Install secrets store csi driver on linux nodes | true |
3131
| `linux.kubeletRootDir` | Configure the kubelet root dir | `/var/lib/kubelet` |
@@ -50,7 +50,7 @@ The following table lists the configurable parameters of the csi-secrets-store-p
5050
| `linux.updateStrategy` | Configure a custom update strategy for the daemonset on linux nodes | `RollingUpdate with 1 maxUnavailable` |
5151
| `windows.image.repository` | Windows image repository | `k8s.gcr.io/csi-secrets-store/driver` |
5252
| `windows.image.pullPolicy` | Windows image pull policy | `IfNotPresent` |
53-
| `windows.image.tag` | Windows image tag | `v0.0.20` |
53+
| `windows.image.tag` | Windows image tag | `v0.0.21` |
5454
| `windows.driver.resources` | The resource request/limits for the windows secrets-store container image | `limits: 400m CPU, 400Mi; requests: 50m CPU, 100Mi` |
5555
| `windows.enabled` | Install secrets store csi driver on windows nodes | false |
5656
| `windows.kubeletRootDir` | Configure the kubelet root dir | `C:\var\lib\kubelet` |

manifest_staging/charts/secrets-store-csi-driver/values.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ linux:
22
enabled: true
33
image:
44
repository: k8s.gcr.io/csi-secrets-store/driver
5-
tag: v0.0.20
5+
tag: v0.0.21
66
pullPolicy: Always
77

88
driver:
@@ -63,7 +63,7 @@ windows:
6363
enabled: false
6464
image:
6565
repository: k8s.gcr.io/csi-secrets-store/driver
66-
tag: v0.0.20
66+
tag: v0.0.21
6767
pullPolicy: IfNotPresent
6868

6969
driver:

manifest_staging/deploy/secrets-store-csi-driver-windows.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,15 +42,15 @@ spec:
4242
cpu: 10m
4343
memory: 20Mi
4444
- name: secrets-store
45-
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.20
45+
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.21
4646
args:
4747
- "--endpoint=$(CSI_ENDPOINT)"
4848
- "--nodeid=$(KUBE_NODE_NAME)"
4949
- "--provider-volume=C:\\k\\secrets-store-csi-providers"
5050
- "--metrics-addr=:8095"
5151
- "--enable-secret-rotation=false"
5252
- "--rotation-poll-interval=2m"
53-
- "--filtered-secret-watch=false"
53+
- "--filtered-watch-secret=false"
5454
env:
5555
- name: CSI_ENDPOINT
5656
value: unix://C:\\csi\\csi.sock

manifest_staging/deploy/secrets-store-csi-driver.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,15 +42,15 @@ spec:
4242
cpu: 10m
4343
memory: 20Mi
4444
- name: secrets-store
45-
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.20
45+
image: k8s.gcr.io/csi-secrets-store/driver:v0.0.21
4646
args:
4747
- "--endpoint=$(CSI_ENDPOINT)"
4848
- "--nodeid=$(KUBE_NODE_NAME)"
4949
- "--provider-volume=/etc/kubernetes/secrets-store-csi-providers"
5050
- "--metrics-addr=:8095"
5151
- "--enable-secret-rotation=false"
5252
- "--rotation-poll-interval=2m"
53-
- "--filtered-secret-watch=false"
53+
- "--filtered-watch-secret=false"
5454
env:
5555
- name: CSI_ENDPOINT
5656
value: unix:///csi/csi.sock

0 commit comments

Comments
 (0)