Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add kubelinter scans for all charts #300

Closed
wants to merge 33 commits into from
Closed

Add kubelinter scans for all charts #300

wants to merge 33 commits into from

Conversation

mdutka-dell
Copy link
Contributor

@mdutka-dell mdutka-dell commented Sep 28, 2023
edited
Loading

Is this a new chart?

No

What this PR does / why we need it:

KubeLinter analyzes Kubernetes YAML files and Helm charts and checks them against various best practices, with a focus on production readiness and security eg.:

  • running containers as a non-root user,
  • enforcing least privilege
  • storing sensitive information only in secrets.

Which issue(s) is this PR associated with:

  • #Issue_Number

Special notes for your reviewer:

Checklist:

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • Chart Version bumped
  • Variables are documented in the chart README.md
  • Title of the PR starts with the chart name (e.g. [charts_dir/mychartname]) if applicable

@mdutka-dell mdutka-dell marked this pull request as draft September 28, 2023 12:04
@tdawe tdawe changed the base branch from old-release-v1.9.0 to release-v1.9.0 December 13, 2023 16:21
suryagupta4 and others added 6 commits December 13, 2023 16:14
@suryagupta4 @tdawe
[charts/csi-powerstore] Add PowerStore v2.9.0 support & sidecar versi…
4857f66 
…on update (#303)

* powerstore v2.9.0 support

* sidecar version update
@VamsiSiddu-7 @tdawe
csi-powerflex v2.9.0 changes. (#308)
cfa8c9a
@panigs7 @tdawe
Bump up observability version for CSM 1.9 (#314)
27ef03e 
* Bump-up observability version for CSM 1.9

* add patch verb to powerscale

* Add codeowners
@VamsiSiddu-7 @tdawe
update attacher sidecar for powerflex and powerstore. (#315)
6969558
@coulof @tdawe
[charts/csi-powerstore] Centralize all images to one place (#310)
bff49b9 
* One place to configure all images
* Use latest versions of CSI official sidecars
* Set Default container to the driver and avoid podmon logs by default
* Fix annotation and remove driverVersion
@coulof @tdawe
[charts/csi-powerflex] Centralize all images to one place #263 (#311)
032c152 
* Centralize all images to one place

* Use latest CSI sidecars and default container to driver

* Add default annotation

* Use bleeding edge helm validation action to workaround cosign issue
coulof and others added 22 commits December 13, 2023 16:14
@coulof @tdawe
[charts/csi-powermax] Container images in one place (#309)
66095d9 
* One place to configure all images
* Fix the csi provisioner to use the full name
* Use latest versions of CSI official sidecars
@boyamurthy @tdawe
Removing linked proxy mode for proxy (#301)
0de2d39
@boyamurthy @tdawe
Updatting latest sidecars for Powermax (#319)
dc8d7f9
@atye @KshitijaKakde
@coulof @khareRajshree @suryagupta4 @aqu-dell @alikdell @alankar-verma @VamsiSiddu-7 @tdawe
[charts/powerscale] Powerscale driver images in one place (#313)
7e9abd6 
* PowerFlex v2.8.0 release (#250)

* PowerFlex  SDC  updated (#251)

* Centralized images

* minor typo fixed (#258)

* powerstore v2.8.0 & k8s 1.28 support (#262)

* update auth to 1.8 (#271)

* update auth to 1.8

Signed-off-by: arnchiequ-dell <arnchie.qu@dell.com>

* Updating podmon to 1.7

Signed-off-by: arnchiequ-dell <arnchie.qu@dell.com>

* Update Observability values file for Authorization sidecar image version

---------

Signed-off-by: arnchiequ-dell <arnchie.qu@dell.com>
Co-authored-by: Alik Saring <alik.saring@dell.com>

* Adding CSI Powerstore driver’s effective pod security profile for supporting ephemeral volumes as part of Openshift 4.13 support (#261)

Co-authored-by: Surya Gupta <109594002+suryagupta4@users.noreply.github.com>

* removed externalAccess from powerflex manifests. (#283)

* Revert "Adding CSI Powerstore driver’s effective pod security profile for supporting ephemeral volumes as part of Openshift 4.13 support (#261)" (#284)

This reverts commit c1dd93b.

* NFS ACL parameter removed (#289)

* fix values

---------

Signed-off-by: arnchiequ-dell <arnchie.qu@dell.com>
Co-authored-by: KshitijaKakde <111420075+KshitijaKakde@users.noreply.github.com>
Co-authored-by: coulof <florian.coulombel@dell.com>
Co-authored-by: Rajshree Khare <69839943+khareRajshree@users.noreply.github.com>
Co-authored-by: Surya Gupta <109594002+suryagupta4@users.noreply.github.com>
Co-authored-by: aqu-dell <108017114+arnchiequ-dell@users.noreply.github.com>
Co-authored-by: Alik Saring <alik.saring@dell.com>
Co-authored-by: alankar-verma <125348121+alankar-verma@users.noreply.github.com>
Co-authored-by: VamsiSiddu-7 <103578883+VamsiSiddu-7@users.noreply.github.com>
@atye @KshitijaKakde
@coulof @alankar-verma @suryagupta4 @VamsiSiddu-7 @panigs7 @tdawe
[charts/csi-unity] Centralize all images to one place (#312)
8eb4974 
* PowerFlex v2.8.0 release (#250)

* Centralized images

* Adding CSI Powerstore driver’s effective pod security profile for supporting ephemeral volumes as part of Openshift 4.13 support (#261)

Co-authored-by: Surya Gupta <109594002+suryagupta4@users.noreply.github.com>

* removed externalAccess from powerflex manifests. (#283)

* Revert "Adding CSI Powerstore driver’s effective pod security profile for supporting ephemeral volumes as part of Openshift 4.13 support (#261)" (#284)

This reverts commit c1dd93b.

* Bump sidecars versions

* Bump up observability version for CSM 1.9 (#314)

* Bump-up observability version for CSM 1.9

* add patch verb to powerscale

* Add codeowners

* update attacher sidecar for powerflex and powerstore. (#315)

* [charts/csi-powerstore] Centralize all images to one place (#310)

* One place to configure all images
* Use latest versions of CSI official sidecars
* Set Default container to the driver and avoid podmon logs by default
* Fix annotation and remove driverVersion

* [charts/csi-powerflex] Centralize all images to one place #263 (#311)

* Centralize all images to one place

* Use latest CSI sidecars and default container to driver

* Add default annotation

* Use bleeding edge helm validation action to workaround cosign issue

* [charts/csi-powermax] Container images in one place (#309)

* One place to configure all images
* Fix the csi provisioner to use the full name
* Use latest versions of CSI official sidecars

* remove duplicate podmon image

---------

Co-authored-by: KshitijaKakde <111420075+KshitijaKakde@users.noreply.github.com>
Co-authored-by: coulof <florian.coulombel@dell.com>
Co-authored-by: alankar-verma <125348121+alankar-verma@users.noreply.github.com>
Co-authored-by: Surya Gupta <109594002+suryagupta4@users.noreply.github.com>
Co-authored-by: VamsiSiddu-7 <103578883+VamsiSiddu-7@users.noreply.github.com>
Co-authored-by: coulof <49235405+coulof@users.noreply.github.com>
Co-authored-by: panigs7 <92028646+panigs7@users.noreply.github.com>
@atye @tdawe
[charts/csi-powerscale]: Remove duplicate images (#320)
bfdda71 
* remove duplicate images

* auth 1.8
@coulof @tdawe
New images location (#316)
9d30852
@shaynafinocchiaro @tdawe
[charts/csi-unity]: Update Unity version for CSM 1.9 (#322)
3494009 
* add unity v2.9.0 support

* remove image description
@xuluna @tdawe
bump up version (#323)
c57342b
@suryagupta4 @tdawe
adding noderoot mount path (#324)
867d61e
@KshitijaKakde @tdawe
changed sdc version (#325)
1901d83
@adarsh-dell @tdawe
sidecars version update for powerstore and powerflex (#326)
1b587ce
@PeresKereotubo @tdawe
updating sidecar image version (#328)
e93583d
@adarsh-dell @tdawe
Revert "changed sdc version (#325)" (#329)
14a3f8f 
This reverts commit 543cbdc.
@AkshaySainiDell @tdawe
Update VGS version to 1.4.0 (#331)
2d192f1
@HarishH-DELL @tdawe
Powerscale and sidecar version changes (#332)
02c5cc5 
* Powerscale and sidecar version changes

* csi-node-driver-registrar version changed to 2.9.1
@boyamurthy @tdawe
PowerMax 2.9.0 support (#321)
a183567
@boyamurthy @tdawe
Updating latest sidecars for PowerMax (#334)
6552a41
@suryagupta4 @tdawe
[charts/csi-powerflex] Added external access (#333)
58ab0f9 
* external access powerflex

* adding external access in csm chart
@tdawe
Update image tags for replication (#336)
056526d
@HarishH-DELL @tdawe
Reset CSM to release v1.9.0 to main (#338)
48e16aa
@shanmydell
Merge branch 'release-v1.9.0' into kubelinter
8baeea1
@shanmydell shanmydell changed the base branch from release-v1.9.0 to main January 9, 2024 09:32
@anandrajak1 anandrajak1 deleted the kubelinter branch October 17, 2024 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gallacher gallacher Awaiting requested review from gallacher gallacher is a code owner

@tdawe tdawe Awaiting requested review from tdawe tdawe is a code owner

@alikdell alikdell Awaiting requested review from alikdell alikdell is a code owner

@atye atye Awaiting requested review from atye atye is a code owner

@hoppea2 hoppea2 Awaiting requested review from hoppea2 hoppea2 is a code owner

@chaganti-rajitha chaganti-rajitha Awaiting requested review from chaganti-rajitha chaganti-rajitha is a code owner

@coulof coulof Awaiting requested review from coulof coulof is a code owner

@meggm meggm Awaiting requested review from meggm meggm is a code owner

@niranjan-n1 niranjan-n1 Awaiting requested review from niranjan-n1 niranjan-n1 is a code owner

@shaynafinocchiaro shaynafinocchiaro Awaiting requested review from shaynafinocchiaro shaynafinocchiaro is a code owner

@sharmilarama sharmilarama Awaiting requested review from sharmilarama sharmilarama is a code owner

@tssushma tssushma Awaiting requested review from tssushma tssushma is a code owner

@taohe1012 taohe1012 Awaiting requested review from taohe1012

@P-Cao P-Cao Awaiting requested review from P-Cao

@shanmydell shanmydell Awaiting requested review from shanmydell shanmydell is a code owner

@baoy1 baoy1 Awaiting requested review from baoy1 baoy1 is a code owner

@YianZong YianZong Awaiting requested review from YianZong YianZong is a code owner

@forrestxia forrestxia Awaiting requested review from forrestxia forrestxia is a code owner

@nitesh3108 nitesh3108 Awaiting requested review from nitesh3108 nitesh3108 will be requested when the pull request is marked ready for review nitesh3108 is a code owner

@rajendraindukuri rajendraindukuri Awaiting requested review from rajendraindukuri rajendraindukuri will be requested when the pull request is marked ready for review rajendraindukuri is a code owner

@shefali-malhotra shefali-malhotra Awaiting requested review from shefali-malhotra shefali-malhotra will be requested when the pull request is marked ready for review shefali-malhotra is a code owner

@panigs7 panigs7 Awaiting requested review from panigs7 panigs7 will be requested when the pull request is marked ready for review panigs7 is a code owner

@chimanjain chimanjain Awaiting requested review from chimanjain chimanjain will be requested when the pull request is marked ready for review chimanjain is a code owner

@HarishH-DELL HarishH-DELL Awaiting requested review from HarishH-DELL HarishH-DELL will be requested when the pull request is marked ready for review HarishH-DELL is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.