diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8ee4b01a..db380e60 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -67,15 +67,6 @@ jobs: with: fetch-depth: 0 - - name: downgrade helm - shell: bash - run: | - rm /usr/local/bin/helm - curl -fsSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > /tmp/helm.sh - chmod +x /tmp/helm.sh - /tmp/helm.sh --version v3.12.3 - helm version - - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 diff --git a/charts/blaze/Chart.yaml b/charts/blaze/Chart.yaml index 1bdf9363..a1298cd2 100644 --- a/charts/blaze/Chart.yaml +++ b/charts/blaze/Chart.yaml @@ -12,7 +12,7 @@ maintainers: - name: miracum deprecated: false kubeVersion: ">= 1.19.0" -version: 0.3.4 +version: 0.3.5 appVersion: "0.x" annotations: artifacthub.io/license: Apache-2.0 @@ -25,4 +25,8 @@ annotations: # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update docker.io/curlimages/curl docker tag to v8.3.0 + description: updated ghcr.io/samply/blaze image tag to v0.22.3 + - kind: changed + description: update docker.io/curlimages/curl docker tag to v8.4.0 + - kind: changed + description: refreshed docs with latest helm-docs diff --git a/charts/blaze/values.yaml b/charts/blaze/values.yaml index 5c3e659c..545a6687 100644 --- a/charts/blaze/values.yaml +++ b/charts/blaze/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: registry: ghcr.io repository: samply/blaze - tag: 0.22.1@sha256:aea9042a0b84aeba5e128ee1a14f1c7c1e5bf88096656e53015039c22b198c43 + tag: 0.22.3@sha256:4c5c30290c06045b58aecf6e7c071ae05c5d677e9e687be71fad51eb31579f48 pullPolicy: IfNotPresent # -- set the server base URL. Evaluated as a template. Equivalent to setting the `BASE_URL` environment variable. @@ -152,7 +152,7 @@ curl: image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af # -- configuration for the server persistence persistence: diff --git a/charts/cloudera-hue/Chart.yaml b/charts/cloudera-hue/Chart.yaml index 07925a48..15059c8d 100644 --- a/charts/cloudera-hue/Chart.yaml +++ b/charts/cloudera-hue/Chart.yaml @@ -17,7 +17,7 @@ dependencies: version: 12.5.6 repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql.enabled -version: 0.1.3 +version: 0.1.4 appVersion: "4.11.0" annotations: artifacthub.io/license: Apache-2.0 @@ -31,4 +31,6 @@ annotations: # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update docker.io/curlimages/curl docker tag to v8.3.0 + description: update docker.io/curlimages/curl docker tag to v8.4.0 + - kind: changed + description: refreshed docs with latest helm-docs diff --git a/charts/cloudera-hue/README.md b/charts/cloudera-hue/README.md index 89e340ca..eb5efec3 100644 --- a/charts/cloudera-hue/README.md +++ b/charts/cloudera-hue/README.md @@ -1,6 +1,6 @@ # cloudera-hue -![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.11.0](https://img.shields.io/badge/AppVersion-4.11.0-informational?style=flat-square) +![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.11.0](https://img.shields.io/badge/AppVersion-4.11.0-informational?style=flat-square) A Helm chart for deploying Cloudera Hue. diff --git a/charts/cloudera-hue/values.yaml b/charts/cloudera-hue/values.yaml index dfc0d48b..7b574fe3 100644 --- a/charts/cloudera-hue/values.yaml +++ b/charts/cloudera-hue/values.yaml @@ -155,7 +155,7 @@ curl: # +doc-gen:ignore image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af database: # -- database hostname of an external database. Only used if `postgresql.enabled` is set to `false`. diff --git a/charts/datashield/Chart.yaml b/charts/datashield/Chart.yaml index 8e21ecb2..9733f8f5 100644 --- a/charts/datashield/Chart.yaml +++ b/charts/datashield/Chart.yaml @@ -20,7 +20,7 @@ dependencies: condition: postgresql.enabled deprecated: false kubeVersion: ">= 1.19.0" -version: 0.5.2 +version: 0.5.3 annotations: artifacthub.io/license: Apache-2.0 artifacthub.io/containsSecurityUpdates: "false" @@ -32,4 +32,8 @@ annotations: # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update docker.io/curlimages/curl docker tag to v8.3.0 + description: update docker.io/curlimages/curl docker tag to v8.4.0 + - kind: changed + description: refreshed docs with latest helm-docs + - kind: changed + description: updated docker.io/obiba/opal:4.6 image digest to 79782ac diff --git a/charts/datashield/values.yaml b/charts/datashield/values.yaml index a3dc747b..2a7c06ba 100644 --- a/charts/datashield/values.yaml +++ b/charts/datashield/values.yaml @@ -12,7 +12,7 @@ opal: image: registry: docker.io repository: obiba/opal - tag: 4.6@sha256:0cff692fae7033789e65fb2661a2515d9cbb999e2e741a0a39b769e5c57dc343 + tag: 4.6@sha256:79782ac5b921535bfcdee141b7045e978a1e983bef924324445db14159d47909 pullPolicy: IfNotPresent auth: @@ -364,7 +364,7 @@ curl: image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af tests: # -- configure the test pods resource requests and limits diff --git a/charts/fhir-gateway/Chart.yaml b/charts/fhir-gateway/Chart.yaml index b2c0a36f..4e236e13 100644 --- a/charts/fhir-gateway/Chart.yaml +++ b/charts/fhir-gateway/Chart.yaml @@ -14,12 +14,14 @@ dependencies: condition: fhir-pseudonymizer.enabled version: 0.5.6 repository: oci://ghcr.io/miracum/charts -version: 6.0.18 +version: 6.0.19 annotations: # When using the list of objects option the valid supported kinds are # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update fhir-pseudonymizer subchart to 0.5.6 + description: update docker.io/curlimages/curl docker tag to v8.4.0 - kind: changed - description: update ghcr.io/miracum/fhir-gateway docker tag to v3.12.2 + description: refreshed docs with latest helm-docs + - kind: changed + description: fixed missing seccompProfile in initContainer diff --git a/charts/fhir-gateway/templates/gateway-deployment.yaml b/charts/fhir-gateway/templates/gateway-deployment.yaml index 08c29996..e2d8496e 100644 --- a/charts/fhir-gateway/templates/gateway-deployment.yaml +++ b/charts/fhir-gateway/templates/gateway-deployment.yaml @@ -37,16 +37,10 @@ spec: - name: wait-for-db image: {{ include "fhir-gateway.waitforDB.image" . }} imagePullPolicy: {{ .Values.waitForPostgresInitContainer.image.pullPolicy }} + {{- with .Values.restrictedContainerSecurityContext }} securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - privileged: false - capabilities: - drop: - - ALL - runAsNonRoot: true - runAsUser: 1001 - runAsGroup: 1001 + {{- toYaml . | nindent 12 }} + {{- end }} env: - name: PGHOST value: {{ include "fhir-gateway.postgresql.host" $ | quote }} diff --git a/charts/fhir-gateway/values.yaml b/charts/fhir-gateway/values.yaml index 67d11088..aab4b511 100644 --- a/charts/fhir-gateway/values.yaml +++ b/charts/fhir-gateway/values.yaml @@ -324,7 +324,7 @@ curl: # +doc-gen:ignore image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af # container security context applied to init containers used by the query, list, and notify modules. # also used by the Helm test job pods diff --git a/charts/fhir-pseudonymizer/Chart.yaml b/charts/fhir-pseudonymizer/Chart.yaml index ff38d774..9791a6a1 100644 --- a/charts/fhir-pseudonymizer/Chart.yaml +++ b/charts/fhir-pseudonymizer/Chart.yaml @@ -10,7 +10,7 @@ dependencies: version: 1.2.7 repository: oci://ghcr.io/miracum/charts condition: vfps.enabled -version: 0.5.6 +version: 0.5.7 annotations: artifacthub.io/license: Apache-2.0 artifacthub.io/containsSecurityUpdates: "false" @@ -22,4 +22,6 @@ annotations: # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update ghcr.io/miracum/fhir-pseudonymizer docker tag to v2.21.0 + description: update docker.io/curlimages/curl docker tag to v8.4.0 + - kind: changed + description: refreshed docs with latest helm-docs diff --git a/charts/fhir-pseudonymizer/values.yaml b/charts/fhir-pseudonymizer/values.yaml index 9a4e4ce4..4619e25b 100644 --- a/charts/fhir-pseudonymizer/values.yaml +++ b/charts/fhir-pseudonymizer/values.yaml @@ -224,7 +224,7 @@ curl: # +doc-gen:ignore image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af # container security context applied to init containers and the Helm test pods restrictedContainerSecurityContext: # +doc-gen:ignore diff --git a/charts/stream-processors/Chart.yaml b/charts/stream-processors/Chart.yaml index 87c96735..e79068a6 100644 --- a/charts/stream-processors/Chart.yaml +++ b/charts/stream-processors/Chart.yaml @@ -8,7 +8,7 @@ keywords: - kafka - strimzi kafka operator - stream processing -version: 1.2.0 +version: 1.2.1 annotations: artifacthub.io/recommendations: | - url: https://artifacthub.io/packages/helm/strimzi/strimzi-kafka-operator @@ -16,5 +16,5 @@ annotations: artifacthub.io/changes: | # When using the list of objects option the valid supported kinds are # added, changed, deprecated, removed, fixed and security. - - kind: added - description: "Added deployment strategy type template with default RollingUpdate" + - kind: changed + description: refreshed docs with latest helm-docs diff --git a/charts/vfps/Chart.yaml b/charts/vfps/Chart.yaml index 67ef175f..9a85fa67 100644 --- a/charts/vfps/Chart.yaml +++ b/charts/vfps/Chart.yaml @@ -20,7 +20,7 @@ dependencies: condition: postgresql.enabled deprecated: false kubeVersion: ">= 1.19.0" -version: 1.2.7 +version: 1.2.8 appVersion: "1.x" annotations: artifacthub.io/license: Apache-2.0 @@ -37,4 +37,6 @@ annotations: # added, changed, deprecated, removed, fixed and security. artifacthub.io/changes: | - kind: changed - description: update docker.io/curlimages/curl docker tag to v8.3.0 + description: update docker.io/curlimages/curl docker tag to v8.4.0 + - kind: changed + description: refreshed docs with latest helm-docs diff --git a/charts/vfps/values.yaml b/charts/vfps/values.yaml index b8e4bc20..42154d10 100644 --- a/charts/vfps/values.yaml +++ b/charts/vfps/values.yaml @@ -224,7 +224,7 @@ curl: image: registry: docker.io repository: curlimages/curl - tag: 8.3.0@sha256:961cf9e2a1939ea380b3f16e313a581b5d4681dd9dc4b1ace060eb396a71df0d + tag: 8.4.0@sha256:4a3396ae573c44932d06ba33f8696db4429c419da87cbdc82965ee96a37dd0af # -- a JSON configuration object which is mounted as `appsettings.Production.json` inside the container. # useful to define namespaces to create as part of the application startup.