From 40160a3c5007fe861a4e29c545e83db25ed96784 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Tue, 3 Sep 2024 13:41:19 +0000 Subject: [PATCH 01/12] Setting latest tag in intents-operator helm chart repo to v2.0.19 --- intents-operator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/intents-operator/Chart.yaml b/intents-operator/Chart.yaml index c13dba49..bf5b0898 100644 --- a/intents-operator/Chart.yaml +++ b/intents-operator/Chart.yaml @@ -3,7 +3,7 @@ name: intents-operator description: Otterize intents operator type: application version: 3.0.32 -appVersion: v2.0.18 +appVersion: v2.0.19 home: https://github.com/otterize/intents-operator sources: - https://github.com/otterize/intents-operator From 29c4e9f33067cb694f6b28ec62e07e23358bf322 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Tue, 3 Sep 2024 13:41:33 +0000 Subject: [PATCH 02/12] Bump chart versions [nobump] --- intents-operator/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/intents-operator/Chart.yaml b/intents-operator/Chart.yaml index bf5b0898..1307a013 100644 --- a/intents-operator/Chart.yaml +++ b/intents-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: intents-operator description: Otterize intents operator type: application -version: 3.0.32 +version: 3.0.33 appVersion: v2.0.19 home: https://github.com/otterize/intents-operator sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index ec41d020..5b09fd44 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.28 +version: 4.0.29 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: From c35447bf9d4b1e79c397f8465e58a4a1b4d69f1d Mon Sep 17 00:00:00 2001 From: otterizebot Date: Wed, 4 Sep 2024 08:59:56 +0000 Subject: [PATCH 03/12] Setting latest tag in credentials-operator helm chart repo to v3.0.3 --- credentials-operator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/credentials-operator/Chart.yaml b/credentials-operator/Chart.yaml index 3de858a1..5091c8de 100644 --- a/credentials-operator/Chart.yaml +++ b/credentials-operator/Chart.yaml @@ -3,7 +3,7 @@ name: credentials-operator description: credentials-operator type: application version: 3.0.6 -appVersion: v3.0.2 +appVersion: v3.0.3 home: https://github.com/otterize/credentials-operator sources: - https://github.com/otterize/credentials-operator From 5a08f04173385ab1f81244b3217258e3c7a55f3e Mon Sep 17 00:00:00 2001 From: otterizebot Date: Wed, 4 Sep 2024 09:00:09 +0000 Subject: [PATCH 04/12] Bump chart versions [nobump] --- credentials-operator/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/credentials-operator/Chart.yaml b/credentials-operator/Chart.yaml index 5091c8de..c021b87c 100644 --- a/credentials-operator/Chart.yaml +++ b/credentials-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: credentials-operator description: credentials-operator type: application -version: 3.0.6 +version: 3.0.7 appVersion: v3.0.3 home: https://github.com/otterize/credentials-operator sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index 5b09fd44..045e6398 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.29 +version: 4.0.30 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: From 28802aae798ee7a932c6b3dd6f9bb456e5dac8f0 Mon Sep 17 00:00:00 2001 From: Amit Lichtenberg Date: Sun, 8 Sep 2024 15:38:37 +0300 Subject: [PATCH 05/12] Rollback network-mapper to version v2.0.7 (#245) --- network-mapper/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network-mapper/Chart.yaml b/network-mapper/Chart.yaml index 4a3de53c..f41e27e1 100644 --- a/network-mapper/Chart.yaml +++ b/network-mapper/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: network-mapper type: application version: 2.0.20 -appVersion: v2.0.8 +appVersion: v2.0.7 home: https://github.com/otterize/network-mapper sources: - https://github.com/otterize/network-mapper From 76b4985d5048080fb154dc14f5d899bc32dcf865 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sun, 8 Sep 2024 12:38:50 +0000 Subject: [PATCH 06/12] Bump chart versions [nobump] --- network-mapper/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/network-mapper/Chart.yaml b/network-mapper/Chart.yaml index f41e27e1..47e74cad 100644 --- a/network-mapper/Chart.yaml +++ b/network-mapper/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: network-mapper type: application -version: 2.0.20 +version: 2.0.21 appVersion: v2.0.7 home: https://github.com/otterize/network-mapper sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index 045e6398..3117ab37 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.30 +version: 4.0.31 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: From 571bc24f4362eae3cf8aff1058acc7a6da3b71c5 Mon Sep 17 00:00:00 2001 From: Ori Shoshan Date: Sat, 14 Sep 2024 18:41:17 +0300 Subject: [PATCH 07/12] Document ingressControllerAWSALBExempt --- intents-operator/README.md | 1 + otterize-kubernetes/README.md | 1 + 2 files changed, 2 insertions(+) diff --git a/intents-operator/README.md b/intents-operator/README.md index a05664d6..60c9871e 100644 --- a/intents-operator/README.md +++ b/intents-operator/README.md @@ -38,6 +38,7 @@ | `operator.enableKafkaACLCreation` | Whether the operator should create Kafka ACL rules according to ClientIntents of type Kafka | `true` | | `operator.enableIstioPolicyCreation` | Whether the operator should create Istio authorization policies according to ClientIntents | `true` | | `operator.ingressControllerConfigs` | Restricts the automatically created external traffic network policies to only allow access to an ingress controller within the cluster. Only relevant if you use an in-cluster ingress controller, such as nginx or HAProxy. A list of objects with keys `name`, `namespace` and `kind`, such as `ingress-nginx-controller`, `nginx` and `Deployment`. | `(none)` | +| `operator.ingressControllerAWSALBExempt` | If set to true, the operator will allow all traffic if an Ingress is managed by the AWS ALB Ingress Controller. | `false` | | `operator.allowExternalTraffic` | `ifBlockedByOtterize`, `off` or `always` (this option is **experimental**). Specify how the operator handles external traffic for Ingress/Service resources: `ifBlockedByOtterize` automatically create network policies to enable internet traffic for services that would be blocked by Otterize network policies when protecting a server. Choosing `off` may necessitate manual network policy creation to allow external traffic, while `always` automatically creates policies for all such resource that are visible to the operator. | `ifBlockedByOtterize` | | `operator.resources` | Resources override. | | | `operator.enableDatabasePolicyCreation` | Whether the operator should create database policies according to ClientIntents | `true` | diff --git a/otterize-kubernetes/README.md b/otterize-kubernetes/README.md index 60ce9b12..531ffc73 100644 --- a/otterize-kubernetes/README.md +++ b/otterize-kubernetes/README.md @@ -81,6 +81,7 @@ Further information about intents-operator parameters can be found [in the Inten | `intentsOperator.operator.enableKafkaACLCreation` | Whether the operator should create Kafka ACL rules according to the ClientIntents of type Kafka | `true` | | `intentsOperator.operator.enableIstioPolicyCreation` | Whether the operator should create Istio authorization policies according to ClientIntents | `true` | | `intentsOperator.operator.ingressControllerConfigs` | Restricts the automatically created external traffic network policies to only allow access to an ingress controller within the cluster. Only relevant if you use an in-cluster ingress controller, such as nginx or HAProxy. A list of objects with keys `name`, `namespace` and `kind`, such as `ingress-nginx-controller`, `nginx` and `Deployment`. | `(none)` | +| `intentsOperator.operator.ingressControllerAWSALBExempt` | If set to true, the operator will allow all traffic if an Ingress is managed by the AWS ALB Ingress Controller. | `false` | | `intentsOperator.operator.allowExternalTraffic` | `ifBlockedByOtterize`, `off` or `always` (this option is **experimental**). Specify how the operator handles external traffic for Ingress/Service resources: `ifBlockedByOtterize` automatically create network policies to enable internet traffic for services that would be blocked by Otterize network policies when protecting a server. Choosing `off` may necessitate manual network policy creation to allow external traffic, while `always` automatically creates policies for all such resource that are visible to the operator. | `ifBlockedByOtterize` | | `intentsOperator.watchedNamespaces` | List of namespaces the intents operator should watch. The operator will be blind to any namespace not in this list. | `(nil) meaning watch all` | | `intentsOperator.enforcedNamespaces` | When using "shadow enforcement" mode, namespaces in this list will be treated as if the enforcement were active. | `(nil) means no namespace will be active on shadow mode` | From 8d23d853576d5d752237d300304394b7c777fed3 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sat, 14 Sep 2024 15:41:45 +0000 Subject: [PATCH 08/12] Bump chart versions [nobump] --- intents-operator/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/intents-operator/Chart.yaml b/intents-operator/Chart.yaml index 1307a013..e53bd3b0 100644 --- a/intents-operator/Chart.yaml +++ b/intents-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: intents-operator description: Otterize intents operator type: application -version: 3.0.33 +version: 3.0.34 appVersion: v2.0.19 home: https://github.com/otterize/intents-operator sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index 3117ab37..fd17fcd7 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.31 +version: 4.0.32 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: From cc16a6e552334311e9c9646e7308d7aa7cf2cd6f Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sun, 15 Sep 2024 15:54:17 +0000 Subject: [PATCH 09/12] Setting latest tag in credentials-operator helm chart repo to v3.0.4 --- credentials-operator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/credentials-operator/Chart.yaml b/credentials-operator/Chart.yaml index c021b87c..7b26dfa5 100644 --- a/credentials-operator/Chart.yaml +++ b/credentials-operator/Chart.yaml @@ -3,7 +3,7 @@ name: credentials-operator description: credentials-operator type: application version: 3.0.7 -appVersion: v3.0.3 +appVersion: v3.0.4 home: https://github.com/otterize/credentials-operator sources: - https://github.com/otterize/credentials-operator From 63d168f2d5c219fb14ac8c3e2f3543eef69f1fb1 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sun, 15 Sep 2024 15:54:32 +0000 Subject: [PATCH 10/12] Bump chart versions [nobump] --- credentials-operator/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/credentials-operator/Chart.yaml b/credentials-operator/Chart.yaml index 7b26dfa5..d081885d 100644 --- a/credentials-operator/Chart.yaml +++ b/credentials-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: credentials-operator description: credentials-operator type: application -version: 3.0.7 +version: 3.0.8 appVersion: v3.0.4 home: https://github.com/otterize/credentials-operator sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index fd17fcd7..b826a544 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.32 +version: 4.0.33 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: From 77554c45af189d8312e60f565e83e165c0fe3209 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sun, 15 Sep 2024 15:55:17 +0000 Subject: [PATCH 11/12] Setting latest tag in intents-operator helm chart repo to v2.0.20 --- intents-operator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/intents-operator/Chart.yaml b/intents-operator/Chart.yaml index e53bd3b0..a34edbd9 100644 --- a/intents-operator/Chart.yaml +++ b/intents-operator/Chart.yaml @@ -3,7 +3,7 @@ name: intents-operator description: Otterize intents operator type: application version: 3.0.34 -appVersion: v2.0.19 +appVersion: v2.0.20 home: https://github.com/otterize/intents-operator sources: - https://github.com/otterize/intents-operator From 5d353493b2dc0a0c0066649ae12b723761373907 Mon Sep 17 00:00:00 2001 From: otterizebot Date: Sun, 15 Sep 2024 15:55:31 +0000 Subject: [PATCH 12/12] Bump chart versions [nobump] --- intents-operator/Chart.yaml | 2 +- otterize-kubernetes/Chart.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/intents-operator/Chart.yaml b/intents-operator/Chart.yaml index a34edbd9..624a5f43 100644 --- a/intents-operator/Chart.yaml +++ b/intents-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: intents-operator description: Otterize intents operator type: application -version: 3.0.34 +version: 3.0.35 appVersion: v2.0.20 home: https://github.com/otterize/intents-operator sources: diff --git a/otterize-kubernetes/Chart.yaml b/otterize-kubernetes/Chart.yaml index b826a544..b8f08002 100644 --- a/otterize-kubernetes/Chart.yaml +++ b/otterize-kubernetes/Chart.yaml @@ -3,7 +3,7 @@ name: otterize-kubernetes description: | This chart contains the Otterize credentials-operator, SPIRE (server+agent), the Otterize intents operator, and the Otterize network mapper. type: application -version: 4.0.33 +version: 4.0.34 home: https://github.com/otterize/helm-charts kubeVersion: ">=1.19.0-0" dependencies: