Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Add policy support to the chart #1094

Draft
wants to merge 37 commits into
base: master
Choose a base branch
from
Draft

[WIP] Add policy support to the chart #1094

wants to merge 37 commits into from

Commits on Mar 23, 2023

  1. Updates for OpenFaaS IAM 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 23, 2023
    Configuration menu
    Copy the full SHA
    df80f70 View commit details
    Browse the repository at this point in the history

Commits on Mar 24, 2023

  1. Update temporary images 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 24, 2023
    Configuration menu
    Copy the full SHA
    821f778 View commit details
    Browse the repository at this point in the history

  2. Update GW version 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 24, 2023
    Configuration menu
    Copy the full SHA
    e9aa783 View commit details
    Browse the repository at this point in the history

Commits on Mar 27, 2023

  1. Rename openid_url env variable 

    The openid_url env variable was renamed to openid_issuer on the
oidc-plugin.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Mar 27, 2023
    Configuration menu
    Copy the full SHA
    6375880 View commit details
    Browse the repository at this point in the history

  2. Add oidc-plugin RBAC 

    Add a ServiceAccount and ClusterRole required by the oics-plugin to
listen for changes on IAM objects.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Mar 27, 2023
    Configuration menu
    Copy the full SHA
    cf96d4f View commit details
    Browse the repository at this point in the history

  3. Add primary and system issuer template 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 27, 2023
    Configuration menu
    Copy the full SHA
    4ee2770 View commit details
    Browse the repository at this point in the history

  4. Grant access to JwtIssuers to faas-netes 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 27, 2023
    Configuration menu
    Copy the full SHA
    551c266 View commit details
    Browse the repository at this point in the history

  5. Remove base_host and openid_issuer from OIDC plugin 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Mar 27, 2023
    Configuration menu
    Copy the full SHA
    0ce6055 View commit details
    Browse the repository at this point in the history

Commits on Apr 6, 2023

  1. Add root-user policy for IAM 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 6, 2023
    Configuration menu
    Copy the full SHA
    719905b View commit details
    Browse the repository at this point in the history

Commits on Apr 13, 2023

  1. Update oidc provider description 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    c0335cb View commit details
    Browse the repository at this point in the history

  2. Split Prometheus rules for OpenFaaS CE and Pro 

    The goal of this commit is to simplify maintaining configurations
for Pro and CE for Prometheus.

Tested that either file was outputted via helm template with
the --show-only flag when toggling openfaasPro=true/false.

Tested e2e with CE - showing autoscaling with alert-manager
Tested e2e with Pro with Kind and hey, with autoscaling
taking place, and RAM/CPU, provider and function metrics
showing up.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    8255432 View commit details
    Browse the repository at this point in the history

  3. Separate out licensed Pro Prometheus configs 

    These are and always have been licensed code, and are not part
of OpenFaaS CE or OSS.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    8ff2995 View commit details
    Browse the repository at this point in the history

  4. Remove alertmanager from OpenFaaS Pro deployment 

    Alert manager is only used in OpenFaaS CE, remove it from the OpenFaaS
Pro deployment.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    c976ccd View commit details
    Browse the repository at this point in the history

  5. Add paremeter for signing key secret used by dashboard 

    Allows users to select the secret with the signing keys or leave blank
to have the keys generated automatically by the dashboard.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    3db4c0e View commit details
    Browse the repository at this point in the history

  6. Add dashboard warning message in openfaas chart notes 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    2f50573 View commit details
    Browse the repository at this point in the history

  7. Update OpenFaaS Dashboard to make signing key optional 

    When the signing key is not given, then a new key is generated
every time the dashboard is updated or restarted.

This is useful for dev, but we recommend creating a secret
instead.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    236ae23 View commit details
    Browse the repository at this point in the history

  8. Bump golang.org/x/net from 0.0.0-20220624214902-1bab6f366d9e to 0.7.0 

    Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220624214902-1bab6f366d9e to 0.7.0.
- [Release notes](https://github.com/golang/net/releases)
- [Commits](https://github.com/golang/net/commits/v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    25a21ad View commit details
    Browse the repository at this point in the history

  9. Upgrades for Alpine base image and external dependencies 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    4b13921 View commit details
    Browse the repository at this point in the history

  10. Remove basic-auth-plugin from chart 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    8fd7194 View commit details
    Browse the repository at this point in the history

  11. Remove basic auth plugin from chart for OpenFaaS Pro 

    The plugin is no longer required because the logic has been
brought in-process for both the OpenFaaS CE and Pro gateway.

If you have the basic-auth-plugin deployment and service
left over in your cluster, you can safely delete them after
updating your gateway CE / Pro version to the latest.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    85f1016 View commit details
    Browse the repository at this point in the history

  12. Always mount license in autoscaler 

    The OpenFaaS license was not mounted in the the autoscaler container
when basic auth is disabled in the chart. This prevented the autoscaler
from starting.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    cddb81a View commit details
    Browse the repository at this point in the history

  13. Bump actions/checkout from 2 to 3 

    Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    28b1e40 View commit details
    Browse the repository at this point in the history

  14. Bump actions/setup-go from 3.1.0 to 3.5.0 

    Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.1.0 to 3.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3.1.0...v3.5.0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    acbffee View commit details
    Browse the repository at this point in the history

  15. Additional validation for OpenFaaS CE scaling 

    A few users who haven't read the docs carefully enough were
trying to use OpenFaaS Pro scaling labels with the CE edition.

This improves the developer experience by showing them the
mistake, so they can fix it instead of raising an issue and
creating noise.

The docs cover both scaling approaches clearly along with
their labels.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    52948e7 View commit details
    Browse the repository at this point in the history

  16. Update charts for queue-worker, function-builder and faas-netes CE 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    8283080 View commit details
    Browse the repository at this point in the history

  17. Enable safe handling of range limits for replicas 

    Correct drift within limits available for community (hobbyist)
users.

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    941b9a7 View commit details
    Browse the repository at this point in the history

  18. Updates to OpenFaaS CE Chart 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    5faa794 View commit details
    Browse the repository at this point in the history

  19. Add maxWaiting parameter for jetstream-queue-worker 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    78f91b7 View commit details
    Browse the repository at this point in the history

  20. Bump openfaas/license-check from 0.4.1 to 0.4.2 

    Bumps openfaas/license-check from 0.4.1 to 0.4.2.

---
updated-dependencies:
- dependency-name: openfaas/license-check
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    3a8b7f7 View commit details
    Browse the repository at this point in the history

  21. Bump actions/setup-go from 3.5.0 to 4.0.0 

    Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3.5.0...v4.0.0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    abf646d View commit details
    Browse the repository at this point in the history

  22. Bump docker/build-push-action from 3 to 4 

    Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v3...v4)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    3b9492a View commit details
    Browse the repository at this point in the history

  23. Bump azure/setup-helm from 1 to 3 

    Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 1 to 3.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Commits](Azure/setup-helm@v1...v3)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot @alexellis
    dependabot[bot] authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    f11cdb3 View commit details
    Browse the repository at this point in the history

  24. Update response message for invalid namespaces 

    Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
    @welteki @alexellis
    welteki authored and alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    cbbea2e View commit details
    Browse the repository at this point in the history

  25. Update pro-builder / buildkit and faas-netes 

    * pro-builder/buildkit are updated to resolve a security
issue with buildkit/containerd/runc - updating is advised

Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    39869bc View commit details
    Browse the repository at this point in the history

  26. Updates for openfaas dashboard 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    a09c858 View commit details
    Browse the repository at this point in the history

  27. Updates for OpenFaaS IAM 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    bbe0e72 View commit details
    Browse the repository at this point in the history

  28. Fix merge of gateway template 

    Signed-off-by: Alex Ellis (OpenFaaS Ltd) <[email protected]>
    @alexellis
    alexellis committed Apr 13, 2023
    Configuration menu
    Copy the full SHA
    639ec94 View commit details
    Browse the repository at this point in the history