Merge branch 'bump-opagatekeeper' into 'master'

OPA Gatekeeper update to reduce memory footprint and bug fixes Closes platform-one/big-bang/apps/core/policy#104 and platform-one/big-bang/apps/core/policy#102 See merge request platform-one/big-bang/bigbang!722

Merge branch 'bump-opagatekeeper' into 'master'
d1ed7e5a · Michael McLeroy · Ryan Garcia · eebd3125 · d1ed7e5a · d1ed7e5a
Commit d1ed7e5a authored 3 years ago by Michael McLeroy Committed by Ryan Garcia 3 years ago
--- a/chart/templates/gatekeeper/values.yaml
+++ b/chart/templates/gatekeeper/values.yaml
@@ -12,14 +12,14 @@ postInstall:
    image:
      pullSecrets:
      - name: private-registry
-      
+
 networkPolicies:
  enabled: {{ .Values.networkPolicies.enabled }}
  controlPlaneCidr: {{ .Values.networkPolicies.controlPlaneCidr }}
 violations:  # Try to keep this in alpha order to make it easier to find keys
  allowedDockerRegistries:
    match:
-      excludedNamespaces: 
+      excludedNamespaces:
       {{- if .Values.istio.enabled }}
        - istio-system # allows creation for loadbalancer pods for various ports and various vendor loadbalancers
       {{- end }}
@@ -40,7 +40,7 @@ violations:  # Try to keep this in alpha order to make it easier to find keys
  {{- if .Values.addons.mattermost.enabled }}
  httpsOnly:
    match:
-      excludedNamespaces: 
+      excludedNamespaces:
        # mattermost currently does not useIngressTLS hence Ingress is created without TLS field by the operator.
        # Adding exemption, pending https://github.com/mattermost/mattermost-operator/issues/235
        - mattermost
@@ -71,14 +71,14 @@ violations:  # Try to keep this in alpha order to make it easier to find keys

  volumeTypes:
    match:
-      excludedNamespaces: 
+      excludedNamespaces:
       {{- if .Values.fluentbit.enabled }}
        # fluent-bit container requires certain host level access to ship logs and for keep track of state
        # https://docs.fluentbit.io/manual/pipeline/filters/kubernetes#workflow-of-tail-kubernetes-filter
        - logging
       {{- end }}
       {{- if .Values.twistlock.enabled }}
-        # Twistlock requires /dev/log for its syslog daemon. 
+        # Twistlock requires /dev/log for its syslog daemon.
        # https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/audit/logging.html#
        - twistlock
       {{- end }}

--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -281,7 +281,7 @@ gatekeeper:
  git:
    repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/policy.git
    path: "./chart"
-    tag: "3.5.1-bb.4"
+    tag: "3.5.1-bb.7"

  # -- Flux reconciliation overrides specifically for the OPA Gatekeeper Package
  flux: