Update dependency registry1.dso.mil/ironbank/opensource/kubernetes/kubectl to v1.25.6

f7e62353 · bigbang bot · Michael McLeroy · 8697d78d · f7e62353 · f7e62353
Commit f7e62353 authored 2 years ago by bigbang bot Committed by Michael McLeroy 2 years ago
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,12 +2,17 @@

 Format: [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)

-## [1.1.0] - 2022-01-11
+## [1.1.1] - 2023-01-26
+### Changed
+- Updated kubectl to v1.25.6
+- Updated gluon to 0.3.1
+
+## [1.1.0] - 2023-01-11
 ### Changed
 - Removed `disallow-shared-subpath-volume-writes` policy (no longer beneficial for any non-EOL k8s versions)
 - Removed Ironbank key from test values

-## [1.0.1-bb.12] - 2022-01-06
+## [1.0.1-bb.12] - 20223-01-06
 ### Changed
 - Added support for checking deprecated API policy for Kubernetes v1.27.


--- a/README.md
+++ b/README.md
 # kyverno-policies

-![Version: 1.1.0-bb.0](https://img.shields.io/badge/Version-1.1.0--bb.0-informational?style=flat-square) ![AppVersion: 1.1.0](https://img.shields.io/badge/AppVersion-1.1.0-informational?style=flat-square)
+![Version: 1.1.0-bb.1](https://img.shields.io/badge/Version-1.1.0--bb.1-informational?style=flat-square) ![AppVersion: 1.1.0](https://img.shields.io/badge/AppVersion-1.1.0-informational?style=flat-square)

 Collection of Kyverno security and best-practice policies for Kyverno

@@ -42,7 +42,7 @@ helm install kyverno-policies chart/
 | excludeContainers | list | `[]` | Adds an excludeContainers to all policies.  This is merged with any policy-specific excludeContainers. |
 | customLabels | object | `{}` | Additional labels to apply to all policies. |
 | waitforready.enabled | bool | `true` | Controls wait for ready deployment |
-| waitforready.image | object | `{"repository":"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl","tag":"v1.25.5"}` | Image to use in wait for ready job.  This must contain kubectl. |
+| waitforready.image | object | `{"repository":"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl","tag":"v1.25.6"}` | Image to use in wait for ready job.  This must contain kubectl. |
 | waitforready.imagePullSecrets | list | `[]` | Pull secret for wait for ready job |
 | policies.sample | object | `{"enabled":false,"exclude":{},"match":{},"parameters":{"excludeContainers":[]},"validationFailureAction":"audit","webhookTimeoutSeconds":""}` | Sample policy showing values that can be added to any policy |
 | policies.sample.enabled | bool | `false` | Controls policy deployment |
@@ -142,7 +142,7 @@ helm install kyverno-policies chart/
 | additionalPolicies.samplePolicy.annotations."policies.kyverno.io/description" | string | `"This sample policy blocks pods from deploying into the 'default' namespace."` | Description of what the policy does, why it is important, and what items are allowed or unallowed. |
 | additionalPolicies.samplePolicy.spec | object | `{"rules":[{"match":{"any":[{"resources":{"kinds":["Pods"]}}]},"name":"sample-rule","validate":{"message":"Using 'default' namespace is not allowed.","pattern":{"metadata":{"namespace":"!default"}}}}]}` | Policy specification.  See `kubectl explain clusterpolicies.spec` |
 | additionalPolicies.samplePolicy.spec.rules | list | `[{"match":{"any":[{"resources":{"kinds":["Pods"]}}]},"name":"sample-rule","validate":{"message":"Using 'default' namespace is not allowed.","pattern":{"metadata":{"namespace":"!default"}}}}]` | Policy rules.  At least one is required |
-| bbtests | object | `{"enabled":false,"imagePullSecret":"private-registry","scripts":{"additionalVolumeMounts":[{"mountPath":"/yaml","name":"kyverno-policies-bbtest-manifests"},{"mountPath":"/.kube/cache","name":"kyverno-policies-bbtest-kube-cache"}],"additionalVolumes":[{"configMap":{"name":"kyverno-policies-bbtest-manifests"},"name":"kyverno-policies-bbtest-manifests"},{"emptyDir":{},"name":"kyverno-policies-bbtest-kube-cache"}],"envs":{"ENABLED_POLICIES":"{{ $p := list }}{{ range $k, $v := .Values.policies }}{{ if $v.enabled }}{{ $p = append $p $k }}{{ end }}{{ end }}{{ join \" \" $p }}","IMAGE_PULL_SECRET":"{{ .Values.bbtests.imagePullSecret }}"},"image":"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.5"}}` | Reserved values for Big Bang test automation |
+| bbtests | object | `{"enabled":false,"imagePullSecret":"private-registry","scripts":{"additionalVolumeMounts":[{"mountPath":"/yaml","name":"kyverno-policies-bbtest-manifests"},{"mountPath":"/.kube/cache","name":"kyverno-policies-bbtest-kube-cache"}],"additionalVolumes":[{"configMap":{"name":"kyverno-policies-bbtest-manifests"},"name":"kyverno-policies-bbtest-manifests"},{"emptyDir":{},"name":"kyverno-policies-bbtest-kube-cache"}],"envs":{"ENABLED_POLICIES":"{{ $p := list }}{{ range $k, $v := .Values.policies }}{{ if $v.enabled }}{{ $p = append $p $k }}{{ end }}{{ end }}{{ join \" \" $p }}","IMAGE_PULL_SECRET":"{{ .Values.bbtests.imagePullSecret }}"},"image":"registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.6"}}` | Reserved values for Big Bang test automation |

 ## Contributing


--- a/chart/Chart.lock
+++ b/chart/Chart.lock
 dependencies:
 - name: gluon
-  repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon
-  version: 0.3.0
-digest: sha256:940e0d3f884f406752725631f39f9c6f87112137dacc06ffd4988a279fd5e13e
-generated: "2022-09-13T13:28:02.623673-06:00"
+  repository: oci://registry1.dso.mil/bigbang
+  version: 0.3.1
+digest: sha256:8e4eb94709bfb6c1d62c60655174e102175f04ee290fdcab81a056c3c31d78d1
+generated: "2023-01-26T12:00:34.043031-05:00"
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
 apiVersion: v2
 name: kyverno-policies
-version: 1.1.0-bb.0
+version: 1.1.0-bb.1
 appVersion: 1.1.0
 icon: https://github.com/kyverno/kyverno/raw/main/img/logo.png
 description: Collection of Kyverno security and best-practice policies for Kyverno
@@ -14,12 +14,12 @@ sources:
  - https://github.com/kyverno/policies
 dependencies:
  - name: gluon
-    version: 0.3.0
-    repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon
+    version: 0.3.1
+    repository: oci://registry1.dso.mil/bigbang
 annotations:
  bigbang.dev/applicationVersions: |
    - Kyverno Policies: 1.1.0
  # Kubectl image is used if waitforready.enabled or bbtests.enabled
  helm.sh/images: |
    - name: kubectl
-      image: registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.5
+      image: registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.6
--- a/chart/charts/gluon-0.3.0.tgz
+++ b/chart/charts/gluon-0.3.0.tgz
--- a/chart/charts/gluon-0.3.1.tgz
+++ b/chart/charts/gluon-0.3.1.tgz
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -30,7 +30,7 @@ waitforready:
  # -- Image to use in wait for ready job.  This must contain kubectl.
  image:
    repository: registry1.dso.mil/ironbank/opensource/kubernetes/kubectl
-    tag: v1.25.5
+    tag: v1.25.6
  # -- Pull secret for wait for ready job
  imagePullSecrets: []

@@ -507,7 +507,7 @@ additionalPolicies:
 bbtests:
  enabled: false
  scripts:
-    image: registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.5
+    image: registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.25.6
    envs:
      ENABLED_POLICIES: '{{ $p := list }}{{ range $k, $v := .Values.policies }}{{ if $v.enabled }}{{ $p = append $p $k }}{{ end }}{{ end }}{{ join " " $p }}'
      IMAGE_PULL_SECRET: '{{ .Values.bbtests.imagePullSecret }}'