Dario Tranchitella
4ccef411ab
docs: Pod Priority Class enforcement using Tenant annotations
2021-05-29 00:31:17 +02:00
Dario Tranchitella
dfb0a536b7
test: testing enforced Pod Priority Class using Tenant annotations
2021-05-29 00:31:17 +02:00
Dario Tranchitella
9ef64d0f8c
build(helm): providing webhook for Pod Priority Class
2021-05-29 00:31:17 +02:00
Dario Tranchitella
5649283058
build(kustomize): installing Pod Priority Class webhook
2021-05-29 00:31:17 +02:00
Dario Tranchitella
0481822555
feat: enforcing Pod Priority Class
2021-05-29 00:31:17 +02:00
Dario Tranchitella
bcbd9c2781
build(helm): using different names for Job hooks
2021-05-29 00:08:07 +02:00
Maksim Fedotov
229b569b50
fix: the ClusterRoleBindings capsule-namespace-provisioner are not reconciled when --capsule-user-group changes
2021-05-28 09:32:38 +02:00
Maksim Fedotov
ef6eea62dc
fix: wrong order of checks in validating-external-service-ips webhook
2021-05-27 19:27:43 +02:00
Maksim Fedotov
bb6614d1e8
chore(ci): output diff files for manifests files
2021-05-25 14:46:05 +02:00
Maksim Fedotov
784f3a71df
build(helm): use multiple groups as capsule-user-group. Remove capsule clusterrolebindings using label selector
2021-05-25 14:46:05 +02:00
Maksim Fedotov
3c9895e498
feat: use multiple groups as capsule-user-group
2021-05-25 14:46:05 +02:00
Dario Tranchitella
6dc83b16da
fix: generating TLS certificate matching the deployed Namespace
2021-05-23 18:46:25 +02:00
Maksim Fedotov
e6da507d10
feat: block use of NodePort Services
2021-05-19 16:44:08 +02:00
Dario Tranchitella
5bca3b7da7
chore(go): upgrading to go 1.16
2021-05-14 13:55:51 +02:00
Dario Tranchitella
2e188d26f9
chore(operatorsdk): upgrading to v3 format
2021-05-14 13:55:51 +02:00
Dario Tranchitella
3afee659ff
chore(kustomize): new CRD and webhooks for admission/v1
2021-05-14 13:55:51 +02:00
Dario Tranchitella
c22cb6cc88
refactor: moving to admission/v1 for Kubernetes +1.16
2021-05-14 13:55:51 +02:00
Dario Tranchitella
202a18c132
chore(mod): upgrading controller-runtime to v0.8.3
2021-05-14 13:55:51 +02:00
Dario Tranchitella
8441d8878a
chore(make): upgrading to controller-tools v0.5.0
2021-05-14 13:55:51 +02:00
Dario Tranchitella
d5af190c51
test: checking runtime count for pods
2021-05-14 13:55:51 +02:00
Dario Tranchitella
82ae78b704
chore(kustomize): deprecating metrics RBAC proxy
2021-05-08 14:51:55 +02:00
Dario Tranchitella
6c44a6a4d3
chore(helm): deprecating metrics RBAC proxy
2021-05-08 14:51:55 +02:00
Adriano Pezzuto
d6e7437b6c
docs: update capsule-proxy documentation
2021-05-07 20:07:30 +02:00
Dario Tranchitella
ac7114e975
chore: triggering Helm Charts CD upon tag release
2021-05-07 16:20:33 +02:00
Tim Bannister
2fdc08c2f4
docs: typo on README.md
2021-05-05 11:48:30 +02:00
Ludovico Russo
c2cede6287
refactor: better name variables in pkg/webhook/utils
2021-05-04 17:49:13 +02:00
Ludovico Russo
36c90d485e
refactor: better name variables in pkg/webhook/tenantprefix
2021-05-04 17:49:13 +02:00
Ludovico Russo
34c958371b
refactor: better name variables in pkg/webhook/tenant
2021-05-04 17:49:13 +02:00
Ludovico Russo
e5f17d1e0d
refactor: better name variables in pkg/webhook/services
2021-05-04 17:49:13 +02:00
Ludovico Russo
e1b203727d
refactor: better name variables in pkg/webhook/registry
2021-05-04 17:49:13 +02:00
Ludovico Russo
cec8cc0573
refactor: better name variables in pkg/webhook/pvc
2021-05-04 17:49:13 +02:00
Ludovico Russo
7ca9fe0c63
refactor: better name variables in pkg/webhook/ownerreference
2021-05-04 17:49:13 +02:00
Ludovico Russo
b87a6c022f
refactor: better name variables in pkg/webhook/namespacequota
2021-05-04 17:49:13 +02:00
Ludovico Russo
01b75a5094
refactor: better name variables in pkg/webhook/ingress
2021-05-04 17:49:13 +02:00
Ludovico Russo
2c6dcf0dd7
refactor: better name variables in pkg/webhook
2021-05-04 17:49:13 +02:00
Ludovico Russo
7994ae1da1
refactor: better name variables in main.go
2021-05-04 17:49:13 +02:00
stg
12237ae106
feat: adding name label to each Namespace ( #242 )
...
Co-authored-by: Santiago Sanchez Paz <sanchezpaz@gmail.com >
2021-03-24 19:28:45 +01:00
Dario Tranchitella
d8449fee24
Helm and Kustomize to v0.0.5 ( #239 )
...
* build(kustomize): ready for v0.0.5
* build(helm): ready for release v0.0.5
2021-03-20 17:25:56 +01:00
Dario Tranchitella
37ec9911d9
chore: non embedding certs for kubeconfig file generation ( #238 )
2021-03-17 17:28:57 +01:00
Ludovico Russo
36124d2aba
build(helm): remove options allow-ingress-hostname-collision and allow-tenant-ingress-hostnames-collision ( #233 )
...
These are going to be implemented once 0.0.5 is out with new flags.
Co-authored-by: Ludovico Russo <ludovico@ludusrusso.space >
2021-03-17 11:44:57 +01:00
Dario Tranchitella
5ecabaad3e
refactor: ignoring requests from kube-system ServiceAccount resources
2021-03-17 11:43:11 +01:00
Valentino Uberti
56adfe6a35
feat: user script for Openshift ( #230 )
...
Tested by @ValentinoUberti on OCP 4.7.1
2021-03-10 15:11:15 +01:00
Dario Tranchitella
4119a69e02
fix: hostname collision between different Tenant namespaces
2021-03-06 20:50:55 +01:00
Dario Tranchitella
51de469551
bug: syncing Namespace annotations in a single place
2021-03-06 17:41:18 +01:00
Dario Tranchitella
87a360bfaf
build(helm): support for --allow-tenant-ingress-hostnames-collision flag
2021-03-06 16:58:44 +01:00
Dario Tranchitella
bdce4a7b4f
doc: documenting --allow-tenant-ingress-hostnames-collision new CLI flag
2021-03-06 16:58:44 +01:00
Dario Tranchitella
0dedd48789
test: new flag --allow-tenant-ingress-hostnames-collision
2021-03-06 16:58:44 +01:00
Dario Tranchitella
dfb7a5e227
feat: allowing Tenants with collided Ingress hostnames
...
A new flag (`--allow-tenant-ingress-hostnames-collision`) is added,
defaulted to false: when toggled, Capsule will not check if each
declared hostname in `.spec.IngressHostnames.allowed` is already in use
on any other Tenant.
2021-03-06 16:58:44 +01:00
Dario Tranchitella
d78bcd8b00
test(e2e): using default timeout and interval periods
2021-03-06 15:57:25 +01:00
Dario Tranchitella
0cad87e1ed
test(e2e): avoiding reaping of unhealthy nodes blocking CI
2021-03-06 15:57:25 +01:00
