From 84e78ab44a66e2343df25de60bb6a25ed05e3581 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Natalie=20Klestrup=20R=C3=B6ijezon?= Date: Mon, 20 Jan 2025 11:06:16 +0100 Subject: [PATCH 1/4] Upgrade CSI sidecars https://github.com/stackabletech/docker-images/issues/975, https://github.com/stackabletech/docker-images/issues/976 --- deploy/helm/secret-operator/values.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/deploy/helm/secret-operator/values.yaml b/deploy/helm/secret-operator/values.yaml index 1c12089e..1bad5966 100644 --- a/deploy/helm/secret-operator/values.yaml +++ b/deploy/helm/secret-operator/values.yaml @@ -22,7 +22,7 @@ secretMigrationJob: csiProvisioner: image: repository: docker.stackable.tech/k8s/sig-storage/csi-provisioner - tag: v5.0.1 + tag: v5.1.0 pullPolicy: IfNotPresent resources: requests: @@ -34,7 +34,7 @@ csiProvisioner: csiNodeDriverRegistrar: image: repository: docker.stackable.tech/k8s/sig-storage/csi-node-driver-registrar - tag: v2.11.1 + tag: v2.13.0 pullPolicy: IfNotPresent resources: requests: @@ -73,7 +73,8 @@ podAnnotations: {} labels: stackable.tech/vendor: Stackable -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 securityContext: From c5e42ca3d7a7487cb2d5f374e9b80f9908f77050 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Natalie=20Klestrup=20R=C3=B6ijezon?= Date: Mon, 20 Jan 2025 12:38:24 +0100 Subject: [PATCH 2/4] Update kerberos test for FQDNs --- tests/templates/kuttl/kerberos/kinit-client.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/templates/kuttl/kerberos/kinit-client.yaml.j2 b/tests/templates/kuttl/kerberos/kinit-client.yaml.j2 index 2c6a134a..85e883e1 100644 --- a/tests/templates/kuttl/kerberos/kinit-client.yaml.j2 +++ b/tests/templates/kuttl/kerberos/kinit-client.yaml.j2 @@ -22,9 +22,9 @@ spec: echo kiniting node kinit -kt /stackable/krb/keytab -p HTTP/$NODE_NAME echo kiniting service - kinit -kt /stackable/krb/keytab -p HTTP/krb5-client.$NAMESPACE.svc.cluster.local + kinit -kt /stackable/krb/keytab -p HTTP/krb5-client.$NAMESPACE.svc.cluster.local. echo kiniting pod - kinit -kt /stackable/krb/keytab -p HTTP/$POD_NAME.krb5-client.$NAMESPACE.svc.cluster.local + kinit -kt /stackable/krb/keytab -p HTTP/$POD_NAME.krb5-client.$NAMESPACE.svc.cluster.local. env: - name: KRB5_CONFIG value: /stackable/krb/krb5.conf From 2fed799a8e2afe9896a8fcb89e8f1443ca973281 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Natalie=20Klestrup=20R=C3=B6ijezon?= Date: Mon, 20 Jan 2025 13:38:11 +0100 Subject: [PATCH 3/4] Update nixpkgs Also in templating: https://github.com/stackabletech/operator-templating/pull/478 --- nix/sources.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nix/sources.json b/nix/sources.json index a8bcfd61..9a26de8f 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -29,10 +29,10 @@ "homepage": "", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0fcb98acb6633445764dafe180e6833eb0f95208", - "sha256": "1prmbz0c686b7583s6mcnrm67ky5xsks5zdspvkcb1vs6qsm5jp2", + "rev": "aa6ae0afa6adeb5c202a168e51eda1d3da571117", + "sha256": "1kbg6limdl7f21vr36g7qlrimm8lxr97b6kvxkz91yfdffn942p9", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/0fcb98acb6633445764dafe180e6833eb0f95208.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/aa6ae0afa6adeb5c202a168e51eda1d3da571117.tar.gz", "url_template": "https://github.com///archive/.tar.gz" } } From 598c292be633bd66d672e5c3a5c32385c85b9566 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Natalie=20Klestrup=20R=C3=B6ijezon?= Date: Mon, 20 Jan 2025 13:39:43 +0100 Subject: [PATCH 4/4] Undo accidental podSecurityContext reformatting --- deploy/helm/secret-operator/values.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deploy/helm/secret-operator/values.yaml b/deploy/helm/secret-operator/values.yaml index 1bad5966..5659eac2 100644 --- a/deploy/helm/secret-operator/values.yaml +++ b/deploy/helm/secret-operator/values.yaml @@ -73,8 +73,7 @@ podAnnotations: {} labels: stackable.tech/vendor: Stackable -podSecurityContext: - {} +podSecurityContext: {} # fsGroup: 2000 securityContext: