Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

stable/feeds: Update to Enterprise v5.5.0 #374

Merged
merged 5 commits into from
May 1, 2024
Merged

stable/feeds: Update to Enterprise v5.5.0 #374

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
daf45d3
add 5.5.0 configs
Btodhunter Apr 30, 2024
861dbe1
add service annotations
Btodhunter Apr 30, 2024
fd8e249
bump chart version
Btodhunter Apr 30, 2024
f0b79ff
fix readme
Btodhunter Apr 30, 2024
f157a68
update test snapshots
Btodhunter Apr 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions stable/feeds/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v2
name: feeds
type: application
version: "2.4.3"
appVersion: "5.4.1"
version: "2.5.0"
appVersion: "5.5.0"
kubeVersion: 1.23.x - 1.27.x || 1.23.x-x - 1.29.x-x
description: Anchore feeds service
keywords:
Expand Down
24 changes: 22 additions & 2 deletions stable/feeds/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@ anchoreConfig:
| `url` | Set a custom feeds URL. Useful when using a feeds service endpoint that is external from the cluster. | `""` |
| `fullnameOverride` | overrides the fullname set on resources | `""` |
| `nameOverride` | overrides the name set on resources | `""` |
| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.4.1` |
| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.5.0` |
| `imagePullPolicy` | Image pull policy used by all deployments | `IfNotPresent` |
| `imagePullSecretName` | Name of Docker credentials secret for access to private repos | `anchore-enterprise-pullcreds` |
| `serviceAccountName` | Name of a service account used to run all Feeds pods | `""` |
Expand Down Expand Up @@ -373,7 +373,22 @@ anchoreConfig:
| Name | Description | Value |
| -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| `anchoreConfig.service_dir` | Path to directory where default Anchore configs are placed at startup | `/anchore_service` |
| `anchoreConfig.log_level` | The log level for Anchore services | `INFO` |
| `anchoreConfig.log_level` | The log level for Anchore services: NOTE: This is deprecated, use logging.log_level | `INFO` |
| `anchoreConfig.logging.colored_logging` | Enable colored output in the logs | `false` |
| `anchoreConfig.logging.exception_backtrace_logging` | Enable stack traces in the logs | `false` |
| `anchoreConfig.logging.exception_diagnose_logging` | Enable detailed exception information in the logs | `false` |
| `anchoreConfig.logging.file_rotation_rule` | Maximum size of a log file before it is rotated | `10 MB` |
| `anchoreConfig.logging.file_retention_rule` | Number of log files to retain before deleting the oldest | `10` |
| `anchoreConfig.logging.log_level` | Log level for the service code | `INFO` |
| `anchoreConfig.logging.server_access_logging` | Set whether to print server access to logging | `true` |
| `anchoreConfig.logging.server_response_debug_logging` | Log the elapsed time to process the request and the response size (debug log level) | `false` |
| `anchoreConfig.logging.server_log_level` | Log level specifically for the server (uvicorn) | `info` |
| `anchoreConfig.logging.structured_logging` | Enable structured logging output (JSON) | `false` |
| `anchoreConfig.server.max_connection_backlog` | Max connections permitted in the backlog before dropping | `2048` |
| `anchoreConfig.server.max_wsgi_middleware_worker_queue_size` | Max number of requests to queue for processing by ASGI2WSGI middleware | `100` |
| `anchoreConfig.server.max_wsgi_middleware_worker_count` | Max number of workers to have in the ASGI2WSGI middleware worker pool | `50` |
| `anchoreConfig.server.timeout_graceful_shutdown` | Seconds to permit for graceful shutdown or false to disable | `false` |
| `anchoreConfig.server.timeout_keep_alive` | Seconds to keep a connection alive before closing | `5` |
| `anchoreConfig.keys.secret` | The shared secret used for signing & encryption, auto-generated by Helm if not set | `""` |
| `anchoreConfig.keys.privateKeyFileName` | The file name of the private key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName | `""` |
| `anchoreConfig.keys.publicKeyFileName` | The file name of the public key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName | `""` |
Expand Down Expand Up @@ -487,6 +502,11 @@ For the latest updates and features in Anchore Enterprise, see the official [Rel
- **Minor Chart Version Change (e.g., v0.1.2 -> v0.2.0)**: Indicates a significant change to the deployment that does not require manual intervention.
- **Patch Chart Version Change (e.g., v0.1.2 -> v0.1.3)**: Indicates a backwards-compatible bug fix or documentation update.

### v2.5.x

- Update Anchore Feeds image to v5.5.0. See the [Release Notes](https://docs.anchore.com/current/docs/releasenotes/550/) for more information.
- Added support for service specific annotations.

### v2.4.0

- Update Anchore Feeds image to v5.4.0. See the [Release Notes](https://docs.anchore.com/current/docs/releasenotes/540/) for more information.
Expand Down
8 changes: 7 additions & 1 deletion stable/feeds/files/default_config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
service_dir: ${ANCHORE_SERVICE_DIR}
tmp_dir: ${ANCHORE_FEEDS_TMP_DIR}
log_level: ${ANCHORE_LOG_LEVEL}
log_level: ${ANCHORE_LOG_LEVEL} # Deprecated - prefer use of logging.log_level

logging:
{{- toYaml .Values.anchoreConfig.logging | nindent 2 }}

server:
{{- toYaml .Values.anchoreConfig.server | nindent 2 }}

host_id: "${ANCHORE_HOST_ID}"
internal_ssl_verify: ${ANCHORE_INTERNAL_SSL_VERIFY}
Expand Down
16 changes: 16 additions & 0 deletions stable/feeds/templates/_common.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,22 @@ Common annotations
{{- end }}
{{- end -}}

{{/*
Service annotations
*/}}
{{- define "feeds.service.annotations" -}}
{{- if and (not .nil) (not .Values.service.annotations) (not .Values.annotations) }}
{{- print "{}" }}
{{- else }}
{{- with .Values.service.annotations }}
{{ toYaml . }}
{{- end }}
{{- with .Values.annotations }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{- end -}}

{{/*
Setup a container for the cloudsql proxy to run in all pods when .Values.cloudsql.enabled = true
*/}}
Expand Down
2 changes: 1 addition & 1 deletion stable/feeds/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ metadata:
name: {{ template "feeds.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "feeds.common.labels" . | nindent 4 }}
annotations: {{- include "feeds.common.annotations" . | nindent 4 }}
annotations: {{- include "feeds.service.annotations" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
selector: {{- include "feeds.common.matchLabels" . | nindent 4 }}
Expand Down
21 changes: 20 additions & 1 deletion stable/feeds/tests/__snapshot__/configmap_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,26 @@ should render the configmaps:
#
service_dir: ${ANCHORE_SERVICE_DIR}
tmp_dir: ${ANCHORE_FEEDS_TMP_DIR}
log_level: ${ANCHORE_LOG_LEVEL}
log_level: ${ANCHORE_LOG_LEVEL} # Deprecated - prefer use of logging.log_level

logging:
colored_logging: false
exception_backtrace_logging: false
exception_diagnose_logging: false
file_retention_rule: 10
file_rotation_rule: 10 MB
log_level: INFO
server_access_logging: true
server_log_level: info
server_response_debug_logging: false
structured_logging: false

server:
max_connection_backlog: 2048
max_wsgi_middleware_worker_count: 50
max_wsgi_middleware_worker_queue_size: 100
timeout_graceful_shutdown: false
timeout_keep_alive: 5

host_id: "${ANCHORE_HOST_ID}"
internal_ssl_verify: ${ANCHORE_INTERNAL_SSL_VERIFY}
Expand Down
2 changes: 1 addition & 1 deletion stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,6 @@ should render proper initContainers:
value: test-release-feeds.test-namespace.svc.cluster.local
- name: ANCHORE_PORT
value: "8448"
image: docker.io/anchore/enterprise:v5.4.1
image: docker.io/anchore/enterprise:v5.5.0
imagePullPolicy: IfNotPresent
name: wait-for-db
35 changes: 35 additions & 0 deletions stable/feeds/tests/common_helpers_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,41 @@ tests:
foo: bar
bar: baz

- it: should render service annotations
template: deployment.yaml
documentIndex: 1
set:
service:
annotations:
foo: bar
bar: baz
asserts:
- isSubset:
path: metadata.annotations
content:
foo: bar
bar: baz

- it: should render service annotations and global annotations
template: deployment.yaml
documentIndex: 1
set:
service:
annotations:
foo: bar
bar: baz
annotations:
fizz: buzz
boo: blah
asserts:
- isSubset:
path: metadata.annotations
content:
fizz: buzz
boo: blah
foo: bar
bar: baz

- it: should render file checksum/secret annotation
template: deployment.yaml
documentIndex: 0
Expand Down
42 changes: 39 additions & 3 deletions stable/feeds/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ nameOverride: ""

## @param image Image used for feeds deployment
##
image: docker.io/anchore/enterprise:v5.4.1
image: docker.io/anchore/enterprise:v5.5.0

## @param imagePullPolicy Image pull policy used by all deployments
## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
Expand Down Expand Up @@ -243,11 +243,47 @@ anchoreConfig:
##
service_dir: /anchore_service

## @param anchoreConfig.log_level The log level for Anchore services
## options available: FATAL, ERROR, WARN, INFO, DEBUG, SPEW
## @param anchoreConfig.log_level The log level for Anchore services: NOTE: This is deprecated, use logging.log_level
## options available: CRITICAL, ERROR, WARNING, SUCCESS, INFO, DEBUG, TRACE
##
log_level: INFO

## @param anchoreConfig.logging.colored_logging Enable colored output in the logs
## @param anchoreConfig.logging.exception_backtrace_logging Enable stack traces in the logs
## @param anchoreConfig.logging.exception_diagnose_logging Enable detailed exception information in the logs
## @param anchoreConfig.logging.file_rotation_rule Maximum size of a log file before it is rotated
## @param anchoreConfig.logging.file_retention_rule Number of log files to retain before deleting the oldest
## @param anchoreConfig.logging.log_level Log level for the service code
## @param anchoreConfig.logging.server_access_logging Set whether to print server access to logging
## @param anchoreConfig.logging.server_response_debug_logging Log the elapsed time to process the request and the response size (debug log level)
## @param anchoreConfig.logging.server_log_level Log level specifically for the server (uvicorn)
## @param anchoreConfig.logging.structured_logging Enable structured logging output (JSON)
##
logging:
colored_logging: false
exception_backtrace_logging: false
exception_diagnose_logging: false
file_rotation_rule: "10 MB"
file_retention_rule: 10
log_level: INFO
server_access_logging: true
server_response_debug_logging: false
server_log_level: "info"
structured_logging: false

## @param anchoreConfig.server.max_connection_backlog Max connections permitted in the backlog before dropping
## @param anchoreConfig.server.max_wsgi_middleware_worker_queue_size Max number of requests to queue for processing by ASGI2WSGI middleware
## @param anchoreConfig.server.max_wsgi_middleware_worker_count Max number of workers to have in the ASGI2WSGI middleware worker pool
## @param anchoreConfig.server.timeout_graceful_shutdown Seconds to permit for graceful shutdown or false to disable
## @param anchoreConfig.server.timeout_keep_alive Seconds to keep a connection alive before closing
##
server:
max_connection_backlog: 2048
max_wsgi_middleware_worker_queue_size: 100
max_wsgi_middleware_worker_count: 50
timeout_graceful_shutdown: false
timeout_keep_alive: 5

## @param anchoreConfig.keys.secret The shared secret used for signing & encryption, auto-generated by Helm if not set
## @param anchoreConfig.keys.privateKeyFileName The file name of the private key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName
## @param anchoreConfig.keys.publicKeyFileName The file name of the public key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName
Expand Down
Loading