feat(helm)!: Update chart authentik to 2024.2.3 #116

Merged
SeanOMik merged 1 commits from renovate/authentik-2024.x into main 2024-04-19 17:35:08 +00:00
Collaborator

This PR contains the following updates:

Package Update Change
authentik (source) major 2023.10.7 -> 2024.2.3

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

goauthentik/helm (authentik)

v2024.2.3

Compare Source

authentik is an open-source Identity Provider focused on flexibility and versatility

What's Changed

New Contributors

Full Changelog: https://github.com/goauthentik/helm/compare/authentik-2024.2.2...authentik-2024.2.3

v2024.2.2

Compare Source

authentik is an open-source Identity Provider focused on flexibility and versatility

What's Changed

New Contributors

Full Changelog: https://github.com/goauthentik/helm/compare/authentik-2024.2.1...authentik-2024.2.2

v2024.2.1

Compare Source

authentik is an open-source Identity Provider focused on flexibility and versatility

What's Changed

Full Changelog: https://github.com/goauthentik/helm/compare/authentik-2024.2.0...authentik-2024.2.1

v2024.2.0

Compare Source

authentik is an open-source Identity Provider focused on flexibility and versatility

Breaking changes

The vendored Bitnami PostgreSQL and Redis Helm charts have been removed and now use upstream versions.

The PostgreSQL Helm chart has been updated from 10.16.2 to 12.12.10. The full diff is here but is quite large. We recommend checking out the upstream release notes for the 11.x.x and 12.x.x upgrades. Among the changes you may be required to do, the postgresql.persistence key has been renamed to postgresql.primary.persistence, postgresql.postgresqlPassword to postgresql.auth.password, postgresql.existingSecret to postgresql.auth.existingSecret. Note that this update does not change the major version of PostgreSQL, so no manual intervention is required on that side.

The Redis Helm chart has been updated from 15.7.6 to 18.6.1. The full diff is here but is quite large. We recommend checking out the upstream release notes for the 16.x.x, 17.x.x and 18.x.x upgrades. If you do not have any custom values, no action is required. Not that this upgrades the major Redis version from 6 to 7, and thus no rollback is possible.

Ingress versions before networking.k8s.io/v1 are not supported anymore.

blueprints has been renamed to blueprints.configMaps and blueprints.secrets has been added to import blueprints from secrets.

image has been renamed to global.image, and can now be overridden for the server and worker with server.image and worker.image.

image.pullSecrets has been renamed to global.imagePullSecrets, and can now be overridden for the server and worker with server.imagePullSecrets and worker.imagePullSecrets.

annotations has been renamed global.deploymentAnnotations, and additional annotations can now be configured for only the server or worker with server.deploymentAnnotations and worker.deploymentAnnotations.

podAnnotations has been renamed global.podAnnotations, and additional annotations can now be configured for only the server or worker with server.podAnnotations and worker.podAnnotations.

nodeSelector has been renamed to global.nodeSelector, and can now be overridden for the server and worker with server.nodeSelector and worker.nodeSelector.

tolerations has been renamed to global.tolerations, and can now be overridden for the server and worker with server.tolerations and worker.tolerations.

affinity has been removed and replaced by the reworked global.affinity which pre-sets affinity rules. It is possible override those rules for the server and worker with server.affinity and worker.affinity.

env, envValueFrom and envFrom have been removed and replaced by global.env and global.envFrom. global.env now puts the configured list directly into the deployment, without modifications as the previous setting used to do. It is now also possible to pass environment variables to only the server or worker with server.env, worker.env, server.envFrom and worker.envFrom.

additionalContainers has been removed and replaced by server.extraContainers and worker.extraContainers. The previous dictionary must now be a list and name is a required property.

initContainers has been removed and replaced by server.initContainers and worker.initContainers. The previous dictionary must now be a list and name is a required property.

volumes and volumeMounts have been renamed to global.volumes and global.volumeMounts. Additionally, server.volumes, worker.volumes, server.volumeMounts and worker.volumeMounts have been added.

replicas has been renamed to server.replicas.

strategy has been renamed to server.deploymentStrategy. worker.strategy has been renamed to worker.deploymentStrategy. global.deploymentStrategy has been added to configure deployment strategy for all authentik deployments.

priorityClassName has been renamed to server.priorityClassName. Also, server.priorityClassName and worker.priorityClassName can be used with global.priorityClassName.

containerSecurityContext has been renamed to server.containerSecurityContext.

livenessProbe, readinessProbe and startupProbe have been renamed to server.livenessProbe, server.readinessProbe and server.startupProbe. Additionally, the enabled option of those has been removed. If you need to disable those, you can do server.readinessProbe: ~ in your values. Also, some defaults have been reworked.

autoscaling.server has been renamed to server.autoscaling and autoscaling.worker has been renamed to worker.autoscaling.

pdb.server has been renamed to server.pdb and pdb.worker has been renamed to worker.pdb.

resources.server has been renamed to server.resources and resources.worker has been renamed to worker.resources.

service has been renamed server.service. Inside the service definition, port has been renamed servicePortHttp, nodePort has been renamed nodePortHttp, name has been renamed to servicePortHttpName, protocol has been removed. A lot of options have been added to customize it.

prometheus.serviceMonitor has been renamed to server.metrics.serviceMonitor. Inside the service monitor definition, create has been renamed to enabled.

prometheus.rules.create has been renamed to prometheus.rules.enabled. Additional options have also been added for more configurability.

ingress has been renamed to server.ingress. Additionally, the hosts key has been replaced by a list of hosts and paths, instead of a stand-in for an ingress definition. Additional keys are now also available for more configurability.

The geoip.image has been broken up into a dictionary following the other images definitions.

The GeoIP image repository has been changed from docker.io/maxmindinc/geoipupdate to ghcr.io/maxmind/geoipupdate. The image version has been ugpraded from 4.8 to 6.0.0

New features

global.additionalLabels has been added for labels to be applied to all resources.

Add global.revisionHistoryLimit for the number of deployment ReplicaSets to retain.

global.podLabels, server.podLabels and worker.podLabels have been added to configure extra labels to add the the deployed pods.

global.addPrometheusAnnotations allows for Prometheus annotations to be added to metrics services. This can be used as an alternative to the ServiceMonitors.

global.securityContext has been added to define pod-level security context for all deployed pods.

global.topologySpreadConstraints has been added to define topology spread constraints rules for all components.

The autoscaling configuration has gained some more configurability. Check out the values.yaml for more information.

server.terminationGracePeriodSeconds has been added and is set to a value of 30 by default.

Add the ability to use an existing secret for GeoIP credentials with geoip.existingSecret.

additionalObjects has been added to allow deploying other Kubernetes objects.

What's Changed

Full Changelog: https://github.com/goauthentik/helm/compare/authentik-2024.2.0-rc2...authentik-2024.2.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [authentik](https://goauthentik.io) ([source](https://github.com/goauthentik/helm)) | major | `2023.10.7` -> `2024.2.3` | --- > ⚠ **Warning** > > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>goauthentik/helm (authentik)</summary> ### [`v2024.2.3`](https://github.com/goauthentik/helm/releases/tag/authentik-2024.2.3) [Compare Source](https://github.com/goauthentik/helm/compare/authentik-2024.2.2...authentik-2024.2.3) authentik is an open-source Identity Provider focused on flexibility and versatility #### What's Changed - authentik: ci: rename values files to run with chart-testing correctly by [@&#8203;wrenix](https://github.com/wrenix) in https://github.com/goauthentik/helm/pull/249 - authentik: ci: add extraContainers testing by [@&#8203;wrenix](https://github.com/wrenix) in https://github.com/goauthentik/helm/pull/248 - authentik: worker deployment: fix volume type for secret blueprints by [@&#8203;sherif-fanous](https://github.com/sherif-fanous) in https://github.com/goauthentik/helm/pull/257 - bump to 2024.2.3 by [@&#8203;BeryJu](https://github.com/BeryJu) in https://github.com/goauthentik/helm/pull/259 #### New Contributors - [@&#8203;sherif-fanous](https://github.com/sherif-fanous) made their first contribution in https://github.com/goauthentik/helm/pull/257 **Full Changelog**: https://github.com/goauthentik/helm/compare/authentik-2024.2.2...authentik-2024.2.3 ### [`v2024.2.2`](https://github.com/goauthentik/helm/releases/tag/authentik-2024.2.2) [Compare Source](https://github.com/goauthentik/helm/compare/authentik-2024.2.1...authentik-2024.2.2) authentik is an open-source Identity Provider focused on flexibility and versatility #### What's Changed - authentik: fix formating error in geoip sidecar by [@&#8203;Schmoaaaaah](https://github.com/Schmoaaaaah) in https://github.com/goauthentik/helm/pull/245 - Bump azure/setup-helm from 3 to 4 by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/goauthentik/helm/pull/246 - authentik: fix extraContainers indentation by [@&#8203;wrenix](https://github.com/wrenix) in https://github.com/goauthentik/helm/pull/250 - bump to 2024.2.2 by [@&#8203;BeryJu](https://github.com/BeryJu) in https://github.com/goauthentik/helm/pull/252 #### New Contributors - [@&#8203;Schmoaaaaah](https://github.com/Schmoaaaaah) made their first contribution in https://github.com/goauthentik/helm/pull/245 - [@&#8203;wrenix](https://github.com/wrenix) made their first contribution in https://github.com/goauthentik/helm/pull/250 **Full Changelog**: https://github.com/goauthentik/helm/compare/authentik-2024.2.1...authentik-2024.2.2 ### [`v2024.2.1`](https://github.com/goauthentik/helm/releases/tag/authentik-2024.2.1) [Compare Source](https://github.com/goauthentik/helm/compare/authentik-2024.2.0...authentik-2024.2.1) authentik is an open-source Identity Provider focused on flexibility and versatility #### What's Changed - authentik: fix additional objects templating by [@&#8203;rissson](https://github.com/rissson) in https://github.com/goauthentik/helm/pull/242 - bump to version 2024.2.1 by [@&#8203;BeryJu](https://github.com/BeryJu) in https://github.com/goauthentik/helm/pull/243 **Full Changelog**: https://github.com/goauthentik/helm/compare/authentik-2024.2.0...authentik-2024.2.1 ### [`v2024.2.0`](https://github.com/goauthentik/helm/releases/tag/authentik-2024.2.0) [Compare Source](https://github.com/goauthentik/helm/compare/authentik-2023.10.7...authentik-2024.2.0) authentik is an open-source Identity Provider focused on flexibility and versatility #### Breaking changes The vendored Bitnami PostgreSQL and Redis Helm charts have been removed and now use upstream versions. The PostgreSQL Helm chart has been updated from 10.16.2 to 12.12.10. The full diff is [here](https://github.com/bitnami/charts/compare/d278c2b6792e02c5f327e96df4f031cab7bc0819..8d740c566cfdb7e2d933c40128b4e919fce953a5) but is quite large. We recommend checking out the [upstream release notes](https://github.com/bitnami/charts/tree/main/bitnami/postgresql#upgrading) for the 11.x.x and 12.x.x upgrades. Among the changes you may be required to do, the `postgresql.persistence` key has been renamed to `postgresql.primary.persistence`, `postgresql.postgresqlPassword` to `postgresql.auth.password`, `postgresql.existingSecret` to `postgresql.auth.existingSecret`. Note that this update does not change the major version of PostgreSQL, so no manual intervention is required on that side. The Redis Helm chart has been updated from 15.7.6 to 18.6.1. The full diff is [here](https://github.com/bitnami/charts/compare/b2a00a67f8512ac9fba37736102b3aac0e586f7b..816f2358c0c582574ade16f849901fe13134e6ac) but is quite large. We recommend checking out the [upstream release notes](https://github.com/bitnami/charts/tree/main/bitnami/redis#upgrading) for the 16.x.x, 17.x.x and 18.x.x upgrades. If you do not have any custom values, no action is required. Not that this upgrades the major Redis version from 6 to 7, and thus no rollback is possible. Ingress versions before `networking.k8s.io/v1` are not supported anymore. `blueprints` has been renamed to `blueprints.configMaps` and `blueprints.secrets` has been added to import blueprints from secrets. `image` has been renamed to `global.image`, and can now be overridden for the server and worker with `server.image` and `worker.image`. `image.pullSecrets` has been renamed to `global.imagePullSecrets`, and can now be overridden for the server and worker with `server.imagePullSecrets` and `worker.imagePullSecrets`. `annotations` has been renamed `global.deploymentAnnotations`, and additional annotations can now be configured for only the server or worker with `server.deploymentAnnotations` and `worker.deploymentAnnotations`. `podAnnotations` has been renamed `global.podAnnotations`, and additional annotations can now be configured for only the server or worker with `server.podAnnotations` and `worker.podAnnotations`. `nodeSelector` has been renamed to `global.nodeSelector`, and can now be overridden for the server and worker with `server.nodeSelector` and `worker.nodeSelector`. `tolerations` has been renamed to `global.tolerations`, and can now be overridden for the server and worker with `server.tolerations` and `worker.tolerations`. `affinity` has been removed and replaced by the reworked `global.affinity` which pre-sets affinity rules. It is possible override those rules for the server and worker with `server.affinity` and `worker.affinity`. `env`, `envValueFrom` and `envFrom` have been removed and replaced by `global.env` and `global.envFrom`. `global.env` now puts the configured list directly into the deployment, without modifications as the previous setting used to do. It is now also possible to pass environment variables to only the server or worker with `server.env`, `worker.env`, `server.envFrom` and `worker.envFrom`. `additionalContainers` has been removed and replaced by `server.extraContainers` and `worker.extraContainers`. The previous dictionary must now be a list and `name` is a required property. `initContainers` has been removed and replaced by `server.initContainers` and `worker.initContainers`. The previous dictionary must now be a list and `name` is a required property. `volumes` and `volumeMounts` have been renamed to `global.volumes` and `global.volumeMounts`. Additionally, `server.volumes`, `worker.volumes`, `server.volumeMounts` and `worker.volumeMounts` have been added. `replicas` has been renamed to `server.replicas`. `strategy` has been renamed to `server.deploymentStrategy`. `worker.strategy` has been renamed to `worker.deploymentStrategy`. `global.deploymentStrategy` has been added to configure deployment strategy for all authentik deployments. `priorityClassName` has been renamed to `server.priorityClassName`. Also, `server.priorityClassName` and `worker.priorityClassName` can be used with `global.priorityClassName`. `containerSecurityContext` has been renamed to `server.containerSecurityContext`. `livenessProbe`, `readinessProbe` and `startupProbe` have been renamed to `server.livenessProbe`, `server.readinessProbe` and `server.startupProbe`. Additionally, the `enabled` option of those has been removed. If you need to disable those, you can do `server.readinessProbe: ~` in your values. Also, some defaults have been reworked. `autoscaling.server` has been renamed to `server.autoscaling` and `autoscaling.worker` has been renamed to `worker.autoscaling`. `pdb.server` has been renamed to `server.pdb` and `pdb.worker` has been renamed to `worker.pdb`. `resources.server` has been renamed to `server.resources` and `resources.worker` has been renamed to `worker.resources`. `service` has been renamed `server.service`. Inside the service definition, `port` has been renamed `servicePortHttp`, `nodePort` has been renamed `nodePortHttp`, `name` has been renamed to `servicePortHttpName`, `protocol` has been removed. A lot of options have been added to customize it. `prometheus.serviceMonitor` has been renamed to `server.metrics.serviceMonitor`. Inside the service monitor definition, `create` has been renamed to `enabled`. `prometheus.rules.create` has been renamed to `prometheus.rules.enabled`. Additional options have also been added for more configurability. `ingress` has been renamed to `server.ingress`. Additionally, the `hosts` key has been replaced by a list of hosts and paths, instead of a stand-in for an ingress definition. Additional keys are now also available for more configurability. The `geoip.image` has been broken up into a dictionary following the other images definitions. The GeoIP image repository has been changed from docker.io/maxmindinc/geoipupdate to ghcr.io/maxmind/geoipupdate. The image version has been ugpraded from 4.8 to 6.0.0 #### New features `global.additionalLabels` has been added for labels to be applied to all resources. Add `global.revisionHistoryLimit` for the number of deployment ReplicaSets to retain. `global.podLabels`, `server.podLabels` and `worker.podLabels` have been added to configure extra labels to add the the deployed pods. `global.addPrometheusAnnotations` allows for Prometheus annotations to be added to metrics services. This can be used as an alternative to the ServiceMonitors. `global.securityContext` has been added to define pod-level security context for all deployed pods. `global.topologySpreadConstraints` has been added to define topology spread constraints rules for all components. The `autoscaling` configuration has gained some more configurability. Check out the values.yaml for more information. `server.terminationGracePeriodSeconds` has been added and is set to a value of 30 by default. Add the ability to use an existing secret for GeoIP credentials with `geoip.existingSecret`. `additionalObjects` has been added to allow deploying other Kubernetes objects. #### What's Changed - authentik chart rework by [@&#8203;rissson](https://github.com/rissson) in https://github.com/goauthentik/helm/pull/230 **Full Changelog**: https://github.com/goauthentik/helm/compare/authentik-2024.2.0-rc2...authentik-2024.2.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDYuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE0Ni4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Renovate force-pushed renovate/authentik-2024.x from 291ac835e3 to b3f8bd6399 2024-02-22 20:02:46 +00:00 Compare
Renovate changed title from feat(helm)!: Update chart authentik to 2024.2.0 to feat(helm)!: Update chart authentik to 2024.2.1 2024-02-22 20:02:49 +00:00
Renovate force-pushed renovate/authentik-2024.x from b3f8bd6399 to af5a50e27b 2024-03-05 00:02:53 +00:00 Compare
Renovate changed title from feat(helm)!: Update chart authentik to 2024.2.1 to feat(helm)!: Update chart authentik to 2024.2.2 2024-03-05 00:02:55 +00:00
Renovate force-pushed renovate/authentik-2024.x from af5a50e27b to b071ab94e4 2024-04-17 15:35:06 +00:00 Compare
Renovate changed title from feat(helm)!: Update chart authentik to 2024.2.2 to feat(helm)!: Update chart authentik to 2024.2.3 2024-04-17 15:35:06 +00:00
SeanOMik merged commit b42c309248 into main 2024-04-19 17:35:08 +00:00
SeanOMik deleted branch renovate/authentik-2024.x 2024-04-19 17:35:08 +00:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Reference: SeanOMik/k3s-cluster#116
No description provided.