diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9d48d50..a3b2d61 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,6 +18,6 @@ jobs: registry-server: ghcr.io registry-username: ${{ github.actor }} image: ${{ github.repository }} - version: 0.6.4 + version: 0.7.0 secrets: pull-request-token: ${{ secrets.GH_ORG_PAT }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8d1717d..5a79ea9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: name: Integration Tests strategy: matrix: - k8s_version: [v1.26, v1.27, v1.28] + k8s_version: [v1.27, v1.28, v1.29] permissions: contents: read uses: kadras-io/github-reusable-workflows/.github/workflows/carvel-package-test-integration.yml@main diff --git a/Makefile b/Makefile index 1c426c2..5ba5c07 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -K8S_VERSION=v1.28 +K8S_VERSION=v1.29 # Build package configuration build: package diff --git a/README.md b/README.md index d83c8a1..fc107cb 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ A Carvel package for [Metrics Server](https://github.com/kubernetes-sigs/metrics ### Prerequisites -* Kubernetes 1.26+ +* Kubernetes 1.27+ * Carvel [`kctrl`](https://carvel.dev/kapp-controller/docs/latest/install/#installing-kapp-controller-cli-kctrl) CLI. * Carvel [kapp-controller](https://carvel.dev/kapp-controller) deployed in your Kubernetes cluster. You can install it with Carvel [`kapp`](https://carvel.dev/kapp/docs/latest/install) (recommended choice) or `kubectl`. diff --git a/package/config/overlays/deployment.yml b/package/config/overlays/deployment.yml index e627e5c..55d7d81 100644 --- a/package/config/overlays/deployment.yml +++ b/package/config/overlays/deployment.yml @@ -27,7 +27,7 @@ spec: containers: #@overlay/match by=overlay.subset({"name": "metrics-server"}) - args: - #@overlay/match by=overlay.subset("--secure-port=4443") + #@overlay/match by=overlay.subset("--secure-port=10250") - #@ "--secure-port=" + str(data.values.metricsServer.config.securePort) #@overlay/append - --kubelet-insecure-tls diff --git a/package/config/overlays/namespace.yml b/package/config/overlays/namespace.yml index a7a0748..e964be9 100644 --- a/package/config/overlays/namespace.yml +++ b/package/config/overlays/namespace.yml @@ -6,7 +6,7 @@ #@ if hasattr(data.values.metricsServer, 'namespace') and data.values.metricsServer.namespace: #@ metricsServerNamespace = data.values.metricsServer.namespace #@ else: -#@ metricsServerNamespace = data.values.namespace +#@ metricsServerNamespace = data.values.namespace #@ end #@ if data.values.metricsServer.createNamespace: diff --git a/package/config/upstream/components.yaml b/package/config/upstream/components.yaml index 49cb487..03bf859 100644 --- a/package/config/upstream/components.yaml +++ b/package/config/upstream/components.yaml @@ -133,11 +133,11 @@ spec: containers: - args: - --cert-dir=/tmp - - --secure-port=4443 + - --secure-port=10250 - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname - --kubelet-use-node-status-port - --metric-resolution=15s - image: registry.k8s.io/metrics-server/metrics-server:v0.6.4 + image: registry.k8s.io/metrics-server/metrics-server:v0.7.0 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -148,7 +148,7 @@ spec: periodSeconds: 10 name: metrics-server ports: - - containerPort: 4443 + - containerPort: 10250 name: https protocol: TCP readinessProbe: @@ -165,9 +165,14 @@ spec: memory: 200Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /tmp name: tmp-dir diff --git a/package/vendir.lock.yml b/package/vendir.lock.yml index bd72cf5..adf6e0c 100644 --- a/package/vendir.lock.yml +++ b/package/vendir.lock.yml @@ -2,8 +2,8 @@ apiVersion: vendir.k14s.io/v1alpha1 directories: - contents: - githubRelease: - tag: v0.6.4 - url: https://api.github.com/repos/kubernetes-sigs/metrics-server/releases/113485257 + tag: v0.7.0 + url: https://api.github.com/repos/kubernetes-sigs/metrics-server/releases/137632772 path: . path: config/upstream kind: LockConfig diff --git a/package/vendir.yml b/package/vendir.yml index 12431f0..491d0f7 100644 --- a/package/vendir.yml +++ b/package/vendir.yml @@ -4,7 +4,7 @@ directories: - githubRelease: disableAutoChecksumValidation: true slug: kubernetes-sigs/metrics-server - tag: v0.6.4 + tag: v0.7.0 includePaths: - components.yaml path: . diff --git a/test/setup/kind/v1.27/kind-config.yml b/test/setup/kind/v1.27/kind-config.yml index 4cc978d..36a8d8a 100644 --- a/test/setup/kind/v1.27/kind-config.yml +++ b/test/setup/kind/v1.27/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.27.3 + image: kindest/node:v1.27.11 - role: worker - image: kindest/node:v1.27.3 + image: kindest/node:v1.27.11 diff --git a/test/setup/kind/v1.28/kind-config.yml b/test/setup/kind/v1.28/kind-config.yml index 766d7ed..8c67fca 100644 --- a/test/setup/kind/v1.28/kind-config.yml +++ b/test/setup/kind/v1.28/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.28.0 + image: kindest/node:v1.28.7 - role: worker - image: kindest/node:v1.28.0 + image: kindest/node:v1.28.7 diff --git a/test/setup/kind/v1.26/kind-config.yml b/test/setup/kind/v1.29/kind-config.yml similarity index 61% rename from test/setup/kind/v1.26/kind-config.yml rename to test/setup/kind/v1.29/kind-config.yml index 10ec400..8dea726 100644 --- a/test/setup/kind/v1.26/kind-config.yml +++ b/test/setup/kind/v1.29/kind-config.yml @@ -3,6 +3,6 @@ kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 nodes: - role: control-plane - image: kindest/node:v1.26.6 + image: kindest/node:v1.29.2 - role: worker - image: kindest/node:v1.26.6 + image: kindest/node:v1.29.2