feat(helm-chart)!: Update Helm release authentik to 2024.2.1 #1980
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2023.10.4
->2024.2.1
Release Notes
goauthentik/helm (authentik)
v2024.2.1
Compare Source
authentik is an open-source Identity Provider focused on flexibility and versatility
What's Changed
Full Changelog: goauthentik/helm@authentik-2024.2.0...authentik-2024.2.1
v2024.2.0
Compare Source
authentik is an open-source Identity Provider focused on flexibility and versatility
Breaking changes
The vendored Bitnami PostgreSQL and Redis Helm charts have been removed and now use upstream versions.
The PostgreSQL Helm chart has been updated from 10.16.2 to 12.12.10. The full diff is here but is quite large. We recommend checking out the upstream release notes for the 11.x.x and 12.x.x upgrades. Among the changes you may be required to do, the
postgresql.persistence
key has been renamed topostgresql.primary.persistence
,postgresql.postgresqlPassword
topostgresql.auth.password
,postgresql.existingSecret
topostgresql.auth.existingSecret
. Note that this update does not change the major version of PostgreSQL, so no manual intervention is required on that side.The Redis Helm chart has been updated from 15.7.6 to 18.6.1. The full diff is here but is quite large. We recommend checking out the upstream release notes for the 16.x.x, 17.x.x and 18.x.x upgrades. If you do not have any custom values, no action is required. Not that this upgrades the major Redis version from 6 to 7, and thus no rollback is possible.
Ingress versions before
networking.k8s.io/v1
are not supported anymore.blueprints
has been renamed toblueprints.configMaps
andblueprints.secrets
has been added to import blueprints from secrets.image
has been renamed toglobal.image
, and can now be overridden for the server and worker withserver.image
andworker.image
.image.pullSecrets
has been renamed toglobal.imagePullSecrets
, and can now be overridden for the server and worker withserver.imagePullSecrets
andworker.imagePullSecrets
.annotations
has been renamedglobal.deploymentAnnotations
, and additional annotations can now be configured for only the server or worker withserver.deploymentAnnotations
andworker.deploymentAnnotations
.podAnnotations
has been renamedglobal.podAnnotations
, and additional annotations can now be configured for only the server or worker withserver.podAnnotations
andworker.podAnnotations
.nodeSelector
has been renamed toglobal.nodeSelector
, and can now be overridden for the server and worker withserver.nodeSelector
andworker.nodeSelector
.tolerations
has been renamed toglobal.tolerations
, and can now be overridden for the server and worker withserver.tolerations
andworker.tolerations
.affinity
has been removed and replaced by the reworkedglobal.affinity
which pre-sets affinity rules. It is possible override those rules for the server and worker withserver.affinity
andworker.affinity
.env
,envValueFrom
andenvFrom
have been removed and replaced byglobal.env
andglobal.envFrom
.global.env
now puts the configured list directly into the deployment, without modifications as the previous setting used to do. It is now also possible to pass environment variables to only the server or worker withserver.env
,worker.env
,server.envFrom
andworker.envFrom
.additionalContainers
has been removed and replaced byserver.extraContainers
andworker.extraContainers
. The previous dictionary must now be a list andname
is a required property.initContainers
has been removed and replaced byserver.initContainers
andworker.initContainers
. The previous dictionary must now be a list andname
is a required property.volumes
andvolumeMounts
have been renamed toglobal.volumes
andglobal.volumeMounts
. Additionally,server.volumes
,worker.volumes
,server.volumeMounts
andworker.volumeMounts
have been added.replicas
has been renamed toserver.replicas
.strategy
has been renamed toserver.deploymentStrategy
.worker.strategy
has been renamed toworker.deploymentStrategy
.global.deploymentStrategy
has been added to configure deployment strategy for all authentik deployments.priorityClassName
has been renamed toserver.priorityClassName
. Also,server.priorityClassName
andworker.priorityClassName
can be used withglobal.priorityClassName
.containerSecurityContext
has been renamed toserver.containerSecurityContext
.livenessProbe
,readinessProbe
andstartupProbe
have been renamed toserver.livenessProbe
,server.readinessProbe
andserver.startupProbe
. Additionally, theenabled
option of those has been removed. If you need to disable those, you can doserver.readinessProbe: ~
in your values. Also, some defaults have been reworked.autoscaling.server
has been renamed toserver.autoscaling
andautoscaling.worker
has been renamed toworker.autoscaling
.pdb.server
has been renamed toserver.pdb
andpdb.worker
has been renamed toworker.pdb
.resources.server
has been renamed toserver.resources
andresources.worker
has been renamed toworker.resources
.service
has been renamedserver.service
. Inside the service definition,port
has been renamedservicePortHttp
,nodePort
has been renamednodePortHttp
,name
has been renamed toservicePortHttpName
,protocol
has been removed. A lot of options have been added to customize it.prometheus.serviceMonitor
has been renamed toserver.metrics.serviceMonitor
. Inside the service monitor definition,create
has been renamed toenabled
.prometheus.rules.create
has been renamed toprometheus.rules.enabled
. Additional options have also been added for more configurability.ingress
has been renamed toserver.ingress
. Additionally, thehosts
key has been replaced by a list of hosts and paths, instead of a stand-in for an ingress definition. Additional keys are now also available for more configurability.The
geoip.image
has been broken up into a dictionary following the other images definitions.The GeoIP image repository has been changed from docker.io/maxmindinc/geoipupdate to ghcr.io/maxmind/geoipupdate. The image version has been ugpraded from 4.8 to 6.0.0
New features
global.additionalLabels
has been added for labels to be applied to all resources.Add
global.revisionHistoryLimit
for the number of deployment ReplicaSets to retain.global.podLabels
,server.podLabels
andworker.podLabels
have been added to configure extra labels to add the the deployed pods.global.addPrometheusAnnotations
allows for Prometheus annotations to be added to metrics services. This can be used as an alternative to the ServiceMonitors.global.securityContext
has been added to define pod-level security context for all deployed pods.global.topologySpreadConstraints
has been added to define topology spread constraints rules for all components.The
autoscaling
configuration has gained some more configurability. Check out the values.yaml for more information.server.terminationGracePeriodSeconds
has been added and is set to a value of 30 by default.Add the ability to use an existing secret for GeoIP credentials with
geoip.existingSecret
.additionalObjects
has been added to allow deploying other Kubernetes objects.What's Changed
Full Changelog: goauthentik/helm@authentik-2024.2.0-rc2...authentik-2024.2.0
v2023.10.7
Compare Source
authentik is an open-source Identity Provider focused on flexibility and versatility
What's Changed
Full Changelog: goauthentik/helm@authentik-2023.10.6...authentik-2023.10.7
v2023.10.6
Compare Source
authentik is an open-source Identity Provider focused on flexibility and versatility
What's Changed
Full Changelog: goauthentik/helm@authentik-2023.10.5...authentik-2023.10.6
v2023.10.5
Compare Source
authentik is an open-source Identity Provider focused on flexibility and versatility
What's Changed
Full Changelog: goauthentik/helm@authentik-2023.10.4...authentik-2023.10.5
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.