You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
MINOR: artifacthub: add missing Artifact Hub annotations to all charts
Add the following annotations where absent across all three charts:
- artifacthub.io/category: networking
- artifacthub.io/images (main container image pinned to appVersion)
- artifacthub.io/license: Apache-2.0
- artifacthub.io/links (support link -> GitHub Issues)
- artifacthub.io/operator: "true" (kubernetes-ingress, haproxy-unified-gateway)
- artifacthub.io/operatorCapabilities: full lifecycle (same two charts)
The plain haproxy chart is a workload deployment, not a controller, so
operator/operatorCapabilities are intentionally omitted there.
Also fix three artifacthub.io/changes entries in kubernetes-ingress that
contained ": " mid-text (README:, Upgrade note:, Behaviour change:),
causing the YAML parser to produce dicts instead of strings and Artifact
Hub to reject them with "invalid change: description not provided". The
entries are now wrapped in double quotes within the block literal.
Signed-off-by: Dinko Korunic <dkorunic@haproxy.com>
artifacthub.io/operatorCapabilities: full lifecycle
33
43
artifacthub.io/changes: |-
34
44
- Fix CRD pre-upgrade hook Job failing when the controller ServiceAccount name changes across upgrades (e.g. with --reset-values from a chart version where the fullname template produced a different name). The Job now uses a dedicated ServiceAccount + ClusterRole + ClusterRoleBinding created as pre-upgrade hooks (weight -5) so RBAC materialises before the Job (weight 0) in the same hook phase. New resources gated on rbac.create; least-privilege scope (customresourcedefinitions only). When rbac.create=false the Job falls back to the controller SA as before.
35
45
- Fail at template render when controller.{serviceMonitor,podMonitor}.enabled=true but controller.prometheus.enabled=false (the controller would not expose /metrics)
@@ -39,16 +49,16 @@ annotations:
39
49
- Fix blank line in controller-service.yaml spec when controller.service.clusterIP is unset
40
50
- Normalise extraLabels rendering in ServiceMonitor and PodMonitor to match the chart's `{{- toYaml ... | nindent N }}` convention
41
51
- Remove explicit serviceAccount.automountServiceAccountToken=true default from values.yaml; chart now defers to Kubernetes default (still true). Set the value explicitly to override
42
-
- README: correct Kubernetes version requirement (1.23+, not 1.22+); fix gateway-controller-name installation example to use controller.kubernetesGateway.{enabled,gatewayControllerName}; drop stale chart version from OCI install example
52
+
- "README: correct Kubernetes version requirement (1.23+, not 1.22+); fix gateway-controller-name installation example to use controller.kubernetesGateway.{enabled,gatewayControllerName}; drop stale chart version from OCI install example"
43
53
- Drop dead semverCompare branches for K8s <1.23 across HPA, PDB, IngressClass, Service, proxy Service, CRD job, and the emptyDir Memory medium gate in _podspec.tpl
44
54
- controller-defaultcertsecret.yaml now uses helm lookup to reuse an existing default cert across install retries instead of regenerating it
45
55
- controller-configmap.yaml elides empty data block when controller.config and controller.logging.traffic are both unset
46
56
- controller-proxy-service.yaml label parsing uses splitn (no longer breaks on values containing colons; computes once)
47
57
- Container-level securityContext no longer duplicates runAsNonRoot/User/Group (now inherited from pod-level); same rendered semantics
48
58
- clusterrole.yaml resource quoting normalised to "*" with 4-space indent throughout
49
-
- crdjob name no longer includes .Release.Revision; the before-hook-creation delete policy already handles cleanup. Upgrade note: the old revision-suffixed Job from the prior release will remain in-cluster until manually deleted
59
+
- "crdjob name no longer includes .Release.Revision; the before-hook-creation delete policy already handles cleanup. Upgrade note: the old revision-suffixed Job from the prior release will remain in-cluster until manually deleted"
50
60
- values.yaml comments clarify topologySpreadConstraints DaemonSet behavior and probe port 1042 origin
51
-
- Decouple --prometheus and --pprof from controller.service.enablePorts.admin via new controller.prometheus.enabled and controller.pprof.enabled toggles (both default true). Behaviour change: users who set enablePorts.admin=false to disable Prometheus/pprof must now also set the new toggles. See README for migration notes.
61
+
- "Decouple --prometheus and --pprof from controller.service.enablePorts.admin via new controller.prometheus.enabled and controller.pprof.enabled toggles (both default true). Behaviour change: users who set enablePorts.admin=false to disable Prometheus/pprof must now also set the new toggles. See README for migration notes."
52
62
- Extract shared pod template spec into _podspec.tpl partial; controller-{deployment,daemonset,proxy-deployment}.yaml now ~60 lines each (was ~300+). Same rendered output for Deployment and DaemonSet modes. Proxy-mode pod now also honors serviceAccount.automountServiceAccountToken, controller.extraEnvFrom, and controller.sysctls (previously omitted by oversight)
53
63
- Fix --quic-announce-port hard-wired to service.ports.https; auto-derive from topology (useHostNetwork/useHostPort) or override via controller.quic.announcePort
54
64
- Remove dead defaultBackend.* helpers and ci values left over from the v1.x in-controller default-backend migration
0 commit comments