diff --git a/bitnami/redis-cluster/CHANGELOG.md b/bitnami/redis-cluster/CHANGELOG.md index 9f60c63532544d..d509dde2008e53 100644 --- a/bitnami/redis-cluster/CHANGELOG.md +++ b/bitnami/redis-cluster/CHANGELOG.md @@ -1,8 +1,12 @@ # Changelog +## 11.2.0 (2024-12-10) + +* [bitnami/redis-cluster] Detect non-standard images ([#30943](https://github.com/bitnami/charts/pull/30943)) + ## 11.1.0 (2024-11-26) -* [bitnami/redis-cluster] feat: Set custom terminationGracePeriodSeconds for redis ([#30470](https://github.com/bitnami/charts/pull/30470)) +* [bitnami/redis-cluster] feat: Set custom terminationGracePeriodSeconds for redis (#30470) ([1cacaa5](https://github.com/bitnami/charts/commit/1cacaa54741ef79e47c8ca402ad97c9dbaa5103d)), closes [#30470](https://github.com/bitnami/charts/issues/30470) ## 11.0.8 (2024-11-11) diff --git a/bitnami/redis-cluster/Chart.lock b/bitnami/redis-cluster/Chart.lock index dec7b218c01e4e..25eac705b16b95 100644 --- a/bitnami/redis-cluster/Chart.lock +++ b/bitnami/redis-cluster/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.27.0 -digest: sha256:b711ab5874abf868a0c64353a790f17771758cee6f802acb9819be004c8460af -generated: "2024-11-11T21:28:00.649064789Z" + version: 2.28.0 +digest: sha256:5b30f0fa07bb89b01c55fd6258c8ce22a611b13623d4ad83e8fdd1d4490adc74 +generated: "2024-12-10T17:26:18.886396+01:00" diff --git a/bitnami/redis-cluster/Chart.yaml b/bitnami/redis-cluster/Chart.yaml index 22a3411d753572..711b6eed0db071 100644 --- a/bitnami/redis-cluster/Chart.yaml +++ b/bitnami/redis-cluster/Chart.yaml @@ -32,4 +32,4 @@ maintainers: name: redis-cluster sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis-cluster -version: 11.1.0 +version: 11.2.0 diff --git a/bitnami/redis-cluster/README.md b/bitnami/redis-cluster/README.md index 31638697e1be89..85974b92fd1ff5 100644 --- a/bitnami/redis-cluster/README.md +++ b/bitnami/redis-cluster/README.md @@ -391,14 +391,15 @@ See [#15075](https://github.com/bitnami/charts/issues/15075) ### Global parameters -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | -| `global.redis.password` | Redis® password (overrides `password`) | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | +| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | +| `global.redis.password` | Redis® password (overrides `password`) | `""` | +| `global.security.allowInsecureImages` | Allows skipping image verification | `false` | +| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | ### Redis® Cluster Common parameters @@ -721,6 +722,10 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading +### To 11.2.0 + +This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850). + ### To 10.0.0 This major bump changes the following security defaults: diff --git a/bitnami/redis-cluster/templates/NOTES.txt b/bitnami/redis-cluster/templates/NOTES.txt index d86968e071640f..83b0d2f41472cf 100644 --- a/bitnami/redis-cluster/templates/NOTES.txt +++ b/bitnami/redis-cluster/templates/NOTES.txt @@ -118,4 +118,5 @@ will be able to connect to redis. {{- end -}} {{- end }} {{- include "common.warnings.resources" (dict "sections" (list "metrics" "redis" "sysctlImage" "updateJob" "volumePermissions") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image .Values.sysctlImage) "context" $) }} \ No newline at end of file +{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image .Values.sysctlImage) "context" $) }} +{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image .Values.sysctlImage) "context" $) }} diff --git a/bitnami/redis-cluster/values.yaml b/bitnami/redis-cluster/values.yaml index 22b2ff425499cf..c474ad39216efd 100644 --- a/bitnami/redis-cluster/values.yaml +++ b/bitnami/redis-cluster/values.yaml @@ -22,6 +22,11 @@ global: imagePullSecrets: [] defaultStorageClass: "" storageClass: "" + ## Security parameters + ## + security: + ## @param global.security.allowInsecureImages Allows skipping image verification + allowInsecureImages: false redis: password: "" ## Compatibility adaptations for Kubernetes platforms