diff --git a/stable/dex/Chart.yaml b/stable/dex/Chart.yaml index 6f12fe88b..da3c41c0f 100644 --- a/stable/dex/Chart.yaml +++ b/stable/dex/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: dex -version: 2.13.5 +version: 2.13.6 appVersion: 2.37.0 description: Dex keywords: diff --git a/stable/dex/charts/dex-controller-v0.12.3.tgz b/stable/dex/charts/dex-controller-v0.12.3.tgz deleted file mode 100644 index 517d85008..000000000 Binary files a/stable/dex/charts/dex-controller-v0.12.3.tgz and /dev/null differ diff --git a/stable/dex/charts/dex-controller-v0.13.0.tgz b/stable/dex/charts/dex-controller-v0.13.0.tgz new file mode 100644 index 000000000..214dcda8a Binary files /dev/null and b/stable/dex/charts/dex-controller-v0.13.0.tgz differ diff --git a/stable/dex/requirements.lock b/stable/dex/requirements.lock index 76fa0f4a3..991ed9fac 100644 --- a/stable/dex/requirements.lock +++ b/stable/dex/requirements.lock @@ -1,6 +1,6 @@ dependencies: - name: dex-controller repository: https://mesosphere.github.io/dex-controller/charts - version: v0.12.3 -digest: sha256:094d107b7ea95a5bb5b2c8a29f8406f0cd834c0af2a0fc1e1f1fa52a96a7d70f -generated: "2023-10-30T10:27:51.405551486+01:00" + version: v0.13.0 +digest: sha256:7a5dec7ccf4527e625f308e630ea0636b817c175e5a127dbd06285e2528cfa97 +generated: "2023-11-03T10:48:43.000043146+01:00" diff --git a/stable/dex/requirements.yaml b/stable/dex/requirements.yaml index 54d8539ef..a04db353c 100644 --- a/stable/dex/requirements.yaml +++ b/stable/dex/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - name: dex-controller - version: v0.12.3 + version: v0.13.0 repository: https://mesosphere.github.io/dex-controller/charts condition: dex-controller.enabled, global.dex-controller.enabled diff --git a/stable/dex/templates/job-pre-upgrade.yaml b/stable/dex/templates/job-pre-upgrade.yaml new file mode 100644 index 000000000..7b2e9e05c --- /dev/null +++ b/stable/dex/templates/job-pre-upgrade.yaml @@ -0,0 +1,72 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: pre-upgrade-job + annotations: + # This is what defines this resource as a hook. Without this line, the + # job is considered part of the release. + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + restartPolicy: OnFailure + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + serviceAccountName: {{ .Release.Name }}-dex-pre-upgrade-hook + containers: + - name: disable-dex-controller + image: "{{ .Values.kubectlImage }}" + command: [ "/bin/sh" ] + args: + - -c + - | + kubectl scale deploy {{ .Release.Name }}-dex-controller -n {{ .Release.Namespace }} --replicas=0 + kubectl wait pod --for=delete -n {{ .Release.Namespace }} -l control-plane={{ .Release.Name }}-dex-controller +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: dex-pre-upgrade-hook + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: ["deployments", "deployments/scale"] + verbs: ["get", "list", "watch", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: dex-pre-upgrade-hook + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: dex-pre-upgrade-hook +subjects: + - kind: ServiceAccount + name: {{ .Release.Name }}-dex-pre-upgrade-hook + namespace: {{ .Release.Namespace }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }}-dex-pre-upgrade-hook + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded