diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..4bb1068 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: daily + time: "00:30" + timezone: Europe/Copenhagen + open-pull-requests-limit: 10 + labels: + - "dependencies" + commit-message: + prefix: "deps:" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f6fe5a7..fd9b226 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,7 +5,7 @@ on: env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} - VERSION: 0.21.1 + VERSION: 0.22.0 jobs: build: diff --git a/README.md b/README.md index dc0dadc..4fbf792 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ This repository contains the following Carvel packages. | [contour](https://github.com/kadras-io/package-for-contour) | An Envoy-based ingress controller that supports dynamic configuration updates and multi-team ingress delegation. | | [crossplane](https://github.com/kadras-io/package-for-crossplane) | A Kubernetes extension that transforms your Kubernetes cluster into a universal control plane. | | [dapr](https://github.com/kadras-io/package-for-dapr) | A Kubernetes extension that provides integrated APIs for communication, state, and workflow. | +| [dependency-track](https://github.com/kadras-io/package-for-dependency-track) | OWASP Dependency Track is a continuous SBOM Analysis Platform for managing software supply chain security risks. | | [developer-portal](https://github.com/kadras-io/package-for-developer-portal) | Kadras Developer Portal, based on Backstage. It supports application developers with paved paths to production on Kubernetes. | | [engineering-platform](https://github.com/kadras-io/engineering-platform) | A curated set of Carvel packages to build an engineering platform supporting application developers with paved paths to production on Kubernetes. | | [flux](https://github.com/kadras-io/package-for-flux) | A continuous deployment solution for Kubernetes, powered by the GitOps Toolkit. | diff --git a/repo/packages/buildpacks-catalog.packages.kadras.io/0.12.2.yml b/repo/packages/buildpacks-catalog.packages.kadras.io/0.12.3.yml similarity index 84% rename from repo/packages/buildpacks-catalog.packages.kadras.io/0.12.2.yml rename to repo/packages/buildpacks-catalog.packages.kadras.io/0.12.3.yml index 2f88b77..4c24710 100644 --- a/repo/packages/buildpacks-catalog.packages.kadras.io/0.12.2.yml +++ b/repo/packages/buildpacks-catalog.packages.kadras.io/0.12.3.yml @@ -2,7 +2,7 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: buildpacks-catalog.packages.kadras.io.0.12.2 + name: buildpacks-catalog.packages.kadras.io.0.12.3 spec: capacityRequirementsDescription: Container registry with at least 1GB available space used by kpack to create builder images. @@ -10,14 +10,14 @@ spec: - Apache 2.0 refName: buildpacks-catalog.packages.kadras.io releaseNotes: https://github.com/kadras-io/buildpacks-catalog/releases - releasedAt: "2024-09-01T12:04:28Z" + releasedAt: "2024-09-23T20:24:21Z" template: spec: deploy: - kapp: {} fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/buildpacks-catalog@sha256:da77ab616261af030c1e22790cc308cb9c50728e038fe112e96640541f67a37e + image: ghcr.io/kadras-io/buildpacks-catalog@sha256:eb9c8b125fc99ea872dd1d1ab8f698632df777ca5367a16b6a615bff4e5bc2e2 template: - ytt: paths: @@ -45,4 +45,4 @@ spec: x-example-description: Repository on GitHub Container Registry type: object type: object - version: 0.12.2 + version: 0.12.3 diff --git a/repo/packages/crossplane.packages.kadras.io/1.17.0.yml b/repo/packages/crossplane.packages.kadras.io/1.17.1.yml similarity index 98% rename from repo/packages/crossplane.packages.kadras.io/1.17.0.yml rename to repo/packages/crossplane.packages.kadras.io/1.17.1.yml index 396aa29..df4e2ec 100644 --- a/repo/packages/crossplane.packages.kadras.io/1.17.0.yml +++ b/repo/packages/crossplane.packages.kadras.io/1.17.1.yml @@ -2,10 +2,10 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: crossplane.packages.kadras.io.1.17.0 + name: crossplane.packages.kadras.io.1.17.1 spec: refName: crossplane.packages.kadras.io - releasedAt: "2024-09-01T09:33:47Z" + releasedAt: "2024-09-23T20:15:58Z" template: spec: deploy: @@ -13,7 +13,7 @@ spec: intoNs: crossplane-system fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-crossplane@sha256:1a45fdca40b3b468b5bb123ecbab56482013de2e20fab48582db37ae6324dac7 + image: ghcr.io/kadras-io/package-for-crossplane@sha256:d9b049032f888539f415b03f1b6f4808527cbeb1f0561e1cbcc43d7e7f049dcf template: - helmTemplate: name: crossplane @@ -374,4 +374,4 @@ spec: type: boolean type: object type: object - version: 1.17.0 + version: 1.17.1 diff --git a/repo/packages/dapr.packages.kadras.io/1.14.1.yml b/repo/packages/dapr.packages.kadras.io/1.14.4.yml similarity index 96% rename from repo/packages/dapr.packages.kadras.io/1.14.1.yml rename to repo/packages/dapr.packages.kadras.io/1.14.4.yml index ff627f3..142bc7e 100644 --- a/repo/packages/dapr.packages.kadras.io/1.14.1.yml +++ b/repo/packages/dapr.packages.kadras.io/1.14.4.yml @@ -2,10 +2,10 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: dapr.packages.kadras.io.1.14.1 + name: dapr.packages.kadras.io.1.14.4 spec: refName: dapr.packages.kadras.io - releasedAt: "2024-09-01T11:34:43Z" + releasedAt: "2024-09-23T20:18:39Z" template: spec: deploy: @@ -13,7 +13,7 @@ spec: intoNs: dapr-system fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-dapr@sha256:8b810aa80d2a5de421fba381c669d9d0015ecb5b2a833255d74280de597a030d + image: ghcr.io/kadras-io/package-for-dapr@sha256:7eba6d689ee0ddc5d378349fbb510723a7a2012a370b9758ac77b59f3f043ca7 template: - helmTemplate: name: dapr @@ -197,7 +197,7 @@ spec: default: "" type: string tag: - default: 1.14.1 + default: 1.14.4 type: string tolerations: default: [] @@ -205,4 +205,4 @@ spec: type: array type: object type: object - version: 1.14.1 + version: 1.14.4 diff --git a/repo/packages/dependency-track.packages.kadras.io/4.11.7.yml b/repo/packages/dependency-track.packages.kadras.io/4.11.7.yml new file mode 100644 index 0000000..144b4e3 --- /dev/null +++ b/repo/packages/dependency-track.packages.kadras.io/4.11.7.yml @@ -0,0 +1,211 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + creationTimestamp: null + name: dependency-track.packages.kadras.io.4.11.7 +spec: + licenses: + - Apache 2.0 + refName: dependency-track.packages.kadras.io + releaseNotes: https://github.com/kadras-io/package-for-dependency-track/releases + releasedAt: "2024-09-23T19:54:51Z" + template: + spec: + deploy: + - kapp: {} + fetch: + - imgpkgBundle: + image: ghcr.io/kadras-io/package-for-dependency-track@sha256:143d73b7a7af4a9e55addb7ae816620e5baaaeaf46c7e157795bc6b6ce5cd6a6 + template: + - ytt: + paths: + - config + - kbld: + paths: + - '-' + - .imgpkg/images.yml + valuesSchema: + openAPIv3: + additionalProperties: false + properties: + api_server: + additionalProperties: false + description: Settings for the API Server component. + properties: + logging: + additionalProperties: false + description: Settings for logging. + properties: + format: + default: console + description: 'Log encoding format. Options: `console`, `json`.' + enum: + - console + - json + type: string + level: + default: info + description: 'Log verbosity level. Options: `trace`, `debug`, `info`, + `warn`, `error`.' + enum: + - trace + - debug + - info + - warn + - error + type: string + type: object + metrics: + additionalProperties: false + description: Settings for metrics. + properties: + enabled: + default: true + description: Whether to enable the generation of Prometheus metrics. + type: boolean + type: object + resources: + additionalProperties: false + description: Resource configuration for the API Server component. + properties: + limits: + additionalProperties: false + properties: + cpu: + default: "4" + description: CPU limits configuration for the API Server component. + type: string + memory: + default: 5Gi + description: Memory limits configuration for the API Server + component. + type: string + type: object + requests: + additionalProperties: false + properties: + cpu: + default: "0.5" + description: CPU requests configuration for the API Server component. + type: string + memory: + default: 5Gi + description: Memory requests configuration for the API Server + component. + type: string + type: object + type: object + storage: + additionalProperties: false + description: Storage configuration for the API Server component. + properties: + class_name: + default: "" + description: Class name for the PersistenceVolume to create. + type: string + size: + default: 1Gi + description: Size of the PersistenceVolume to create. + type: string + type: object + type: object + domain_name: + default: "" + description: Domain name for Dependency Track. It must be a valid DNS name. + minLength: 4 + type: string + frontend: + additionalProperties: false + description: Settings for the Frontend component. + properties: + replicas: + default: 1 + description: The number of Frontend replicas. In order to enable high + availability, it should be greater than 1. + minimum: 1 + type: integer + resources: + additionalProperties: false + description: Resource configuration for the Frontend component. + properties: + limits: + additionalProperties: false + properties: + cpu: + default: 500m + description: CPU limits configuration for the Frontend component. + type: string + memory: + default: 128Mi + description: Memory limits configuration for the Frontend component. + type: string + type: object + requests: + additionalProperties: false + properties: + cpu: + default: 150m + description: CPU requests configuration for the Frontend component. + type: string + memory: + default: 64Mi + description: Memory requests configuration for the Frontend + component. + type: string + type: object + type: object + type: object + ingress_issuer: + default: "" + description: A reference to the ClusterIssuer to use for enabling TLS in + Dependency Track. + example: kadras-ca-issuer + minLength: 4 + type: string + x-example-description: Kadras private CA + postgresql: + additionalProperties: false + description: Settings for the PostgreSQL database. + properties: + instances: + default: 1 + description: Number of instances for the PostgreSQL database cluster. + Define at least 3 for production scenarios. + minimum: 1 + type: integer + storage: + additionalProperties: false + description: Storage configuration for each PostgreSQL instance. + properties: + size: + default: 1Gi + description: Size of the PersistenceVolume to create for each PostgreSQL + instance. + type: string + type: object + type: object + proxy: + additionalProperties: false + description: Settings for the corporate proxy. + properties: + http_proxy: + default: "" + description: The HTTP proxy to use for network traffic. + type: string + https_proxy: + default: "" + description: The HTTPS proxy to use for network traffic. + type: string + no_proxy: + default: "" + description: A comma-separated list of hostnames, IP addresses, or IP + ranges in CIDR format that should not use the proxy. + type: string + type: object + system_requirement_check: + default: true + description: Whether Dependency Track will check for memory and CPU requirements + at startup time. + type: boolean + type: object + version: 4.11.7 diff --git a/repo/packages/dependency-track.packages.kadras.io/metadata.yml b/repo/packages/dependency-track.packages.kadras.io/metadata.yml new file mode 100644 index 0000000..972b733 --- /dev/null +++ b/repo/packages/dependency-track.packages.kadras.io/metadata.yml @@ -0,0 +1,25 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: PackageMetadata +metadata: + creationTimestamp: null + name: dependency-track.packages.kadras.io +spec: + categories: + - supply-chain + - security + displayName: dependency-track + longDescription: Dependency-Track is an intelligent Component Analysis platform + that allows organizations to identify and reduce risk in the software supply chain. + Dependency-Track takes a unique and highly beneficial approach by leveraging the + capabilities of Software Bill of Materials (SBOM). This approach provides capabilities + that traditional Software Composition Analysis (SCA) solutions cannot achieve. + Dependency-Track monitors component usage across all versions of every application + in its portfolio in order to proactively identify risk across an organization. + The platform has an API-first design and is ideal for use in CI/CD environments. + maintainers: + - name: Thomas Vitale + providerName: Kadras + shortDescription: Dependency Track is a continuous SBOM Analysis Platform for managing + software supply chain security risks. + supportDescription: Go to https://kadras.io for documentation and https://github.com/kadras-io/package-for-dependency-track + for community support. diff --git a/repo/packages/developer-portal.packages.kadras.io/0.2.0.yml b/repo/packages/developer-portal.packages.kadras.io/0.2.1.yml similarity index 99% rename from repo/packages/developer-portal.packages.kadras.io/0.2.0.yml rename to repo/packages/developer-portal.packages.kadras.io/0.2.1.yml index 12656c6..183952f 100644 --- a/repo/packages/developer-portal.packages.kadras.io/0.2.0.yml +++ b/repo/packages/developer-portal.packages.kadras.io/0.2.1.yml @@ -2,10 +2,10 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: developer-portal.packages.kadras.io.0.2.0 + name: developer-portal.packages.kadras.io.0.2.1 spec: refName: developer-portal.packages.kadras.io - releasedAt: "2024-09-04T20:13:56Z" + releasedAt: "2024-09-23T21:54:36Z" template: spec: deploy: @@ -13,7 +13,7 @@ spec: intoNs: backstage fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-developer-portal@sha256:bba95a6db03035df6717ada8ee92edeba3dd0a8af160fe7716a7c0c9bb845594 + image: ghcr.io/kadras-io/package-for-developer-portal@sha256:8fa3db6827f3e21b5b8988fe038a85f1e7ce4246b6e02ac4f2aa006254e1e499 template: - helmTemplate: name: backstage @@ -552,4 +552,4 @@ spec: type: string type: object type: object - version: 0.2.0 + version: 0.2.1 diff --git a/repo/packages/engineering-platform.packages.kadras.io/0.19.1.yml b/repo/packages/engineering-platform.packages.kadras.io/0.20.0.yml similarity index 97% rename from repo/packages/engineering-platform.packages.kadras.io/0.19.1.yml rename to repo/packages/engineering-platform.packages.kadras.io/0.20.0.yml index 3a78055..b6db0bf 100644 --- a/repo/packages/engineering-platform.packages.kadras.io/0.19.1.yml +++ b/repo/packages/engineering-platform.packages.kadras.io/0.20.0.yml @@ -2,20 +2,20 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: engineering-platform.packages.kadras.io.0.19.1 + name: engineering-platform.packages.kadras.io.0.20.0 spec: licenses: - Apache 2.0 refName: engineering-platform.packages.kadras.io releaseNotes: https://github.com/kadras-io/kadras-engineering-platform/releases - releasedAt: "2024-09-04T22:00:35Z" + releasedAt: "2024-09-23T22:00:31Z" template: spec: deploy: - kapp: {} fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:08b77e7914691ff2c73eb58b35b363be115b05e269bc38cc63e36aef3a60c557 + image: ghcr.io/kadras-io/kadras-engineering-platform@sha256:c8a22a9c24ccecd237a78a3ced5e0a514394d92628bba5b2ec5450c25b07984c template: - ytt: paths: @@ -57,6 +57,10 @@ spec: default: {} description: Configuration for the Dapr package. nullable: true + dependency_track: + default: {} + description: Configuration for the Dependency Track package. + nullable: true developer_portal: default: {} description: Configuration for the Developer Portal package. @@ -291,4 +295,4 @@ spec: description: Configuration for the Workspace Provisioner package. nullable: true type: object - version: 0.19.1 + version: 0.20.0 diff --git a/repo/packages/rabbitmq-operator.packages.kadras.io/2.9.0.yml b/repo/packages/rabbitmq-operator.packages.kadras.io/2.10.0.yml similarity index 85% rename from repo/packages/rabbitmq-operator.packages.kadras.io/2.9.0.yml rename to repo/packages/rabbitmq-operator.packages.kadras.io/2.10.0.yml index 761ac6c..1c3aa5b 100644 --- a/repo/packages/rabbitmq-operator.packages.kadras.io/2.9.0.yml +++ b/repo/packages/rabbitmq-operator.packages.kadras.io/2.10.0.yml @@ -2,20 +2,20 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: rabbitmq-operator.packages.kadras.io.2.9.0 + name: rabbitmq-operator.packages.kadras.io.2.10.0 spec: licenses: - Apache 2.0 refName: rabbitmq-operator.packages.kadras.io releaseNotes: https://github.com/kadras-io/package-for-rabbitmq-operator/releases - releasedAt: "2024-05-17T20:24:16Z" + releasedAt: "2024-09-23T20:46:02Z" template: spec: deploy: - kapp: {} fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:00f0e8a73570f541d48cdb7ccb5dce7fd1d83c6cc443fe44181192c84d386f6d + image: ghcr.io/kadras-io/package-for-rabbitmq-operator@sha256:0adbb83cb98b60c425f6955c73f9aae37f0f032b34981d040a14fccc50056714 template: - ytt: paths: @@ -41,4 +41,4 @@ spec: type: string type: object type: object - version: 2.9.0 + version: 2.10.0 diff --git a/repo/packages/secretgen-controller.packages.kadras.io/0.18.0.yml b/repo/packages/secretgen-controller.packages.kadras.io/0.18.1.yml similarity index 80% rename from repo/packages/secretgen-controller.packages.kadras.io/0.18.0.yml rename to repo/packages/secretgen-controller.packages.kadras.io/0.18.1.yml index 07d73b2..d062179 100644 --- a/repo/packages/secretgen-controller.packages.kadras.io/0.18.0.yml +++ b/repo/packages/secretgen-controller.packages.kadras.io/0.18.1.yml @@ -2,13 +2,13 @@ apiVersion: data.packaging.carvel.dev/v1alpha1 kind: Package metadata: creationTimestamp: null - name: secretgen-controller.packages.kadras.io.0.18.0 + name: secretgen-controller.packages.kadras.io.0.18.1 spec: licenses: - Apache 2.0 refName: secretgen-controller.packages.kadras.io releaseNotes: https://github.com/kadras-io/package-for-secretgen-controller/releases - releasedAt: "2024-05-17T19:20:43Z" + releasedAt: "2024-09-23T19:59:51Z" template: spec: deploy: @@ -19,7 +19,7 @@ spec: - --kube-api-burst=100 fetch: - imgpkgBundle: - image: ghcr.io/kadras-io/package-for-secretgen-controller@sha256:f4f86de9b8a0d9c36bbf52af4e9def5e0a23d2430f1716a80734300a0bd9f3fb + image: ghcr.io/kadras-io/package-for-secretgen-controller@sha256:f041a9b19a252e03ab5e8d6070a7aaacd3422a269e3c01e35a615e1fa67232c3 template: - ytt: paths: @@ -32,4 +32,4 @@ spec: openAPIv3: default: null nullable: true - version: 0.18.0 + version: 0.18.1