Skip to content

Commit

Permalink
stable/feeds: Update to Enterprise v5.5.0 (#374)
Browse files Browse the repository at this point in the history 
* add 5.5.0 configs
* add service annotations
* bump chart version
* update readme
* update test snapshots

---------

Signed-off-by: Brady Todhunter <[email protected]>
  • Loading branch information
@Btodhunter
Btodhunter authored May 1, 2024
1 parent f4713e5 commit 28ef4d9
Show file tree
Hide file tree
Showing 9 changed files with 143 additions and 11 deletions.
4 changes: 2 additions & 2 deletions stable/feeds/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v2
name: feeds
type: application
version: "2.4.3"
appVersion: "5.4.1"
version: "2.5.0"
appVersion: "5.5.0"
kubeVersion: 1.23.x - 1.27.x || 1.23.x-x - 1.29.x-x
description: Anchore feeds service
keywords:
Expand Down
24 changes: 22 additions & 2 deletions stable/feeds/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@ anchoreConfig:
| `url` | Set a custom feeds URL. Useful when using a feeds service endpoint that is external from the cluster. | `""` |
| `fullnameOverride` | overrides the fullname set on resources | `""` |
| `nameOverride` | overrides the name set on resources | `""` |
| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.4.1` |
| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.5.0` |
| `imagePullPolicy` | Image pull policy used by all deployments | `IfNotPresent` |
| `imagePullSecretName` | Name of Docker credentials secret for access to private repos | `anchore-enterprise-pullcreds` |
| `serviceAccountName` | Name of a service account used to run all Feeds pods | `""` |
Expand Down Expand Up @@ -373,7 +373,22 @@ anchoreConfig:
| Name | Description | Value |
| -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| `anchoreConfig.service_dir` | Path to directory where default Anchore configs are placed at startup | `/anchore_service` |
| `anchoreConfig.log_level` | The log level for Anchore services | `INFO` |
| `anchoreConfig.log_level` | The log level for Anchore services: NOTE: This is deprecated, use logging.log_level | `INFO` |
| `anchoreConfig.logging.colored_logging` | Enable colored output in the logs | `false` |
| `anchoreConfig.logging.exception_backtrace_logging` | Enable stack traces in the logs | `false` |
| `anchoreConfig.logging.exception_diagnose_logging` | Enable detailed exception information in the logs | `false` |
| `anchoreConfig.logging.file_rotation_rule` | Maximum size of a log file before it is rotated | `10 MB` |
| `anchoreConfig.logging.file_retention_rule` | Number of log files to retain before deleting the oldest | `10` |
| `anchoreConfig.logging.log_level` | Log level for the service code | `INFO` |
| `anchoreConfig.logging.server_access_logging` | Set whether to print server access to logging | `true` |
| `anchoreConfig.logging.server_response_debug_logging` | Log the elapsed time to process the request and the response size (debug log level) | `false` |
| `anchoreConfig.logging.server_log_level` | Log level specifically for the server (uvicorn) | `info` |
| `anchoreConfig.logging.structured_logging` | Enable structured logging output (JSON) | `false` |
| `anchoreConfig.server.max_connection_backlog` | Max connections permitted in the backlog before dropping | `2048` |
| `anchoreConfig.server.max_wsgi_middleware_worker_queue_size` | Max number of requests to queue for processing by ASGI2WSGI middleware | `100` |
| `anchoreConfig.server.max_wsgi_middleware_worker_count` | Max number of workers to have in the ASGI2WSGI middleware worker pool | `50` |
| `anchoreConfig.server.timeout_graceful_shutdown` | Seconds to permit for graceful shutdown or false to disable | `false` |
| `anchoreConfig.server.timeout_keep_alive` | Seconds to keep a connection alive before closing | `5` |
| `anchoreConfig.keys.secret` | The shared secret used for signing & encryption, auto-generated by Helm if not set | `""` |
| `anchoreConfig.keys.privateKeyFileName` | The file name of the private key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName | `""` |
| `anchoreConfig.keys.publicKeyFileName` | The file name of the public key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName | `""` |
Expand Down Expand Up @@ -487,6 +502,11 @@ For the latest updates and features in Anchore Enterprise, see the official [Rel
- **Minor Chart Version Change (e.g., v0.1.2 -> v0.2.0)**: Indicates a significant change to the deployment that does not require manual intervention.
- **Patch Chart Version Change (e.g., v0.1.2 -> v0.1.3)**: Indicates a backwards-compatible bug fix or documentation update.
### v2.5.x
- Update Anchore Feeds image to v5.5.0. See the [Release Notes](https://docs.anchore.com/current/docs/releasenotes/550/) for more information.
- Added support for service specific annotations.
### v2.4.0
- Update Anchore Feeds image to v5.4.0. See the [Release Notes](https://docs.anchore.com/current/docs/releasenotes/540/) for more information.
Expand Down
8 changes: 7 additions & 1 deletion stable/feeds/files/default_config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
service_dir: ${ANCHORE_SERVICE_DIR}
tmp_dir: ${ANCHORE_FEEDS_TMP_DIR}
log_level: ${ANCHORE_LOG_LEVEL}
log_level: ${ANCHORE_LOG_LEVEL} # Deprecated - prefer use of logging.log_level

logging:
{{- toYaml .Values.anchoreConfig.logging | nindent 2 }}

server:
{{- toYaml .Values.anchoreConfig.server | nindent 2 }}

host_id: "${ANCHORE_HOST_ID}"
internal_ssl_verify: ${ANCHORE_INTERNAL_SSL_VERIFY}
Expand Down
16 changes: 16 additions & 0 deletions stable/feeds/templates/_common.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,22 @@ Common annotations
{{- end }}
{{- end -}}

{{/*
Service annotations
*/}}
{{- define "feeds.service.annotations" -}}
{{- if and (not .nil) (not .Values.service.annotations) (not .Values.annotations) }}
{{- print "{}" }}
{{- else }}
{{- with .Values.service.annotations }}
{{ toYaml . }}
{{- end }}
{{- with .Values.annotations }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{- end -}}

{{/*
Setup a container for the cloudsql proxy to run in all pods when .Values.cloudsql.enabled = true
*/}}
Expand Down
2 changes: 1 addition & 1 deletion stable/feeds/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -185,7 +185,7 @@ metadata:
name: {{ template "feeds.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "feeds.common.labels" . | nindent 4 }}
annotations: {{- include "feeds.common.annotations" . | nindent 4 }}
annotations: {{- include "feeds.service.annotations" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
selector: {{- include "feeds.common.matchLabels" . | nindent 4 }}
Expand Down
21 changes: 20 additions & 1 deletion stable/feeds/tests/__snapshot__/configmap_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,26 @@ should render the configmaps:
#
service_dir: ${ANCHORE_SERVICE_DIR}
tmp_dir: ${ANCHORE_FEEDS_TMP_DIR}
log_level: ${ANCHORE_LOG_LEVEL}
log_level: ${ANCHORE_LOG_LEVEL} # Deprecated - prefer use of logging.log_level

logging:
colored_logging: false
exception_backtrace_logging: false
exception_diagnose_logging: false
file_retention_rule: 10
file_rotation_rule: 10 MB
log_level: INFO
server_access_logging: true
server_log_level: info
server_response_debug_logging: false
structured_logging: false

server:
max_connection_backlog: 2048
max_wsgi_middleware_worker_count: 50
max_wsgi_middleware_worker_queue_size: 100
timeout_graceful_shutdown: false
timeout_keep_alive: 5

host_id: "${ANCHORE_HOST_ID}"
internal_ssl_verify: ${ANCHORE_INTERNAL_SSL_VERIFY}
Expand Down
2 changes: 1 addition & 1 deletion stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,6 @@ should render proper initContainers:
value: test-release-feeds.test-namespace.svc.cluster.local
- name: ANCHORE_PORT
value: "8448"
image: docker.io/anchore/enterprise:v5.4.1
image: docker.io/anchore/enterprise:v5.5.0
imagePullPolicy: IfNotPresent
name: wait-for-db
35 changes: 35 additions & 0 deletions stable/feeds/tests/common_helpers_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,41 @@ tests:
foo: bar
bar: baz

- it: should render service annotations
template: deployment.yaml
documentIndex: 1
set:
service:
annotations:
foo: bar
bar: baz
asserts:
- isSubset:
path: metadata.annotations
content:
foo: bar
bar: baz

- it: should render service annotations and global annotations
template: deployment.yaml
documentIndex: 1
set:
service:
annotations:
foo: bar
bar: baz
annotations:
fizz: buzz
boo: blah
asserts:
- isSubset:
path: metadata.annotations
content:
fizz: buzz
boo: blah
foo: bar
bar: baz

- it: should render file checksum/secret annotation
template: deployment.yaml
documentIndex: 0
Expand Down
42 changes: 39 additions & 3 deletions stable/feeds/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ nameOverride: ""

## @param image Image used for feeds deployment
##
image: docker.io/anchore/enterprise:v5.4.1
image: docker.io/anchore/enterprise:v5.5.0

## @param imagePullPolicy Image pull policy used by all deployments
## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy
Expand Down Expand Up @@ -243,11 +243,47 @@ anchoreConfig:
##
service_dir: /anchore_service

## @param anchoreConfig.log_level The log level for Anchore services
## options available: FATAL, ERROR, WARN, INFO, DEBUG, SPEW
## @param anchoreConfig.log_level The log level for Anchore services: NOTE: This is deprecated, use logging.log_level
## options available: CRITICAL, ERROR, WARNING, SUCCESS, INFO, DEBUG, TRACE
##
log_level: INFO

## @param anchoreConfig.logging.colored_logging Enable colored output in the logs
## @param anchoreConfig.logging.exception_backtrace_logging Enable stack traces in the logs
## @param anchoreConfig.logging.exception_diagnose_logging Enable detailed exception information in the logs
## @param anchoreConfig.logging.file_rotation_rule Maximum size of a log file before it is rotated
## @param anchoreConfig.logging.file_retention_rule Number of log files to retain before deleting the oldest
## @param anchoreConfig.logging.log_level Log level for the service code
## @param anchoreConfig.logging.server_access_logging Set whether to print server access to logging
## @param anchoreConfig.logging.server_response_debug_logging Log the elapsed time to process the request and the response size (debug log level)
## @param anchoreConfig.logging.server_log_level Log level specifically for the server (uvicorn)
## @param anchoreConfig.logging.structured_logging Enable structured logging output (JSON)
##
logging:
colored_logging: false
exception_backtrace_logging: false
exception_diagnose_logging: false
file_rotation_rule: "10 MB"
file_retention_rule: 10
log_level: INFO
server_access_logging: true
server_response_debug_logging: false
server_log_level: "info"
structured_logging: false

## @param anchoreConfig.server.max_connection_backlog Max connections permitted in the backlog before dropping
## @param anchoreConfig.server.max_wsgi_middleware_worker_queue_size Max number of requests to queue for processing by ASGI2WSGI middleware
## @param anchoreConfig.server.max_wsgi_middleware_worker_count Max number of workers to have in the ASGI2WSGI middleware worker pool
## @param anchoreConfig.server.timeout_graceful_shutdown Seconds to permit for graceful shutdown or false to disable
## @param anchoreConfig.server.timeout_keep_alive Seconds to keep a connection alive before closing
##
server:
max_connection_backlog: 2048
max_wsgi_middleware_worker_queue_size: 100
max_wsgi_middleware_worker_count: 50
timeout_graceful_shutdown: false
timeout_keep_alive: 5

## @param anchoreConfig.keys.secret The shared secret used for signing & encryption, auto-generated by Helm if not set
## @param anchoreConfig.keys.privateKeyFileName The file name of the private key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName
## @param anchoreConfig.keys.publicKeyFileName The file name of the public key used for signing & encryption, found in the k8s secret specified in .Values.certStoreSecretName
Expand Down

0 comments on commit 28ef4d9

Please sign in to comment.