Update enterprise v494 (#322)

* bump enterprise image to v4.9.4 * update github workflow to allow releasing older versions * update test snapshots * allow k8s 1.28 on feeds chart --------- Signed-off-by: Brady Todhunter <[email protected]>
anchore · Dec 15, 2023 · c983cd6 · c983cd6
1 parent fb36165
commit c983cd6
Show file tree

Hide file tree

Showing 12 changed files with 43 additions and 15 deletions.
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -4,6 +4,7 @@ on:
   push:
     branches:
       - main
+      - 'release-*'
     paths:
       - 'stable/**'
 
@@ -36,8 +37,20 @@ jobs:
           helm repo add anchore https://charts.anchore.io/stable
           helm repo add bitnami https://charts.bitnami.com/bitnami
 
+      - name: Run chart-releaser not latest
+        if: github.event.pull_request.base.ref != 'main'
+        uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
+        with:
+          charts_dir: stable
+          charts_repo_url: https://charts.anchore.io
+          mark_as_latest: false
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          CR_MAKE_RELEASE_LATEST: "false"
+
       - name: Run chart-releaser
-        uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
+        if: github.event.pull_request.base.ref == 'main'
+        uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
         with:
           charts_dir: stable
           charts_repo_url: https://charts.anchore.io

diff --git a/.github/workflows/helm-unittests.yaml b/.github/workflows/helm-unittests.yaml
@@ -19,6 +19,7 @@ jobs:
       REPO: "${{ github.repository }}"
       REPO_NAME: "${{ github.event.repository.name }}"
       TARGET_BRANCH: "${{ github.event.pull_request.base.ref }}"
+      HELM_UNITTEST_VERSION: 0.3.5
     runs-on: ubuntu-latest
     steps:
       - name: Checkout charts
@@ -36,7 +37,7 @@ jobs:
 
       - name: Install helm-unittest
         run: |
-          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${HELM_UNITTEST_VERSION}
 
       - run: cd "${REPO}" && git fetch origin ${TARGET_BRANCH}
 

diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -37,4 +37,9 @@ jobs:
     - name: Run chart-testing (lint)
       id: lint
       run: ct lint --config 'ct-config.yaml'
-      if: steps.list-changed.outputs.CHANGED == 'true'
+      if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref == 'main'
+
+    - name: Run chart-testing but skip version check (lint)
+      id: lintskipversion
+      run: ct lint --config 'ct-config.yaml' --check-version-increment=false
+      if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref != 'main'
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -48,7 +48,12 @@ jobs:
     - name: Run chart-testing (lint)
       id: lint
       run: ct lint --config 'ct-config.yaml'
-      if: steps.list-changed.outputs.CHANGED == 'true'
+      if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref == 'main'
+
+    - name: Run chart-testing but skip version check (lint)
+      id: lintskipversion
+      run: ct lint --config 'ct-config.yaml' --check-version-increment=false
+      if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref != 'main'
 
     - name: Install kind
       if: steps.list-changed.outputs.CHANGED == 'true'

diff --git a/stable/enterprise/Chart.yaml b/stable/enterprise/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: enterprise
-version: "1.0.1"
-appVersion: "4.9.3"
+version: "1.0.2"
+appVersion: "4.9.4"
 kubeVersion: 1.23.x - 1.28.x || 1.23.x-x - 1.28.x-x
 description: |
   Anchore Enterprise is a complete container security workflow solution for professional teams. Easily integrating with CI/CD systems,

diff --git a/stable/enterprise/README.md b/stable/enterprise/README.md
@@ -942,7 +942,7 @@ This rollback procedure is designed to revert your environment to its pre-migrat
 
 | Name                                  | Description                                                                           | Value                                 |
 | ------------------------------------- | ------------------------------------------------------------------------------------- | ------------------------------------- |
-| `image`                               | Image used for all Anchore Enterprise deployments, excluding Anchore UI               | `docker.io/anchore/enterprise:v4.9.3` |
+| `image`                               | Image used for all Anchore Enterprise deployments, excluding Anchore UI               | `docker.io/anchore/enterprise:v4.9.4` |
 | `imagePullPolicy`                     | Image pull policy used by all deployments                                             | `IfNotPresent`                        |
 | `imagePullSecretName`                 | Name of Docker credentials secret for access to private repos                         | `anchore-enterprise-pullcreds`        |
 | `startMigrationPod`                   | Spin up a Database migration pod to help migrate the database to the new schema       | `false`                               |
@@ -1364,6 +1364,10 @@ For the latest updates and features in Anchore Enterprise, see the official [Rel
 - **Minor Chart Version Change (e.g., v0.1.2 -> v0.2.0)**: Indicates a significant change to the deployment that does not require manual intervention.
 - **Patch Chart Version Change (e.g., v0.1.2 -> v0.1.3)**: Indicates a backwards-compatible bug fix or documentation update.
 
+### v1.0.2
+
+- Updated Anchore Enterprise image to v4.9.4
+
 ### v1.0.0
 
 - This is a stable release of the Anchore Enterprise Helm chart and is recommended for production deployments.

diff --git a/stable/enterprise/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap b/stable/enterprise/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap
@@ -143,6 +143,6 @@ should render proper initContainers:
           valueFrom:
             fieldRef:
               fieldPath: metadata.name
-      image: docker.io/anchore/enterprise:v4.9.3
+      image: docker.io/anchore/enterprise:v4.9.4
       imagePullPolicy: IfNotPresent
       name: wait-for-db
diff --git a/stable/enterprise/values.yaml b/stable/enterprise/values.yaml
@@ -18,7 +18,7 @@ global:
 
 ## @param image Image used for all Anchore Enterprise deployments, excluding Anchore UI
 ##
-image: docker.io/anchore/enterprise:v4.9.3
+image: docker.io/anchore/enterprise:v4.9.4
 
 ## @param imagePullPolicy Image pull policy used by all deployments
 ## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy

diff --git a/stable/feeds/Chart.yaml b/stable/feeds/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
 name: feeds
 type: application
-version: "1.0.1"
+version: "1.0.2"
 appVersion: "4.9.3"
-kubeVersion: 1.23.x - 1.27.x || 1.23.x-x - 1.27.x-x
+kubeVersion: 1.23.x - 1.28.x || 1.23.x-x - 1.28.x-x
 description: Anchore feeds service
 keywords:
   - "anchore"

diff --git a/stable/feeds/README.md b/stable/feeds/README.md
@@ -312,7 +312,7 @@ anchoreConfig:
 | `url`                                 | Set a custom feeds URL. Useful when using a feeds service endpoint that is external from the cluster. | `""`                                  |
 | `fullnameOverride`                    | overrides the fullname set on resources                                                               | `""`                                  |
 | `nameOverride`                        | overrides the name set on resources                                                                   | `""`                                  |
-| `image`                               | Image used for feeds deployment                                                                       | `docker.io/anchore/enterprise:v4.9.3` |
+| `image`                               | Image used for feeds deployment                                                                       | `docker.io/anchore/enterprise:v4.9.4` |
 | `imagePullPolicy`                     | Image pull policy used by all deployments                                                             | `IfNotPresent`                        |
 | `imagePullSecretName`                 | Name of Docker credentials secret for access to private repos                                         | `anchore-enterprise-pullcreds`        |
 | `serviceAccountName`                  | Name of a service account used to run all Feeds pods                                                  | `""`                                  |
@@ -331,7 +331,7 @@ anchoreConfig:
 | `service.annotations`                 | Annotations for Anchore Feeds service                                                                 | `{}`                                  |
 | `service.labels`                      | Labels for Anchore Feeds service                                                                      | `{}`                                  |
 | `service.nodePort`                    | nodePort for Anchore Feeds service                                                                    | `""`                                  |
-| `service.apiVersion`                  | the apiVersion for the service when communicating with Anchore Feeds                                  | `v2`                                  |
+| `service.apiVersion`                  | the apiVersion for the service when communicating with Anchore Feeds                                  | `v1`                                  |
 | `scratchVolume.mountPath`             | The mount path of an external volume for scratch space for image analysis                             | `/anchore_scratch`                    |
 | `scratchVolume.fixGroupPermissions`   | Enable an initContainer that will fix the fsGroup permissions                                         | `false`                               |
 | `scratchVolume.details`               | Details for the k8s volume to be created                                                              | `{}`                                  |

diff --git a/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap b/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap
@@ -143,6 +143,6 @@ should render proper initContainers:
           value: test-release-feeds
         - name: ANCHORE_PORT
           value: "8448"
-      image: docker.io/anchore/enterprise:v4.9.3
+      image: docker.io/anchore/enterprise:v4.9.4
       imagePullPolicy: IfNotPresent
       name: wait-for-db
diff --git a/stable/feeds/values.yaml b/stable/feeds/values.yaml
@@ -21,7 +21,7 @@ nameOverride: ""
 
 ## @param image Image used for feeds deployment
 ##
-image: docker.io/anchore/enterprise:v4.9.3
+image: docker.io/anchore/enterprise:v4.9.4
 
 ## @param imagePullPolicy Image pull policy used by all deployments
 ## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy