From 106af029a25f8ba082aabf3c599d9128c5e90db4 Mon Sep 17 00:00:00 2001 From: chgl Date: Mon, 15 Apr 2024 21:35:07 +0200 Subject: [PATCH] Upgraded all helm chart dependencies to latest (#659) --- .github/workflows/chart-test.yaml | 2 +- charts/hapi-fhir-jpaserver/Chart.lock | 6 +++--- charts/hapi-fhir-jpaserver/Chart.yaml | 12 ++++++------ charts/hapi-fhir-jpaserver/README.md | 9 +++++---- charts/hapi-fhir-jpaserver/templates/deployment.yaml | 2 +- charts/hapi-fhir-jpaserver/values.yaml | 5 ++++- 6 files changed, 20 insertions(+), 16 deletions(-) diff --git a/.github/workflows/chart-test.yaml b/.github/workflows/chart-test.yaml index ebe3a64..a6daf0e 100644 --- a/.github/workflows/chart-test.yaml +++ b/.github/workflows/chart-test.yaml @@ -15,7 +15,7 @@ jobs: - name: Install helm-docs working-directory: /tmp env: - HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.11.3/helm-docs_1.11.3_Linux_x86_64.tar.gz + HELM_DOCS_URL: https://github.com/norwoodj/helm-docs/releases/download/v1.13.0/helm-docs_1.13.0_Linux_x86_64.tar.gz run: | curl -LSs $HELM_DOCS_URL | tar xz && \ mv ./helm-docs /usr/local/bin/helm-docs && \ diff --git a/charts/hapi-fhir-jpaserver/Chart.lock b/charts/hapi-fhir-jpaserver/Chart.lock index fa3830b..ff1845e 100644 --- a/charts/hapi-fhir-jpaserver/Chart.lock +++ b/charts/hapi-fhir-jpaserver/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.27 -digest: sha256:6374f6f32d32adbe6763c48e2d817d85ec20a1784b2aea1fb0312c658f8e58e9 -generated: "2024-01-10T17:56:36.521957926+01:00" + version: 14.3.1 +digest: sha256:fb1d56a00b544bb2ad5691553cadf6384f499652acb9ff5ad625ef36a1b8979e +generated: "2024-03-10T14:43:22.395381351+01:00" diff --git a/charts/hapi-fhir-jpaserver/Chart.yaml b/charts/hapi-fhir-jpaserver/Chart.yaml index 0950131..c65fe30 100644 --- a/charts/hapi-fhir-jpaserver/Chart.yaml +++ b/charts/hapi-fhir-jpaserver/Chart.yaml @@ -7,11 +7,11 @@ sources: - https://github.com/hapifhir/hapi-fhir-jpaserver-starter dependencies: - name: postgresql - version: 13.2.27 + version: 14.3.1 repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql.enabled -appVersion: 6.10.1 -version: 0.15.0 +appVersion: 7.0.3 +version: 0.16.0 annotations: artifacthub.io/license: Apache-2.0 artifacthub.io/containsSecurityUpdates: "false" @@ -24,8 +24,8 @@ annotations: # When using the list of objects option the valid supported kinds are # added, changed, deprecated, removed, fixed, and security. - kind: changed - description: updated starter image to 6.10.1 + description: updated starter image to v7.0.3 - kind: changed - description: updated curlimages/curl to 8.5.0 + description: updated curlimages/curl to 8.6.0 - kind: changed - description: "updated postgresql sub-chart to 13.2.27. ⚠️: this updates the used PostgreSQL image from v15 to v16." + description: "updated postgresql sub-chart to 14.3.1." diff --git a/charts/hapi-fhir-jpaserver/README.md b/charts/hapi-fhir-jpaserver/README.md index 87b9bb1..8b42fba 100644 --- a/charts/hapi-fhir-jpaserver/README.md +++ b/charts/hapi-fhir-jpaserver/README.md @@ -1,6 +1,6 @@ # HAPI FHIR JPA Server Starter Helm Chart -![Version: 0.15.0](https://img.shields.io/badge/Version-0.15.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.10.1](https://img.shields.io/badge/AppVersion-6.10.1-informational?style=flat-square) +![Version: 0.16.0](https://img.shields.io/badge/Version-0.16.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 7.0.3](https://img.shields.io/badge/AppVersion-7.0.3-informational?style=flat-square) This helm chart will help you install the HAPI FHIR JPA Server in a Kubernetes environment. @@ -15,7 +15,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver | Repository | Name | Version | |------------|------|---------| -| oci://registry-1.docker.io/bitnamicharts | postgresql | 13.2.27 | +| oci://registry-1.docker.io/bitnamicharts | postgresql | 14.3.1 | ## Values @@ -36,7 +36,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver | image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy to use | | image.registry | string | `"docker.io"` | registry where the HAPI FHIR server image is hosted | | image.repository | string | `"hapiproject/hapi"` | the path inside the repository | -| image.tag | string | `"v6.10.1@sha256:4eac1b3481180b028616d1fab7e657e368538063d75f7ed3be2032e34c657dd4"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. | +| image.tag | string | `"v7.0.3@sha256:73ff82fec42e5cbb7e66338d47af09ba91c140e98beeaee41a5459572d5ae1ce"` | the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. | | imagePullSecrets | list | `[]` | image pull secrets to use when pulling the image | | ingress.annotations | object | `{}` | provide any additional annotations which may be required. Evaluated as a template. | | ingress.enabled | bool | `false` | whether to create an Ingress to expose the FHIR server HTTP endpoint | @@ -57,6 +57,7 @@ helm install hapi-fhir-jpaserver hapifhir/hapi-fhir-jpaserver | postgresql.auth.database | string | `"fhir"` | name for a custom database to create | | postgresql.auth.existingSecret | string | `""` | Name of existing secret to use for PostgreSQL credentials `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret The secret must contain the keys `postgres-password` (which is the password for "postgres" admin user), `password` (which is the password for the custom user to create when `auth.username` is set), and `replication-password` (which is the password for replication user). The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. The value is evaluated as a template. | | postgresql.enabled | bool | `true` | enable an included PostgreSQL DB. see for details if set to `false`, the values under `externalDatabase` are used | +| postgresql.primary.containerSecurityContext.readOnlyRootFilesystem | bool | `true` | | | replicaCount | int | `1` | number of replicas to deploy | | resources | object | `{}` | configure the FHIR server's resource requests and limits | | securityContext.allowPrivilegeEscalation | bool | `false` | | @@ -139,4 +140,4 @@ kubectl port-forward -n observability service/simplest-query 16686:16686 and opening in your browser. ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) +Autogenerated from chart metadata using [helm-docs v1.13.0](https://github.com/norwoodj/helm-docs/releases/v1.13.0) diff --git a/charts/hapi-fhir-jpaserver/templates/deployment.yaml b/charts/hapi-fhir-jpaserver/templates/deployment.yaml index fc73ae2..fac0f60 100644 --- a/charts/hapi-fhir-jpaserver/templates/deployment.yaml +++ b/charts/hapi-fhir-jpaserver/templates/deployment.yaml @@ -31,7 +31,7 @@ spec: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: - name: wait-for-db-to-be-ready - image: docker.io/bitnami/postgresql:16.1.0-debian-11-r18@sha256:06f1f2297f6241a02bd8e8c025b31625254ca66784ac75a4a62e945fa611d045 + image: docker.io/bitnami/postgresql:16.2.0-debian-12-r6@sha256:ea55532b6f75afbc97f617d91ec5efae17609c8eb825a31845fa9cb9e4aa13e1 imagePullPolicy: IfNotPresent {{- with .Values.restrictedContainerSecurityContext }} securityContext: diff --git a/charts/hapi-fhir-jpaserver/values.yaml b/charts/hapi-fhir-jpaserver/values.yaml index 00326b8..5a67015 100644 --- a/charts/hapi-fhir-jpaserver/values.yaml +++ b/charts/hapi-fhir-jpaserver/values.yaml @@ -7,7 +7,7 @@ image: # -- the path inside the repository repository: hapiproject/hapi # -- the image tag. As of v5.7.0, this is the `distroless` flavor by default, add `-tomcat` to use the Tomcat-based image. - tag: "v6.10.1@sha256:4eac1b3481180b028616d1fab7e657e368538063d75f7ed3be2032e34c657dd4" + tag: "v7.0.3@sha256:73ff82fec42e5cbb7e66338d47af09ba91c140e98beeaee41a5459572d5ae1ce" # -- image pullPolicy to use pullPolicy: IfNotPresent @@ -109,6 +109,9 @@ postgresql: # see for details # if set to `false`, the values under `externalDatabase` are used enabled: true + primary: + containerSecurityContext: + readOnlyRootFilesystem: true auth: # -- name for a custom database to create database: "fhir"