diff --git a/charts/stable/pod-gateway/Chart.yaml b/charts/stable/pod-gateway/Chart.yaml index 6974149e..72f1f667 100644 --- a/charts/stable/pod-gateway/Chart.yaml +++ b/charts/stable/pod-gateway/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 1.2.6 description: Admision controller to change the default gateway and DNS server of PODs name: pod-gateway -version: 3.3.0 +version: 4.0.0 kubeVersion: ">=1.16.0-0" keywords: - pod-gateway diff --git a/charts/stable/pod-gateway/README.md b/charts/stable/pod-gateway/README.md index 9e6c24e6..ddf4b488 100644 --- a/charts/stable/pod-gateway/README.md +++ b/charts/stable/pod-gateway/README.md @@ -1,6 +1,6 @@ # pod-gateway -![Version: 3.3.0](https://img.shields.io/badge/Version-3.3.0-informational?style=flat-square) ![AppVersion: 1.2.6](https://img.shields.io/badge/AppVersion-1.2.6-informational?style=flat-square) +![Version: 4.0.0](https://img.shields.io/badge/Version-4.0.0-informational?style=flat-square) ![AppVersion: 1.2.6](https://img.shields.io/badge/AppVersion-1.2.6-informational?style=flat-square) Admision controller to change the default gateway and DNS server of PODs @@ -129,7 +129,7 @@ certificates. It does not install it as dependency to avoid conflicts. | webhook.image.pullPolicy | string | `"IfNotPresent"` | image pullPolicy of the webhook | | webhook.image.repository | string | `"ghcr.io/k8s-at-home/gateway-admision-controller"` | image repository of the webhook | | webhook.image.tag | string | `"v3.3.2"` | image tag of the webhook | -| webhook.namespaceSelector | object | `{"matchLabels":{"routed-gateway":"true"}}` | Selector for namespace. All pods in this namespace will get evaluated by the webhook. **IMPORTANT**: Do not select the namespace where the webhook is deployed to or you will get locking issues. | +| webhook.namespaceSelector | object | `{"custom":{},"label":"routed-gateway","type":"label"}` | Selector for namespace. All pods in this namespace will get evaluated by the webhook. **IMPORTANT**: Do not select the namespace where the webhook is deployed to or you will get locking issues. | | webhook.replicas | int | `1` | number of webhook instances to deploy | | webhook.strategy | object | `{"type":"RollingUpdate"}` | strategy for updates | @@ -139,6 +139,10 @@ All notable changes to this application Helm chart will be documented in this fi The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +### [4.0.0] + +- Fixed `namespaceSelector` to allow replacing the default label value. + ### [3.2.2] - Remove some default values (`addons.vpn.openvpn`, `addons.vpn.wireguard`, `addons.vpn.env`, `addons.vpn.configFileSecret`) which were interfering with user supplied configuration. diff --git a/charts/stable/pod-gateway/README_CHANGELOG.md.gotmpl b/charts/stable/pod-gateway/README_CHANGELOG.md.gotmpl index 15b965ff..bae2ba61 100644 --- a/charts/stable/pod-gateway/README_CHANGELOG.md.gotmpl +++ b/charts/stable/pod-gateway/README_CHANGELOG.md.gotmpl @@ -9,6 +9,10 @@ All notable changes to this application Helm chart will be documented in this fi The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +### [4.0.0] + +- Fixed `namespaceSelector` to allow replacing the default label value. + ### [3.2.2] - Remove some default values (`addons.vpn.openvpn`, `addons.vpn.wireguard`, `addons.vpn.env`, `addons.vpn.configFileSecret`) which were interfering with user supplied configuration. diff --git a/charts/stable/pod-gateway/templates/webhook-admissionregistration.yaml b/charts/stable/pod-gateway/templates/webhook-admissionregistration.yaml index a038de5b..ff738384 100644 --- a/charts/stable/pod-gateway/templates/webhook-admissionregistration.yaml +++ b/charts/stable/pod-gateway/templates/webhook-admissionregistration.yaml @@ -10,7 +10,12 @@ webhooks: - name: "{{ include "common.names.fullname" . }}.svc.cluster.local" namespaceSelector: {{- with .Values.webhook.namespaceSelector }} - {{ toYaml . | nindent 4 }} + {{- if eq .type "label" }} + matchLabels: + {{ .label }}: "true" + {{- else if eq .type "custom" }} + {{- toYaml .custom | nindent 4 }} + {{- end }} {{- end }} rules: - apiGroups: [""] diff --git a/charts/stable/pod-gateway/values.yaml b/charts/stable/pod-gateway/values.yaml index 42e1bad7..0006d9c2 100644 --- a/charts/stable/pod-gateway/values.yaml +++ b/charts/stable/pod-gateway/values.yaml @@ -119,12 +119,13 @@ webhook: # **IMPORTANT**: Do not select the namespace where the webhook # is deployed to or you will get locking issues. namespaceSelector: - matchLabels: - routed-gateway: "true" - # matchExpressions: - # - key: notTouch - # operator: NotIn - # values: ["1"] + type: label + label: "routed-gateway" + custom: {} + # matchExpressions: + # - key: notTouch + # operator: NotIn + # values: ["1"] # -- default behviour for new PODs in the evaluated namespace gatewayDefault: true