Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release artifacts for release v1.5.0 #133

Merged
merged 1 commit into from
Oct 9, 2024
Merged

Release artifacts for release v1.5.0 #133

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion config/controller/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@ kind: Kustomization
images:
- name: controller
newName: public.ecr.aws/aws-controllers-k8s/eks-controller
newTag: 1.4.7
newTag: 1.5.0
4 changes: 2 additions & 2 deletions helm/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
apiVersion: v1
name: eks-chart
description: A Helm chart for the ACK service controller for Amazon Elastic Kubernetes Service (EKS)
version: 1.4.7
appVersion: 1.4.7
version: 1.5.0
appVersion: 1.5.0
home: https://github.com/aws-controllers-k8s/eks-controller
icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
sources:
Expand Down
12 changes: 2 additions & 10 deletions helm/crds/eks.services.k8s.aws_accessentries.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: accessentries.eks.services.k8s.aws
spec:
group: eks.services.k8s.aws
Expand Down Expand Up @@ -60,7 +60,6 @@ spec:
description: |-
AccessEntrySpec defines the desired state of AccessEntry.


An access entry allows an IAM principal (user or role) to access your cluster.
Access entries can replace the need to maintain the aws-auth ConfigMap for
authentication. For more information about access entries, see Access entries
Expand Down Expand Up @@ -91,7 +90,7 @@ spec:
clusterRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand All @@ -112,14 +111,12 @@ spec:
confirm that the value for name exists in any bindings on your cluster. You
can specify one or more names.


Kubernetes authorizes the principalArn of the access entry to access any
cluster objects that you've specified in a Kubernetes Role or ClusterRole
object that is also specified in a binding's roleRef. For more information
about creating Kubernetes RoleBinding, ClusterRoleBinding, Role, or ClusterRole
objects, see Using RBAC Authorization in the Kubernetes documentation (https://kubernetes.io/docs/reference/access-authn-authz/rbac/).


If you want Amazon EKS to authorize the principalArn (instead of, or in addition
to Kubernetes authorizing the principalArn), you can associate one or more
access policies to the access entry using AssociateAccessPolicy. If you associate
Expand All @@ -135,15 +132,13 @@ spec:
for each access entry. You can't specify the same ARN in more than one access
entry. This value can't be changed after access entry creation.


The valid principals differ depending on the type of the access entry in
the type field. The only valid ARN is IAM roles for the types of access entries
for nodes: . You can use every IAM principal type for STANDARD access entries.
You can't use the STS session principal type with access entries because
this is a temporary principal for each session and not a permanent identity
that can be assigned permissions.


IAM best practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp)
recommend using IAM roles with temporary credentials, rather than IAM users
with long-term credentials.
Expand All @@ -161,7 +156,6 @@ spec:
The type of the new access entry. Valid values are Standard, FARGATE_LINUX,
EC2_LINUX, and EC2_WINDOWS.


If the principalArn is for an IAM role that's used for self-managed Amazon
EC2 nodes, specify EC2_LINUX or EC2_WINDOWS. Amazon EKS grants the necessary
permissions to the node for you. If the principalArn is for any other purpose,
Expand All @@ -171,7 +165,6 @@ spec:
entries in the aws-auth ConfigMap for the roles. You can't change this value
once you've created the access entry.


If you set the value to EC2_LINUX or EC2_WINDOWS, you can't specify values
for kubernetesGroups, or associate an AccessPolicy to the access entry.
type: string
Expand Down Expand Up @@ -203,7 +196,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
13 changes: 3 additions & 10 deletions helm/crds/eks.services.k8s.aws_addons.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: addons.eks.services.k8s.aws
spec:
group: eks.services.k8s.aws
Expand Down Expand Up @@ -64,7 +64,6 @@ spec:
description: |-
AddonSpec defines the desired state of Addon.


An Amazon EKS add-on. For more information, see Amazon EKS add-ons (https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html)
in the Amazon EKS User Guide.
properties:
Expand All @@ -84,7 +83,7 @@ spec:
clusterRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -113,25 +112,21 @@ spec:
How to resolve field value conflicts for an Amazon EKS add-on. Conflicts
are handled based on the value you choose:


- None – If the self-managed version of the add-on is installed on your
cluster, Amazon EKS doesn't change the value. Creation of the add-on might
fail.


- Overwrite – If the self-managed version of the add-on is installed
on your cluster and the Amazon EKS default value is different than the
existing value, Amazon EKS changes the value to the Amazon EKS default
value.


- Preserve – This is similar to the NONE option. If the self-managed
version of the add-on is installed on your cluster Amazon EKS doesn't
change the add-on resource properties. Creation of the add-on might fail
if conflicts are detected. This option works differently during the update
operation. For more information, see UpdateAddon (https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html).


If you don't currently have the self-managed version of the add-on installed
on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all
values to default values, regardless of the option that you specify.
Expand All @@ -145,7 +140,6 @@ spec:
Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)
in the Amazon EKS User Guide.


To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC)
provider created for your cluster. For more information, see Enabling IAM
roles for service accounts on your cluster (https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html)
Expand All @@ -154,7 +148,7 @@ spec:
serviceAccountRoleRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -196,7 +190,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
12 changes: 4 additions & 8 deletions helm/crds/eks.services.k8s.aws_clusters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: clusters.eks.services.k8s.aws
spec:
group: eks.services.k8s.aws
Expand Down Expand Up @@ -61,7 +61,6 @@ spec:
description: |-
ClusterSpec defines the desired state of Cluster.


An object representing an Amazon EKS cluster.
properties:
accessConfig:
Expand Down Expand Up @@ -125,7 +124,6 @@ spec:
plane logs (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)
in the Amazon EKS User Guide .


CloudWatch Logs ingestion, archive storage, and data scanning rates apply
to exported control plane logs. For more information, see CloudWatch Pricing
(http://aws.amazon.com/cloudwatch/pricing/).
Expand Down Expand Up @@ -201,7 +199,7 @@ spec:
items:
description: "AWSResourceReferenceWrapper provides a wrapper
around *AWSResourceReference\ntype to provide more user friendly
syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand All @@ -225,7 +223,7 @@ spec:
items:
description: "AWSResourceReferenceWrapper provides a wrapper
around *AWSResourceReference\ntype to provide more user friendly
syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
syntax for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand All @@ -252,7 +250,7 @@ spec:
roleRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand All @@ -279,7 +277,6 @@ spec:
The desired Kubernetes version for your cluster. If you don't specify a value
here, the default version available in Amazon EKS is used.


The default version might not be the latest version available.
type: string
required:
Expand All @@ -303,7 +300,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
10 changes: 4 additions & 6 deletions helm/crds/eks.services.k8s.aws_fargateprofiles.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: fargateprofiles.eks.services.k8s.aws
spec:
group: eks.services.k8s.aws
Expand Down Expand Up @@ -57,7 +57,6 @@ spec:
description: |-
FargateProfileSpec defines the desired state of FargateProfile.


An object representing an Fargate profile.
properties:
clientRequestToken:
Expand All @@ -71,7 +70,7 @@ spec:
clusterRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -100,7 +99,7 @@ spec:
podExecutionRoleRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -135,7 +134,7 @@ spec:
items:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -186,7 +185,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
6 changes: 2 additions & 4 deletions helm/crds/eks.services.k8s.aws_identityproviderconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: identityproviderconfigs.eks.services.k8s.aws
spec:
group: eks.services.k8s.aws
Expand Down Expand Up @@ -41,7 +41,6 @@ spec:
description: |-
IdentityProviderConfigSpec defines the desired state of IdentityProviderConfig.


An object representing an identity provider configuration.
properties:
clusterName:
Expand All @@ -50,7 +49,7 @@ spec:
clusterRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -116,7 +115,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
Loading