manifest update (#1156)

docs/content/documentation/operations/release-management.md

@@ -234,13 +234,26 @@ make build
 make tag
 ```
 
-### 7. Initializing Helm Charts
+### 7. Tag SDK
+
+VSecM SDK Go SDK is managed under its own tag.
+
+Make sure you tag it too.
+
+```bash
+cd $WORKSPACE/secrets-manager
+git tag -a v0.22.4 -m "v0.22.4"
+git push origin --tags
+```
+
+### 8. Initializing Helm Charts
 
 To start the release cycle, we initialize helm-charts for each official
 release of VSecM. Helm charts are continuously developed and updated
 during the release development process.
 
-At the beginning of a VSecM release, the [./hack/init-next-helm-chart.sh][init_script]
+At the beginning of a VSecM release, the 
+[./hack/init-next-helm-chart.sh][init_script]
 script is used to initialize the helm-charts.
 
 To initialize a new helm-chart, run the following command using the init script:
@@ -255,16 +268,18 @@ Use this link to create a pull request (PR) and merge it into the main branch.
 This will make the new helm-charts available for the VSecM release
 development cycle.
 
-### 8. Update Kubernetes Manifests
+### 9. Update Kubernetes Manifests
 
-Based on the generated helm charts run `make k8s-manifests-update VERSION=<version>` target
+Based on the generated helm charts run 
+`make k8s-manifests-update VERSION=<version>` target
 to update the Kubernetes manifests for the new release.
 
 These manifests are used by people who want to install VSecM without using
 Helm. To generate the manifests you need to have generated the helm charts
 first.
 
-For example `make k8s-manifests-update VERSION=0.22.4`
+Make sure you are on the `main` branch and you have fetched the recent changes,
+then, for example `make k8s-manifests-update VERSION=0.22.4`
 
 ### 9. Update Helm Documentation
 
@@ -273,6 +288,10 @@ the changes by running `./hack/helm-docs.sh`.
 
 ### 10. Release Helm Charts
 
+Make sure you have a clean `main` branch before proceeding. Merge everything
+that needs to be merged.
+
+
 > **Pull Recent `gh-pages` Changes**
 >
 > Before you proceed, make sure that you have your `gh-pages` local branc

helm-charts/0.27.4/README.md

@@ -5,7 +5,7 @@ that your sensitive data is always secure and protected. VSecM is perfect for
 securely storing arbitrary configuration information at a central location and
 securely dispatching it to workloads.
 
-![Version: 0.27.3](https://img.shields.io/badge/Version-0.27.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.3](https://img.shields.io/badge/AppVersion-0.27.3-informational?style=flat-square)
+![Version: 0.27.4](https://img.shields.io/badge/Version-0.27.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.4](https://img.shields.io/badge/AppVersion-0.27.4-informational?style=flat-square)
 
 [![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/vsecm)](https://artifacthub.io/packages/helm/vsecm/vsecm)
 
@@ -28,7 +28,7 @@ To use VMware Secrets Manager, follow the steps below:
 3. Install VMware Secrets Manager using Helm:
 
  ```bash
- helm install vsecm vsecm/vsecm --version 0.27.3
+ helm install vsecm vsecm/vsecm --version 0.27.4
  ```
 
 ## Options
@@ -47,7 +47,7 @@ and `global.baseImage` respectively.
 Here's an example command with the above options:
 
 ```bash
-helm install vsecm vsecm/helm-charts --version 0.27.3 \
+helm install vsecm vsecm/helm-charts --version 0.27.4 \
  --set global.deploySpire=true --set global.baseImage=distroless
 ```
 
@@ -65,7 +65,7 @@ These environment variable configurations are expose through subcharts.
 You can modify them as follows:
 
 ```bash
-helm install vsecm vsecm/helm-charts --version 0.27.3 \
+helm install vsecm vsecm/helm-charts --version 0.27.4 \
 --set safe.environments.VSECM_LOG_LEVEL="6"
 --set sentinel.environments.VSECM_LOGL_LEVEL="5"
 # You can update other environment variables too.
@@ -97,10 +97,10 @@ The sections below are autogenerated from chart source code:
 
 | Repository | Name | Version |
 |------------|------|---------|
-| file://charts/keystone | keystone | 0.27.3 |
-| file://charts/safe | safe | 0.27.3 |
-| file://charts/sentinel | sentinel | 0.27.3 |
-| file://charts/spire | spire | 0.27.3 |
+| file://charts/keystone | keystone | 0.27.4 |
+| file://charts/safe | safe | 0.27.4 |
+| file://charts/sentinel | sentinel | 0.27.4 |
+| file://charts/spire | spire | 0.27.4 |
 
 ## Values
 

helm-charts/0.27.4/charts/safe/README.md

@@ -1,6 +1,6 @@
 # safe
 
-![Version: 0.27.3](https://img.shields.io/badge/Version-0.27.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.3](https://img.shields.io/badge/AppVersion-0.27.3-informational?style=flat-square)
+![Version: 0.27.4](https://img.shields.io/badge/Version-0.27.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.4](https://img.shields.io/badge/AppVersion-0.27.4-informational?style=flat-square)
 
 Helm chart for VMware Secrets Manager (VSecM) Safe
 

helm-charts/0.27.4/charts/sentinel/README.md

@@ -1,6 +1,6 @@
 # sentinel
 
-![Version: 0.27.3](https://img.shields.io/badge/Version-0.27.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.3](https://img.shields.io/badge/AppVersion-0.27.3-informational?style=flat-square)
+![Version: 0.27.4](https://img.shields.io/badge/Version-0.27.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.4](https://img.shields.io/badge/AppVersion-0.27.4-informational?style=flat-square)
 
 Helm chart for sentinel
 

helm-charts/0.27.4/charts/spire/README.md

@@ -1,6 +1,6 @@
 # spire
 
-![Version: 0.27.3](https://img.shields.io/badge/Version-0.27.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.3](https://img.shields.io/badge/AppVersion-0.27.3-informational?style=flat-square)
+![Version: 0.27.4](https://img.shields.io/badge/Version-0.27.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.4](https://img.shields.io/badge/AppVersion-0.27.4-informational?style=flat-square)
 
 Helm chart for spire
 

k8s/0.27.4/crds/spire.spiffe.io_clusterfederatedtrustdomains.yaml

@@ -0,0 +1,100 @@
+# Source: spire-crds/templates/spire.spiffe.io_clusterfederatedtrustdomains.yaml
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ helm.sh/resource-policy: keep
+ creationTimestamp: null
+ name: clusterfederatedtrustdomains.spire.spiffe.io
+spec:
+ group: spire.spiffe.io
+ names:
+ kind: ClusterFederatedTrustDomain
+ listKind: ClusterFederatedTrustDomainList
+ plural: clusterfederatedtrustdomains
+ singular: clusterfederatedtrustdomain
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.trustDomain
+ name: Trust Domain
+ type: string
+ - jsonPath: .spec.bundleEndpointURL
+ name: Endpoint URL
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: ClusterFederatedTrustDomain is the Schema for the clusterfederatedtrustdomains
+ API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ClusterFederatedTrustDomainSpec defines the desired state
+ of ClusterFederatedTrustDomain
+ properties:
+ bundleEndpointProfile:
+ description: BundleEndpointProfile is the profile for the bundle endpoint.
+ properties:
+ endpointSPIFFEID:
+ description: EndpointSPIFFEID is the SPIFFE ID of the bundle endpoint.
+ It is required for the "https_spiffe" profile.
+ type: string
+ type:
+ description: Type is the type of the bundle endpoint profile.
+ enum:
+ - https_spiffe
+ - https_web
+ type: string
+ required:
+ - type
+ type: object
+ bundleEndpointURL:
+ description: BundleEndpointURL is the URL of the bundle endpoint.
+ It must be an HTTPS URL and cannot contain userinfo (i.e. username/password).
+ type: string
+ className:
+ description: Set the class of controller to handle this object.
+ type: string
+ trustDomain:
+ description: TrustDomain is the name of the trust domain to federate
+ with (e.g. example.org)
+ pattern: '[a-z0-9._-]{1,255}'
+ type: string
+ trustDomainBundle:
+ description: TrustDomainBundle is the contents of the bundle for the
+ referenced trust domain. This field is optional when the resource
+ is created.
+ type: string
+ required:
+ - bundleEndpointProfile
+ - bundleEndpointURL
+ - trustDomain
+ type: object
+ status:
+ description: ClusterFederatedTrustDomainStatus defines the observed state
+ of ClusterFederatedTrustDomain
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []