diff --git a/Makefile b/Makefile index 9de34d3..f0f30e6 100644 --- a/Makefile +++ b/Makefile @@ -14,6 +14,19 @@ else endif jx gitops split -d ${CHART_DIR}/templates jx gitops rename -d ${CHART_DIR}/templates + # Remove tekton-pipelines-resolvers-ns + rm -r charts/tekton-pipeline/templates/tekton-pipelines-resolvers-ns.yaml + # Amend subjects.namespace with release.namespace + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-rb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-resolvers-crb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-webhook-rb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-controller-rb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-controller-tenant-access-crb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-crb.yaml + yq -i '.subjects[].namespace = "{{ .Release.Namespace }}" ' charts/tekton-pipeline/templates/tekton-pipelines-webhook-leaderelection-rb.yaml + + # Remove namespace from metadata to force with helm install + yq -i eval 'del(.metadata.namespace)' charts/tekton-pipeline/templates/*.yaml # move content of data: from feature-slags-cm.yaml to featureFlags: in values.yaml yq -i '.featureFlags = load("$(CHART_DIR)/templates/feature-flags-cm.yaml").data' $(CHART_DIR)/values.yaml yq -i '.data = null' $(CHART_DIR)/templates/feature-flags-cm.yaml @@ -67,4 +80,4 @@ test-regen: verify: - jx kube test run + jx kube test run \ No newline at end of file diff --git a/charts/tekton-pipeline/Chart.yaml b/charts/tekton-pipeline/Chart.yaml index c06167d..6ad977e 100644 --- a/charts/tekton-pipeline/Chart.yaml +++ b/charts/tekton-pipeline/Chart.yaml @@ -2,6 +2,6 @@ apiVersion: v1 description: A Helm chart for Tekton Pipelines name: tekton-pipeline version: 0.6.0 -appVersion: 0.36.1 +appVersion: 0.42.0 icon: https://avatars2.githubusercontent.com/u/47602533 home: https://github.com/cdfoundation/tekton-helm-chart diff --git a/charts/tekton-pipeline/patches/config-defaults-cm.yaml b/charts/tekton-pipeline/patches/config-defaults-cm.yaml index 6fc40df..14eca47 100644 --- a/charts/tekton-pipeline/patches/config-defaults-cm.yaml +++ b/charts/tekton-pipeline/patches/config-defaults-cm.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-defaults - namespace: tekton-pipelines data: helmTemplateRemoveMe: | {{- toYaml .Values.configDefaults | nindent 2 }} diff --git a/charts/tekton-pipeline/patches/feature-flags-cm.yaml b/charts/tekton-pipeline/patches/feature-flags-cm.yaml index 4e16461..d175ec4 100644 --- a/charts/tekton-pipeline/patches/feature-flags-cm.yaml +++ b/charts/tekton-pipeline/patches/feature-flags-cm.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: feature-flags - namespace: tekton-pipelines data: helmTemplateRemoveMe: | {{- toYaml .Values.featureFlags | nindent 2 }} diff --git a/charts/tekton-pipeline/patches/tekton-pipelines-controller-deploy.yaml b/charts/tekton-pipeline/patches/tekton-pipelines-controller-deploy.yaml index 0375e74..2d3914e 100644 --- a/charts/tekton-pipeline/patches/tekton-pipelines-controller-deploy.yaml +++ b/charts/tekton-pipeline/patches/tekton-pipelines-controller-deploy.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: tekton-pipelines-controller - namespace: tekton-pipelines labels: helmTemplateRemoveMe: | {{- with .Values.controller.deployment.labels }} diff --git a/charts/tekton-pipeline/patches/tekton-pipelines-webhook-deploy.yaml b/charts/tekton-pipeline/patches/tekton-pipelines-webhook-deploy.yaml index 209efd8..be7b112 100644 --- a/charts/tekton-pipeline/patches/tekton-pipelines-webhook-deploy.yaml +++ b/charts/tekton-pipeline/patches/tekton-pipelines-webhook-deploy.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: helmTemplateRemoveMe: | {{- with .Values.webhook.deployment.labels }} diff --git a/charts/tekton-pipeline/templates/bundleresolver-config-cm.yaml b/charts/tekton-pipeline/templates/bundleresolver-config-cm.yaml index d48372d..16fe4cf 100644 --- a/charts/tekton-pipeline/templates/bundleresolver-config-cm.yaml +++ b/charts/tekton-pipeline/templates/bundleresolver-config-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: bundleresolver-config - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -25,4 +24,4 @@ data: # the default service account name to use for bundle requests. default-service-account: "default" # The default layer kind in the bundle image. - default-kind: "task" + default-kind: "task" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/cluster-resolver-config-cm.yaml b/charts/tekton-pipeline/templates/cluster-resolver-config-cm.yaml index 8f2e775..d08997e 100644 --- a/charts/tekton-pipeline/templates/cluster-resolver-config-cm.yaml +++ b/charts/tekton-pipeline/templates/cluster-resolver-config-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: cluster-resolver-config - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -29,4 +28,4 @@ data: # An optional comma-separated list of namespaces which the resolver is allowed to access. Defaults to empty, meaning all namespaces are allowed. allowed-namespaces: "" # An optional comma-separated list of namespaces which the resolver is blocked from accessing. Defaults to empty, meaning all namespaces are allowed. - blocked-namespaces: "" + blocked-namespaces: "" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/clustertasks.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/clustertasks.tekton.dev-crd.yaml index eb88003..cc29a0d 100644 --- a/charts/tekton-pipeline/templates/clustertasks.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/clustertasks.tekton.dev-crd.yaml @@ -58,4 +58,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-artifact-bucket-cm.yaml b/charts/tekton-pipeline/templates/config-artifact-bucket-cm.yaml index 58e9693..2b7384a 100644 --- a/charts/tekton-pipeline/templates/config-artifact-bucket-cm.yaml +++ b/charts/tekton-pipeline/templates/config-artifact-bucket-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-artifact-bucket - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -30,4 +29,4 @@ metadata: # bucket.service.account.secret.key: # # The field name that should be used for the service account # # Valid values: GOOGLE_APPLICATION_CREDENTIALS, BOTO_CONFIG. -# bucket.service.account.field.name: GOOGLE_APPLICATION_CREDENTIALS +# bucket.service.account.field.name: GOOGLE_APPLICATION_CREDENTIALS \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-artifact-pvc-cm.yaml b/charts/tekton-pipeline/templates/config-artifact-pvc-cm.yaml index f3ca3b1..c615734 100644 --- a/charts/tekton-pipeline/templates/config-artifact-pvc-cm.yaml +++ b/charts/tekton-pipeline/templates/config-artifact-pvc-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-artifact-pvc - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -25,4 +24,4 @@ metadata: # size: 5Gi # # # storage class of the PVC volume -# storageClassName: storage-class-name +# storageClassName: storage-class-name \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-defaults-cm.yaml b/charts/tekton-pipeline/templates/config-defaults-cm.yaml index 125b2a2..db450c4 100644 --- a/charts/tekton-pipeline/templates/config-defaults-cm.yaml +++ b/charts/tekton-pipeline/templates/config-defaults-cm.yaml @@ -16,8 +16,64 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-defaults - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines -data: null +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # default-timeout-minutes contains the default number of + # minutes to use for TaskRun and PipelineRun, if none is specified. + default-timeout-minutes: "60" # 60 minutes + + # default-service-account contains the default service account name + # to use for TaskRun and PipelineRun, if none is specified. + default-service-account: "default" + + # default-managed-by-label-value contains the default value given to the + # "app.kubernetes.io/managed-by" label applied to all Pods created for + # TaskRuns. If a user's requested TaskRun specifies another value for this + # label, the user's request supercedes. + default-managed-by-label-value: "tekton-pipelines" + + # default-pod-template contains the default pod template to use for + # TaskRun and PipelineRun. If a pod template is specified on the + # PipelineRun, the default-pod-template is merged with that one. + # default-pod-template: + + # default-affinity-assistant-pod-template contains the default pod template + # to use for affinity assistant pods. If a pod template is specified on the + # PipelineRun, the default-affinity-assistant-pod-template is merged with + # that one. + # default-affinity-assistant-pod-template: + + # default-cloud-events-sink contains the default CloudEvents sink to be + # used for TaskRun and PipelineRun, when no sink is specified. + # Note that right now it is still not possible to set a PipelineRun or + # TaskRun specific sink, so the default is the only option available. + # If no sink is specified, no CloudEvent is generated + # default-cloud-events-sink: + + # default-task-run-workspace-binding contains the default workspace + # configuration provided for any Workspaces that a Task declares + # but that a TaskRun does not explicitly provide. + # default-task-run-workspace-binding: | + # emptyDir: {} + + # default-max-matrix-combinations-count contains the default maximum number + # of combinations from a Matrix, if none is specified. + default-max-matrix-combinations-count: "256" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-leader-election-cm.yaml b/charts/tekton-pipeline/templates/config-leader-election-cm.yaml index 4075fff..add9edf 100644 --- a/charts/tekton-pipeline/templates/config-leader-election-cm.yaml +++ b/charts/tekton-pipeline/templates/config-leader-election-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-leader-election - namespace: tekton-pipelines labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -50,4 +49,4 @@ data: # is N, the N replicas will compete for the M buckets. The owner of a # bucket will take care of the reconciling for the keys partitioned into # that bucket. - buckets: "1" + buckets: "1" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-logging-cm.yaml b/charts/tekton-pipeline/templates/config-logging-cm.yaml index b3c0447..4fc3c59 100644 --- a/charts/tekton-pipeline/templates/config-logging-cm.yaml +++ b/charts/tekton-pipeline/templates/config-logging-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-logging - namespace: tekton-pipelines labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -49,4 +48,4 @@ data: } # Log level overrides loglevel.controller: "info" - loglevel.webhook: "info" + loglevel.webhook: "info" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-observability-cm.yaml b/charts/tekton-pipeline/templates/config-observability-cm.yaml index 4470485..fc891bb 100644 --- a/charts/tekton-pipeline/templates/config-observability-cm.yaml +++ b/charts/tekton-pipeline/templates/config-observability-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-observability - namespace: tekton-pipelines labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -58,4 +57,4 @@ data: # metrics are not supported by "knative_revision" resource type. Setting this # flag to "true" could cause extra Stackdriver charge. # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" + metrics.allow-stackdriver-custom-metrics: "false" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-registry-cert-cm.yaml b/charts/tekton-pipeline/templates/config-registry-cert-cm.yaml index 22162be..25217db 100644 --- a/charts/tekton-pipeline/templates/config-registry-cert-cm.yaml +++ b/charts/tekton-pipeline/templates/config-registry-cert-cm.yaml @@ -16,10 +16,9 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-registry-cert - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines # data: # # Registry's self-signed certificate -# cert: | +# cert: | \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config-trusted-resources-cm.yaml b/charts/tekton-pipeline/templates/config-trusted-resources-cm.yaml index 01f2f30..b9d7e13 100644 --- a/charts/tekton-pipeline/templates/config-trusted-resources-cm.yaml +++ b/charts/tekton-pipeline/templates/config-trusted-resources-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: config-trusted-resources - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -38,4 +37,4 @@ data: # publickeys specifies the list of public keys, the paths are separated by comma # publickeys: "/etc/verification-secrets/cosign.pub, - # gcpkms://projects/tekton/locations/us/keyRings/trusted-resources/cryptoKeys/trusted-resources" + # gcpkms://projects/tekton/locations/us/keyRings/trusted-resources/cryptoKeys/trusted-resources" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/config.webhook.pipeline.tekton.dev-valwebhookcfg.yaml b/charts/tekton-pipeline/templates/config.webhook.pipeline.tekton.dev-valwebhookcfg.yaml index b5654cc..b00dc53 100644 --- a/charts/tekton-pipeline/templates/config.webhook.pipeline.tekton.dev-valwebhookcfg.yaml +++ b/charts/tekton-pipeline/templates/config.webhook.pipeline.tekton.dev-valwebhookcfg.yaml @@ -18,4 +18,4 @@ webhooks: name: config.webhook.pipeline.tekton.dev objectSelector: matchLabels: - app.kubernetes.io/part-of: tekton-pipelines + app.kubernetes.io/part-of: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/customruns.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/customruns.tekton.dev-crd.yaml index e9dfde3..b7b0f92 100644 --- a/charts/tekton-pipeline/templates/customruns.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/customruns.tekton.dev-crd.yaml @@ -63,4 +63,4 @@ spec: categories: - tekton - tekton-pipelines - scope: Namespaced + scope: Namespaced \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/feature-flags-cm.yaml b/charts/tekton-pipeline/templates/feature-flags-cm.yaml index 80b09a3..29614b9 100644 --- a/charts/tekton-pipeline/templates/feature-flags-cm.yaml +++ b/charts/tekton-pipeline/templates/feature-flags-cm.yaml @@ -16,8 +16,76 @@ apiVersion: v1 kind: ConfigMap metadata: name: feature-flags - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines -data: null +data: + # Setting this flag to "true" will prevent Tekton to create an + # Affinity Assistant for every TaskRun sharing a PVC workspace + # + # The default behaviour is for Tekton to create Affinity Assistants + # + # See more in the workspace documentation about Affinity Assistant + # https://github.com/tektoncd/pipeline/blob/main/docs/workspaces.md#affinity-assistant-and-specifying-workspace-order-in-a-pipeline + # or https://github.com/tektoncd/pipeline/pull/2630 for more info. + disable-affinity-assistant: "false" + # Setting this flag to "true" will prevent Tekton scanning attached + # service accounts and injecting any credentials it finds into your + # Steps. + # + # The default behaviour currently is for Tekton to search service + # accounts for secrets matching a specified format and automatically + # mount those into your Steps. + # + # Note: setting this to "true" will prevent PipelineResources from + # working. + # + # See https://github.com/tektoncd/pipeline/issues/2791 for more + # info. + disable-creds-init: "false" + # Setting this flag to "false" will stop Tekton from waiting for a + # TaskRun's sidecar containers to be running before starting the first + # step. This will allow Tasks to be run in environments that don't + # support the DownwardAPI volume type, but may lead to unintended + # behaviour if sidecars are used. + # + # See https://github.com/tektoncd/pipeline/issues/4937 for more info. + await-sidecar-readiness: "true" + # This option should be set to false when Pipelines is running in a + # cluster that does not use injected sidecars such as Istio. Setting + # it to false should decrease the time it takes for a TaskRun to start + # running. For clusters that use injected sidecars, setting this + # option to false can lead to unexpected behavior. + # + # See https://github.com/tektoncd/pipeline/issues/2080 for more info. + running-in-environment-with-injected-sidecars: "true" + # Setting this flag to "true" will require that any Git SSH Secret + # offered to Tekton must have known_hosts included. + # + # See https://github.com/tektoncd/pipeline/issues/2981 for more + # info. + require-git-ssh-secret-known-hosts: "false" + # Setting this flag to "true" enables the use of Tekton OCI bundle. + # This is an experimental feature and thus should still be considered + # an alpha feature. + enable-tekton-oci-bundles: "false" + # Setting this flag to "true" enables the use of custom tasks from + # within pipelines. + # This is an experimental feature and thus should still be considered + # an alpha feature. + enable-custom-tasks: "false" + # Setting this flag will determine which gated features are enabled. + # Acceptable values are "stable", "beta", or "alpha". + enable-api-fields: "stable" + # Setting this flag to "true" enables CloudEvents for Runs, as long as a + # CloudEvents sink is configured in the config-defaults config map + send-cloudevents-for-runs: "false" + # Setting this flag to "enforce" will enforce verification of tasks/pipeline. Failing to verify + # will fail the taskrun/pipelinerun. "warn" will only log the err message and "skip" + # will skip the whole verification + resource-verification-mode: "skip" + # Setting this flag to "true" enables populating the "provenance" field in TaskRun + # and PipelineRun status. This field contains metadata about resources used + # in the TaskRun/PipelineRun such as the source from where a remote Task/Pipeline + # definition was fetched. + enable-provenance-in-status: "false" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/git-resolver-config-cm.yaml b/charts/tekton-pipeline/templates/git-resolver-config-cm.yaml index 565d283..5edddb6 100644 --- a/charts/tekton-pipeline/templates/git-resolver-config-cm.yaml +++ b/charts/tekton-pipeline/templates/git-resolver-config-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: git-resolver-config - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -40,4 +39,4 @@ data: api-token-secret-namespace: "default" # The default organization to look for repositories under when using the authenticated API, # if not specified in the resolver parameters. Optional. - default-org: "" + default-org: "" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/hubresolver-config-cm.yaml b/charts/tekton-pipeline/templates/hubresolver-config-cm.yaml index c0bd930..c0629c0 100644 --- a/charts/tekton-pipeline/templates/hubresolver-config-cm.yaml +++ b/charts/tekton-pipeline/templates/hubresolver-config-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: hubresolver-config - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -31,4 +30,4 @@ data: # the default layer kind in the hub image. default-kind: "task" # the default hub source to pull the resource from. - default-type: "artifact" + default-type: "artifact" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/pipelineresources.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/pipelineresources.tekton.dev-crd.yaml index 03a732c..daf14ec 100644 --- a/charts/tekton-pipeline/templates/pipelineresources.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/pipelineresources.tekton.dev-crd.yaml @@ -49,4 +49,4 @@ spec: categories: - tekton - tekton-pipelines - scope: Namespaced + scope: Namespaced \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/pipelineruns.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/pipelineruns.tekton.dev-crd.yaml index f9cf27f..4b7a4ca 100644 --- a/charts/tekton-pipeline/templates/pipelineruns.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/pipelineruns.tekton.dev-crd.yaml @@ -105,4 +105,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/pipelines-info-cm.yaml b/charts/tekton-pipeline/templates/pipelines-info-cm.yaml index 8198a8a..9225125 100644 --- a/charts/tekton-pipeline/templates/pipelines-info-cm.yaml +++ b/charts/tekton-pipeline/templates/pipelines-info-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: pipelines-info - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -26,4 +25,4 @@ data: # this ConfigMap such that even if we don't have access to # other resources in the namespace we still can have access to # this ConfigMap. - version: "v0.42.0" + version: "v0.42.0" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/pipelines.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/pipelines.tekton.dev-crd.yaml index 9689c16..01cd5b4 100644 --- a/charts/tekton-pipeline/templates/pipelines.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/pipelines.tekton.dev-crd.yaml @@ -74,4 +74,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/resolutionrequests.resolution.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/resolutionrequests.resolution.tekton.dev-crd.yaml index 8ef6695..39693e2 100644 --- a/charts/tekton-pipeline/templates/resolutionrequests.resolution.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/resolutionrequests.resolution.tekton.dev-crd.yaml @@ -98,4 +98,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/resolvers-feature-flags-cm.yaml b/charts/tekton-pipeline/templates/resolvers-feature-flags-cm.yaml index cc83a65..18f8725 100644 --- a/charts/tekton-pipeline/templates/resolvers-feature-flags-cm.yaml +++ b/charts/tekton-pipeline/templates/resolvers-feature-flags-cm.yaml @@ -16,7 +16,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: resolvers-feature-flags - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -29,4 +28,4 @@ data: # Setting this flag to "true" enables remote resolution of tasks and pipelines from Git repositories. enable-git-resolver: "true" # Setting this flag to "true" enables remote resolution of tasks and pipelines from other namespaces within the cluster. - enable-cluster-resolver: "true" + enable-cluster-resolver: "true" \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/runs.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/runs.tekton.dev-crd.yaml index 911ccc1..f94f198 100644 --- a/charts/tekton-pipeline/templates/runs.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/runs.tekton.dev-crd.yaml @@ -63,4 +63,4 @@ spec: categories: - tekton - tekton-pipelines - scope: Namespaced + scope: Namespaced \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/taskruns.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/taskruns.tekton.dev-crd.yaml index 05eaf55..19c7409 100644 --- a/charts/tekton-pipeline/templates/taskruns.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/taskruns.tekton.dev-crd.yaml @@ -105,4 +105,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tasks.tekton.dev-crd.yaml b/charts/tekton-pipeline/templates/tasks.tekton.dev-crd.yaml index 3de873c..666f444 100644 --- a/charts/tekton-pipeline/templates/tasks.tekton.dev-crd.yaml +++ b/charts/tekton-pipeline/templates/tasks.tekton.dev-crd.yaml @@ -77,4 +77,4 @@ spec: clientConfig: service: name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-aggregate-edit-clusterrole.yaml b/charts/tekton-pipeline/templates/tekton-aggregate-edit-clusterrole.yaml index fb6cf03..797ef90 100644 --- a/charts/tekton-pipeline/templates/tekton-aggregate-edit-clusterrole.yaml +++ b/charts/tekton-pipeline/templates/tekton-aggregate-edit-clusterrole.yaml @@ -40,4 +40,4 @@ rules: - list - patch - update - - watch + - watch \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-aggregate-view-clusterrole.yaml b/charts/tekton-pipeline/templates/tekton-aggregate-view-clusterrole.yaml index 5effc13..c7ec568 100644 --- a/charts/tekton-pipeline/templates/tekton-aggregate-view-clusterrole.yaml +++ b/charts/tekton-pipeline/templates/tekton-aggregate-view-clusterrole.yaml @@ -34,4 +34,4 @@ rules: verbs: - get - list - - watch + - watch \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-bot-sa.yaml b/charts/tekton-pipeline/templates/tekton-bot-sa.yaml index 114f243..0e4f0a4 100644 --- a/charts/tekton-pipeline/templates/tekton-bot-sa.yaml +++ b/charts/tekton-pipeline/templates/tekton-bot-sa.yaml @@ -15,7 +15,6 @@ apiVersion: v1 kind: ServiceAccount metadata: name: tekton-bot - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default diff --git a/charts/tekton-pipeline/templates/tekton-container-registry-auth-secret.yaml b/charts/tekton-pipeline/templates/tekton-container-registry-auth-secret.yaml index fc2a5f8..e2354b0 100644 --- a/charts/tekton-pipeline/templates/tekton-container-registry-auth-secret.yaml +++ b/charts/tekton-pipeline/templates/tekton-container-registry-auth-secret.yaml @@ -5,7 +5,6 @@ data: kind: Secret metadata: name: tekton-container-registry-auth - namespace: tekton-pipelines annotations: tekton.dev/docker-0: {{ .Values.auth.docker.url | quote }} labels: diff --git a/charts/tekton-pipeline/templates/tekton-git-secret.yaml b/charts/tekton-pipeline/templates/tekton-git-secret.yaml index 22766b9..2873480 100644 --- a/charts/tekton-pipeline/templates/tekton-git-secret.yaml +++ b/charts/tekton-pipeline/templates/tekton-git-secret.yaml @@ -6,7 +6,6 @@ data: kind: Secret metadata: name: tekton-git - namespace: tekton-pipelines annotations: tekton.dev/git-0: {{ .Values.auth.git.url | quote }} labels: diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-deploy.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-deploy.yaml index ae84753..bc68c55 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-deploy.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-deploy.yaml @@ -16,7 +16,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: tekton-pipelines-controller - namespace: tekton-pipelines labels: app.kubernetes.io/name: controller app.kubernetes.io/component: controller @@ -61,7 +60,7 @@ spec: serviceAccountName: tekton-pipelines-controller containers: - name: tekton-pipelines-controller - image: {{ .Values.controller.deployment.image }} + image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.42.0@sha256:1fa50403c071b768984e23e26d0e68d2f7e470284ef2eb73581ec556bacdad95 args: [ # These images are built on-demand by `ko resolve` and are replaced # by image references by digest. @@ -159,4 +158,4 @@ spec: - name: verification-secrets secret: secretName: verification-secrets - optional: true + optional: true \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-leaderelection-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-leaderelection-rb.yaml index f498ea4..4da57a9 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-leaderelection-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-leaderelection-rb.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-controller-leaderelection - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-rb.yaml index f05c278..df1ebff 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-rb.yaml @@ -16,7 +16,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-controller - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default @@ -24,7 +23,7 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-controller - namespace: tekton-pipelines + namespace: '{{ .Release.Namespace }}' roleRef: kind: Role name: tekton-pipelines-controller diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-role.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-role.yaml index 9ccb13f..d05f151 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-role.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-role.yaml @@ -16,7 +16,6 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: tekton-pipelines-controller - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-sa.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-sa.yaml index 5ad8fe8..a0b45c8 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-sa.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-sa.yaml @@ -15,7 +15,6 @@ apiVersion: v1 kind: ServiceAccount metadata: name: tekton-pipelines-controller - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-svc.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-svc.yaml index 2fb0f7f..00468a8 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-svc.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-svc.yaml @@ -13,7 +13,6 @@ metadata: app: tekton-pipelines-controller version: "v0.42.0" name: tekton-pipelines-controller - namespace: tekton-pipelines spec: ports: - name: http-metrics @@ -29,4 +28,4 @@ spec: app.kubernetes.io/name: controller app.kubernetes.io/component: controller app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines + app.kubernetes.io/part-of: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-controller-tenant-access-crb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-controller-tenant-access-crb.yaml index 83f31fa..a8a8f04 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-controller-tenant-access-crb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-controller-tenant-access-crb.yaml @@ -13,7 +13,7 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-controller - namespace: tekton-pipelines + namespace: '{{ .Release.Namespace }}' roleRef: kind: ClusterRole name: tekton-pipelines-controller-tenant-access diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-info-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-info-rb.yaml index 31f8cba..f541f32 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-info-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-info-rb.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-info - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -15,4 +14,4 @@ subjects: roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: tekton-pipelines-info + name: tekton-pipelines-info \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-info-role.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-info-role.yaml index d5b2716..466d284 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-info-role.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-info-role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: tekton-pipelines-info - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines @@ -14,4 +13,4 @@ rules: - apiGroups: [""] resources: ["configmaps"] resourceNames: ["pipelines-info"] - verbs: ["get"] + verbs: ["get"] \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-leader-election-role.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-leader-election-role.yaml index 8905f76..a00d9f1 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-leader-election-role.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-leader-election-role.yaml @@ -2,7 +2,6 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: tekton-pipelines-leader-election - namespace: tekton-pipelines labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-ns.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-ns.yaml index 7a613df..e43b016 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-ns.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-ns.yaml @@ -11,6 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. + apiVersion: v1 kind: Namespace metadata: @@ -18,4 +19,4 @@ metadata: labels: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines - pod-security.kubernetes.io/enforce: restricted + pod-security.kubernetes.io/enforce: restricted \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-remote-resolvers-deploy.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-remote-resolvers-deploy.yaml index 608a447..f582819 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-remote-resolvers-deploy.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-remote-resolvers-deploy.yaml @@ -15,7 +15,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: tekton-pipelines-remote-resolvers - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/name: resolvers app.kubernetes.io/component: resolvers @@ -103,4 +102,4 @@ spec: drop: - "ALL" seccompProfile: - type: RuntimeDefault + type: RuntimeDefault \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-crb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-crb.yaml index 3ceb972..e95623d 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-crb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-crb.yaml @@ -16,7 +16,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -24,8 +23,8 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers + namespace: '{{ .Release.Namespace }}' roleRef: kind: ClusterRole name: tekton-pipelines-resolvers-resolution-request-updates - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-rb.yaml index 11ca0e8..65fbd0c 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-rb.yaml @@ -16,7 +16,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-resolvers-namespace-rbac - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -24,8 +23,8 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers + namespace: '{{ .Release.Namespace }}' roleRef: kind: Role name: tekton-pipelines-resolvers-namespace-rbac - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-role.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-role.yaml index a64a35e..ff046f5 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-role.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-namespace-rbac-role.yaml @@ -16,7 +16,6 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: tekton-pipelines-resolvers-namespace-rbac - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default @@ -29,4 +28,4 @@ rules: # This is needed by leader election to run the controller in HA. - apiGroups: ["coordination.k8s.io"] resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] + verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-ns.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-ns.yaml deleted file mode 100644 index 08f05ca..0000000 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-ns.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2022 The Tekton Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: tekton-pipelines-resolvers - labels: - app.kubernetes.io/component: resolvers - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines - pod-security.kubernetes.io/enforce: restricted diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-resolution-request-updates-clusterrole.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-resolution-request-updates-clusterrole.yaml index 3215d74..a3e45ae 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-resolution-request-updates-clusterrole.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-resolution-request-updates-clusterrole.yaml @@ -31,4 +31,4 @@ rules: # Read-only access to these. - apiGroups: [""] resources: ["secrets"] - verbs: ["get", "list", "watch"] + verbs: ["get", "list", "watch"] \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-sa.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-sa.yaml index 08815c6..68aa6f7 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-sa.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-resolvers-sa.yaml @@ -16,8 +16,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: tekton-pipelines-resolvers - namespace: tekton-pipelines-resolvers labels: app.kubernetes.io/component: resolvers app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines + app.kubernetes.io/part-of: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-clusterrole.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-clusterrole.yaml index 5f40859..d103456 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-clusterrole.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-clusterrole.yaml @@ -59,4 +59,4 @@ rules: verbs: ["update"] # The webhook configured the namespace as the OwnerRef on various cluster-scoped resources, # which requires we can update the system namespace finalizers. - resourceNames: ["tekton-pipelines"] + resourceNames: ["tekton-pipelines"] \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-crb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-crb.yaml index 988ecf2..143c74e 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-crb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-cluster-access-crb.yaml @@ -9,8 +9,8 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: '{{ .Release.Namespace }}' roleRef: kind: ClusterRole name: tekton-pipelines-webhook-cluster-access - apiGroup: rbac.authorization.k8s.io + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-deploy.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-deploy.yaml index 22192d0..55534b5 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-deploy.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-deploy.yaml @@ -19,7 +19,6 @@ metadata: # config/400-webhook-service.yaml. If you change this name, you must also # change the value of WEBHOOK_SERVICE_NAME below. name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: app.kubernetes.io/name: webhook app.kubernetes.io/component: webhook diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-horizontalpodautoscaler.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-horizontalpodautoscaler.yaml index 22e5420..4cb9929 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-horizontalpodautoscaler.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-horizontalpodautoscaler.yaml @@ -16,7 +16,6 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: app.kubernetes.io/name: webhook app.kubernetes.io/component: webhook @@ -40,4 +39,4 @@ spec: name: cpu target: type: Utilization - averageUtilization: 100 + averageUtilization: 100 \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-leaderelection-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-leaderelection-rb.yaml index af102a4..13be960 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-leaderelection-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-leaderelection-rb.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-webhook-leaderelection - namespace: tekton-pipelines labels: app.kubernetes.io/component: webhook app.kubernetes.io/instance: default @@ -10,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: '{{ .Release.Namespace }}' roleRef: kind: Role name: tekton-pipelines-leader-election diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-rb.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-rb.yaml index 41c2c4a..78ef078 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-rb.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-rb.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: app.kubernetes.io/component: webhook app.kubernetes.io/instance: default @@ -10,7 +9,7 @@ metadata: subjects: - kind: ServiceAccount name: tekton-pipelines-webhook - namespace: tekton-pipelines + namespace: '{{ .Release.Namespace }}' roleRef: kind: Role name: tekton-pipelines-webhook diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-role.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-role.yaml index 6c65117..261662b 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-role.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-role.yaml @@ -2,7 +2,6 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: app.kubernetes.io/component: webhook app.kubernetes.io/instance: default diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-sa.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-sa.yaml index 0d45910..3cdf0e9 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-sa.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-sa.yaml @@ -2,8 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: tekton-pipelines-webhook - namespace: tekton-pipelines labels: app.kubernetes.io/component: webhook app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines + app.kubernetes.io/part-of: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-svc.yaml b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-svc.yaml index 896be88..673fd3e 100644 --- a/charts/tekton-pipeline/templates/tekton-pipelines-webhook-svc.yaml +++ b/charts/tekton-pipeline/templates/tekton-pipelines-webhook-svc.yaml @@ -13,7 +13,6 @@ metadata: app: tekton-pipelines-webhook version: "v0.42.0" name: tekton-pipelines-webhook - namespace: tekton-pipelines spec: ports: # Define metrics and profiling for them to be accessible within service meshes. @@ -32,4 +31,4 @@ spec: app.kubernetes.io/name: webhook app.kubernetes.io/component: webhook app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-pipelines + app.kubernetes.io/part-of: tekton-pipelines \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/webhook-certs-secret.yaml b/charts/tekton-pipeline/templates/webhook-certs-secret.yaml index a03ebfa..782a8dc 100644 --- a/charts/tekton-pipeline/templates/webhook-certs-secret.yaml +++ b/charts/tekton-pipeline/templates/webhook-certs-secret.yaml @@ -16,10 +16,9 @@ apiVersion: v1 kind: Secret metadata: name: webhook-certs - namespace: tekton-pipelines labels: app.kubernetes.io/component: webhook app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-pipelines pipeline.tekton.dev/release: "v0.42.0" -# The data is populated at install time. \ No newline at end of file + # The data is populated at install time. \ No newline at end of file diff --git a/charts/tekton-pipeline/templates/webhook.pipeline.tekton.dev-mutwebhookcfg.yaml b/charts/tekton-pipeline/templates/webhook.pipeline.tekton.dev-mutwebhookcfg.yaml index e4faad1..7ddff56 100644 --- a/charts/tekton-pipeline/templates/webhook.pipeline.tekton.dev-mutwebhookcfg.yaml +++ b/charts/tekton-pipeline/templates/webhook.pipeline.tekton.dev-mutwebhookcfg.yaml @@ -15,4 +15,4 @@ webhooks: namespace: tekton-pipelines failurePolicy: Fail sideEffects: None - name: webhook.pipeline.tekton.dev \ No newline at end of file + name: webhook.pipeline.tekton.dev diff --git a/src/templates/tekton-bot-sa.yaml b/src/templates/tekton-bot-sa.yaml index 114f243..0e4f0a4 100644 --- a/src/templates/tekton-bot-sa.yaml +++ b/src/templates/tekton-bot-sa.yaml @@ -15,7 +15,6 @@ apiVersion: v1 kind: ServiceAccount metadata: name: tekton-bot - namespace: tekton-pipelines labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: default diff --git a/src/templates/tekton-container-registry-auth-secret.yaml b/src/templates/tekton-container-registry-auth-secret.yaml index fc2a5f8..e2354b0 100644 --- a/src/templates/tekton-container-registry-auth-secret.yaml +++ b/src/templates/tekton-container-registry-auth-secret.yaml @@ -5,7 +5,6 @@ data: kind: Secret metadata: name: tekton-container-registry-auth - namespace: tekton-pipelines annotations: tekton.dev/docker-0: {{ .Values.auth.docker.url | quote }} labels: diff --git a/src/templates/tekton-git-secret.yaml b/src/templates/tekton-git-secret.yaml index 22766b9..2873480 100644 --- a/src/templates/tekton-git-secret.yaml +++ b/src/templates/tekton-git-secret.yaml @@ -6,7 +6,6 @@ data: kind: Secret metadata: name: tekton-git - namespace: tekton-pipelines annotations: tekton.dev/git-0: {{ .Values.auth.git.url | quote }} labels: