feat(charts)!: Update Helm release vpa to 4.7.1 #2405
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -280,7 +296,7 @@
containers:
- name: vpa
securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -325,7 +341,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +355,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +366,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +436,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +461,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +482,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +517,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +561,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +569,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
16ba8d8 to
f57ef87
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -280,7 +296,7 @@
containers:
- name: vpa
securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +327,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +339,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +353,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +364,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +434,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +459,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +480,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +515,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +559,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +567,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
f57ef87 to
bbc894a
Compare
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -280,7 +296,7 @@
containers:
- name: vpa
securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +327,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +339,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +353,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +364,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +434,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +459,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +480,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +515,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +559,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +567,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
bbc894a to
cd6b0dd
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.28
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
cd6b0dd to
8d6d759
Compare
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
8d6d759 to
f2f63fa
Compare
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
f2f63fa to
946e2d8
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
946e2d8 to
fdb2bb9
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.29
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
fdb2bb9 to
b69d163
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.30
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.30
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.30
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
b69d163 to
1450ac7
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
1450ac7 to
e3ee190
Compare
renovate
bot
changed the title
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
Signed-off-by: Danny Froberg <[email protected]>
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/vpa-4.x
branch
from
e3ee190 to
4cb8999
Compare
|
Path: @@ -10,18 +10,6 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: recommender
---
-# Source: vpa/templates/updater-service-account.yaml
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: vpa-updater
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/component: updater
----
# Source: vpa/templates/clusterroles.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@@ -69,7 +57,6 @@
- get
- list
- watch
- - patch
- apiGroups:
- "autoscaling.k8s.io"
resources:
@@ -84,6 +71,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
+ name: vpa-status-actor
+rules:
+ - apiGroups:
+ - "autoscaling.k8s.io"
+ resources:
+ - verticalpodautoscalers/status
+ verbs:
+ - get
+ - patch
+---
+# Source: vpa/templates/clusterroles.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
name: vpa-checkpoint-actor
rules:
- apiGroups:
@@ -225,6 +226,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
+ name: vpa-status-actor
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-status-actor
+subjects:
+ - kind: ServiceAccount
+ name: vpa-recommender
+ namespace: default
+---
+# Source: vpa/templates/clusterrolebindings.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
name: vpa-actor
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -261,6 +276,7 @@
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: recommender
@@ -277,10 +293,17 @@
securityContext:
runAsNonRoot: true
runAsUser: 65534
+ seccompProfile:
+ type: RuntimeDefault
containers:
- name: vpa
- securityContext: {}
- image: "k8s.gcr.io/autoscaling/vpa-recommender:0.11.0"
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ image: registry.k8s.io/autoscaling/vpa-recommender:1.0.0
imagePullPolicy: Always
args:
- --pod-recommendation-min-cpu-millicores=15
@@ -311,9 +334,7 @@
containerPort: 8942
protocol: TCP
resources:
- limits:
- cpu: 200m
- memory: 1000Mi
+ limits: {}
requests:
cpu: 50m
memory: 500Mi
@@ -325,7 +346,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "10"
name: vpa-test
---
# Source: vpa/templates/tests/rbac.yaml
@@ -340,7 +360,6 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "20"
rules:
- apiGroups:
- "metrics.k8s.io"
@@ -352,11 +371,59 @@
- "apiextensions.k8s.io"
resources:
- customresourcedefinitions
+ resourceNames:
+ - verticalpodautoscalercheckpoints.autoscaling.k8s.io
+ - verticalpodautoscalers.autoscaling.k8s.io
verbs:
- get
- list
- watch
- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - mutatingwebhookconfigurations
+ resourceNames:
+ - vpa-webhook-config
+ verbs:
+ - get
+ - list
+ - watch
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: vpa-test
+subjects:
+ - kind: ServiceAccount
+ name: vpa-test
+ namespace: default
+---
+# Source: vpa/templates/tests/rbac.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: vpa-test
+ labels:
+ app.kubernetes.io/name: vpa
+ app.kubernetes.io/instance: vpa
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ "helm.sh/hook": "test"
+ "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
+rules:
+ - apiGroups:
- "autoscaling.k8s.io"
resources:
- verticalpodautoscalers
@@ -374,10 +441,22 @@
- get
- list
- watch
+ - apiGroups:
+ - ""
+ resources:
+ - secrets
+ - services
+ resourceNames:
+ - vpa-webhook
+ - vpa-tls-secret
+ verbs:
+ - get
+ - list
+ - watch
---
# Source: vpa/templates/tests/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: RoleBinding
metadata:
name: vpa-test
labels:
@@ -387,21 +466,20 @@
annotations:
"helm.sh/hook": "test"
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation,hook-failed"
- "helm.sh/hook-weight": "30"
roleRef:
apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
+ kind: Role
name: vpa-test
subjects:
- kind: ServiceAccount
name: vpa-test
namespace: default
---
-# Source: vpa/templates/tests/crd-available.yaml
+# Source: vpa/templates/tests/crds-available.yaml
apiVersion: v1
kind: Pod
metadata:
- name: vpa-checkpoint-crd-available
+ name: vpa-test-crds-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -409,41 +487,26 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
+ "helm.sh/hook-weight": "10"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get
- crd
- verticalpodautoscalercheckpoints.autoscaling.k8s.io
- restartPolicy: Never
----
-# Source: vpa/templates/tests/crd-available.yaml
-apiVersion: v1
-kind: Pod
-metadata:
- name: vpa-crd-available
- labels:
- app.kubernetes.io/name: vpa
- app.kubernetes.io/instance: vpa
- app.kubernetes.io/managed-by: Helm
- annotations:
- "helm.sh/hook": test
- "helm.sh/hook-delete-policy": "hook-succeeded,before-hook-creation"
- "helm.sh/hook-weight": "50"
-spec:
- serviceAccountName: vpa-test
- containers:
- - name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
- command: ['kubectl']
- args:
- - get
- - crd
- verticalpodautoscalers.autoscaling.k8s.io
restartPolicy: Never
---
@@ -459,20 +522,28 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "100"
+ "helm.sh/hook-weight": "20"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['bash']
args:
- -c
- |
#!/bin/bash
- set -e
- set -x
+ set -ex
cat <<EOF | kubectl -n default apply -f -
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
@@ -495,7 +566,7 @@
apiVersion: v1
kind: Pod
metadata:
- name: vpa-metrics-api-available
+ name: vpa-test-metrics-api-available
labels:
app.kubernetes.io/name: vpa
app.kubernetes.io/instance: vpa
@@ -503,12 +574,21 @@
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
- "helm.sh/hook-weight": "70"
+ "helm.sh/hook-weight": "40"
spec:
serviceAccountName: vpa-test
containers:
- name: test
- image: quay.io/reactiveops/ci-images:v11-alpine
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 10324
+ image: bitnami/kubectl:1.31
+ imagePullPolicy: Always
command: ['kubectl']
args:
- get |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.5.0->4.7.1Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.