Update image version in manifest to v0.2.4

GoogleCloudPlatform · Jul 15, 2021 · 524860a · 524860a
1 parent cf7568e
commit 524860a
Show file tree

Hide file tree

Showing 8 changed files with 47 additions and 67 deletions.
diff --git a/manifests/Kptfile b/manifests/Kptfile
@@ -1,22 +1,8 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 apiVersion: kpt.dev/v1
 kind: Kptfile
 metadata:
  name: gatekeeper-securitycenter
  annotations:
- config.kubernetes.io/local-config: 'true'
+ config.kubernetes.io/local-config: "true"
 info:
  description: kpt package for gatekeeper-securitycenter
diff --git a/manifests/README.md b/manifests/README.md
@@ -16,7 +16,7 @@ This package assumes that you have already created the
 ### Fetch this package
 
 ```sh
-VERSION=v0.2.3
+VERSION=v0.2.4
 kpt pkg get https://github.com/GoogleCloudPlatform/gatekeeper-securitycenter.git/manifests@$VERSION manifests
 ```
 

diff --git a/manifests/cluster-role-binding.yaml b/manifests/cluster-role-binding.yaml
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
@@ -23,6 +22,6 @@ roleRef:
  kind: ClusterRole
  apiGroup: rbac.authorization.k8s.io
 subjects:
-- name: gatekeeper-securitycenter-controller
- namespace: gatekeeper-securitycenter
- kind: ServiceAccount
+ - name: gatekeeper-securitycenter-controller
+  namespace: gatekeeper-securitycenter
+  kind: ServiceAccount
diff --git a/manifests/cluster-role.yaml b/manifests/cluster-role.yaml
@@ -11,18 +11,17 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  name: gatekeeper-securitycenter-view-all
  labels:
  gatekeeper-securitycenter/system: 'yes'
 rules:
-- resources:
- - '*'
- apiGroups:
- - '*'
- verbs:
- - get
- - list
+ - resources:
+  - '*'
+  apiGroups:
+  - '*'
+  verbs:
+  - get
+  - list
diff --git a/manifests/config-map.yaml b/manifests/config-map.yaml
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: v1
 kind: ConfigMap
 metadata:

diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -39,38 +38,38 @@ spec:
  spec:
  serviceAccountName: gatekeeper-securitycenter-controller
  containers:
- - name: manager
- image: ko://github.com/googlecloudplatform/gatekeeper-securitycenter # kpt-set: ${image}
- args:
- - findings
- - manager
- - --source=$(SOURCE)
- - --cluster=$(CLUSTER)
- - --interval=120 # kpt-set: --interval=${interval}
- - --dry-run=false # kpt-set: --dry-run=${dry-run}
- env:
- - name: SOURCE
- valueFrom:
- configMapKeyRef:
- name: gatekeeper-securitycenter-config
- key: SOURCE_NAME
- - name: CLUSTER
- valueFrom:
- configMapKeyRef:
- name: gatekeeper-securitycenter-config
- key: CLUSTER_NAME
- - name: DEBUG
- value: "false" # kpt-set: ${debug-env}
- resources:
- requests:
- cpu: 250m # kpt-set: ${request-cpu}
- memory: 512Mi # kpt-set: ${request-memory}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - all
- readOnlyRootFilesystem: true
- runAsGroup: 65532
- runAsNonRoot: true
- runAsUser: 65532
+  - name: manager
+  image: ghcr.io/googlecloudplatform/gatekeeper-securitycenter:v0.2.4@sha256:e6498c4337a0e3af05b7b6d84f1664474853e24398b580f1274c9a2efe9332af # kpt-set: ${image}
+  args:
+  - findings
+  - manager
+  - --source=$(SOURCE)
+  - --cluster=$(CLUSTER)
+  - --interval=120 # kpt-set: --interval=${interval}
+  - --dry-run=false # kpt-set: --dry-run=${dry-run}
+  env:
+  - name: SOURCE
+  valueFrom:
+  configMapKeyRef:
+  name: gatekeeper-securitycenter-config
+  key: SOURCE_NAME
+  - name: CLUSTER
+  valueFrom:
+  configMapKeyRef:
+  name: gatekeeper-securitycenter-config
+  key: CLUSTER_NAME
+  - name: DEBUG
+  value: "false" # kpt-set: ${debug-env}
+  resources:
+  requests:
+  cpu: 250m # kpt-set: ${request-cpu}
+  memory: 512Mi # kpt-set: ${request-memory}
+  securityContext:
+  allowPrivilegeEscalation: false
+  capabilities:
+  drop:
+  - all
+  readOnlyRootFilesystem: true
+  runAsGroup: 65532
+  runAsNonRoot: true
+  runAsUser: 65532
diff --git a/manifests/namespace.yaml b/manifests/namespace.yaml
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: v1
 kind: Namespace
 metadata:

diff --git a/manifests/service-account.yaml b/manifests/service-account.yaml
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 apiVersion: v1
 kind: ServiceAccount
 metadata: