Merge pull request #260 from KoppulaRajender/5.3

5.3 | Updating Readme files & Changelog

Author: KoppulaRajender

enforcer/CHANGELOG.md

@@ -2,3 +2,8 @@
 
 Improvements:
 * Adding Changelog
+
+# 5.3.2 (May 4th 2021)
+
+Improvements:
+* Updated Readme

enforcer/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "5.3"
 description: A Helm chart for the Aqua Enforcer
 name: enforcer
-version: 5.3.1
+version: 5.3.2
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 home: https://www.aquasec.com/
 maintainers:

enforcer/README.md

@@ -24,24 +24,38 @@ These are Helm charts for installation and maintenance of Aqua Container Securit
 ## Installing the Chart
 Follow the steps in this section for production grade deployments. You can either clone aqua-helm git repo or you can add our helm private repository ([https://helm.aquasec.com](https://helm.aquasec.com))
 
+### Installing Aqua Enforcer from Github Repo
+
 * Clone the GitHub repository with the charts
 
 ```bash
-git clone https://github.com/aquasecurity/aqua-helm.git
+git clone -b 5.3 https://github.com/aquasecurity/aqua-helm.git
 cd aqua-helm/
 ```
 
+* Install Aqua Enforcer
+```bash
+helm upgrade --install --namespace aqua aqua-enforcer ./enforcer --set imageCredentials.username=<>,imageCredentials.password=<>,enforcerToken=<aquasec-token>
+```
+
+### Installing Aqua Enforcer from Helm Private Repository
+
 * Add Aqua Helm Repository
 ```bash
 $ helm repo add aqua-helm https://helm.aquasec.com
 ```
 
-* Install Aqua Enforcer
+* Check for the available chart versions either from [Changelog](./CHANGELOG.md) or by running the below command
+```bash
+$ helm search repo aqua-helm/enforcer --versions
+```
 
+* Install Aqua Enforcer
 ```bash
-helm upgrade --install --namespace aqua aqua-enforcer ./enforcer --set imageCredentials.username=<>,imageCredentials.password=<>,enforcerToken=<aquasec-token>
+$ helm upgrade --install --namespace aqua aqua-enforcer aqua-helm/enforcer --set imageCredentials.username=<>,imageCredentials.password=<>,enforcerToken=<aquasec-token> --version <>
 ```
 
+
 ## Advanced Configuration
 
 In order to support L7 / gRPC communication between enforcer and envoy it is recommended to follow the detailed steps to enable and deploy a enforcer.

kube-enforcer/CHANGELOG.md

@@ -2,3 +2,9 @@
 
 Improvements:
 * Adding Changelog
+
+# 5.3.2 (May 4th 2021)
+
+Improvements:
+* Updated Readme
+* Added timeouts for KE webhooks #[246](https://github.com/aquasecurity/aqua-helm/pull/246)

kube-enforcer/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "5.3"
 description: A Helm chart for the Aqua KubeEnforcer
 name: kube-enforcer
-version: 5.3.1
+version: 5.3.2
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 keywords:
 - scanning

kube-enforcer/README.md

@@ -71,10 +71,12 @@ Optionally, you can provide these certificates in base64 encoded format as flags
 
 ## Deploying the HELM chart
 
+### Installing Aqua Kube-Enforcer from Github Repo
+
 1. Clone the GitHub repository with the charts:
 
    ```bash
-   git clone https://github.com/aquasecurity/kube-enforcer-helm.git
+   $ git clone -b 5.3 https://github.com/aquasecurity/kube-enforcer-helm.git
    ```
 
 2. (Optional) Update the Helm charts `values.yaml` file with your environment's custom values, registry secret, Aqua Server (console) credentials, and TLS certificates. This eliminates the need to pass the parameters to the HELM command. Then run one of the following commands to deploy the relevant services.
@@ -84,19 +86,54 @@ Optionally, you can provide these certificates in base64 encoded format as flags
    3a. To deploy the KubeEnforcer on the same cluster as the Aqua Server (console), run this command on that cluster:
 
    ```shell
-   helm upgrade --install --namespace aqua kube-enforcer ./kube-enforcer
+   $ helm upgrade --install --namespace aqua kube-enforcer ./kube-enforcer
    ```
 
    3b. Multi-cluster: To deploy the KubeEnforcer in a different cluster:
 
    First, create a namespace on that cluster named `aqua`:
    ```bash
-   kubectl create namespace aqua
+   $ kubectl create namespace aqua
    ```
    Next, run the following command:
 
    ```shell
-   helm upgrade --install --namespace aqua kube-enforcer ./kube-enforcer --set envs.gatewayAddress="<Aqua_Remote_Gateway_IP/URL>",imageCredentials.username=<registry-username>,imageCredentials.password=<registry-password>
+   $ helm upgrade --install --namespace aqua kube-enforcer ./kube-enforcer --set envs.gatewayAddress="<Aqua_Remote_Gateway_IP/URL>",imageCredentials.username=<registry-username>,imageCredentials.password=<registry-password>
+   ```
+
+### Installing Aqua Kube-Enforcer from Helm Private Repository
+
+1. Add Aqua Helm Repository
+
+   ```bash
+   $ helm repo add aqua-helm https://helm.aquasec.com
+   ```
+
+2. (Optional) Update the Helm charts `values.yaml` file with your environment's custom values, registry secret, Aqua Server (console) credentials, and TLS certificates. This eliminates the need to pass the parameters to the HELM command. Then run one of the following commands to deploy the relevant services.
+
+3. Check for the available chart versions either from [Changelog](./CHANGELOG.md) or by running the below command
+```bash
+$ helm search repo aqua-helm/kube-enforcer --versions
+```
+
+4. Choose **either** 4a **or** 4b:
+
+   4a. To deploy the KubeEnforcer on the same cluster as the Aqua Server (console), run this command on that cluster:
+     
+   ```shell
+   $ helm upgrade --install --namespace aqua kube-enforcer aqua-helm/kube-enforcer --version <>
+   ```
+    
+   4b. Multi-cluster: To deploy the KubeEnforcer in a different cluster:
+
+   First, create a namespace on that cluster named `aqua`:
+   ```bash
+   $ kubectl create namespace aqua
+   ```
+   Next, copy the values.yaml content from  [Values.yaml](./values.yaml) and make the respective changes then run the following command:
+   
+   ```shell
+   $ helm upgrade --install --namespace aqua kube-enforcer aqua-helm/kube-enforcer --values values.yaml --version <>
    ```
 
 Optional flags:

scanner/CHANGELOG.md

@@ -2,3 +2,8 @@
 
 Improvements:
 * Adding Changelog
+
+# 5.3.2 (May 4th 2021)
+
+Improvements:
+* Updated Readme

scanner/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "5.3"
 description: A Helm chart for the Aqua Scanner CLI component
 name: scanner
-version: 5.3.1
+version: 5.3.2
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 home: https://www.aquasec.com/
 maintainers:

scanner/README.md

@@ -24,24 +24,41 @@ These are Helm charts for installation and maintenance of Aqua Container Securit
 ## Installing the Chart
 Follow the steps in this section for production grade deployments. You can either clone aqua-helm git repo or you can add our helm private repository ([https://helm.aquasec.com](https://helm.aquasec.com))
 
+### Installing Aqua Scanner from Github Repo
+
 * Clone the GitHub repository with the charts
 
 ```bash
-git clone https://github.com/aquasecurity/aqua-helm.git
-cd aqua-helm/
+$ git clone -b 5.3 https://github.com/aquasecurity/aqua-helm.git
+$ cd aqua-helm/
+```
+
+
+* Install Aqua
+
+```bash
+$ helm upgrade --install --namespace aqua scanner ./scanner --set imageCredentials.username=<>,imageCredentials.password=<>
 ```
 
+### Installing Aqua Scanner from Helm Private Repository
+
 * Add Aqua Helm Repository
 ```bash
 $ helm repo add aqua-helm https://helm.aquasec.com
 ```
 
-* Install Aqua Scanner
+* Check for the available chart versions either from [Changelog](./CHANGELOG.md) or by running the below command
+```bash
+$ helm search repo aqua-helm/scanner --versions
+```
+
+* Install Aqua
 
 ```bash
-helm upgrade --install --namespace aqua scanner ./scanner --set imageCredentials.username=<>,imageCredentials.password=<>,user=<>,password=<>
+$ helm upgrade --install --namespace aqua scanner aqua-helm/scanner --set imageCredentials.username=<>,imageCredentials.password=<> --version <>
 ```
 
+
 Before installing scanner chart the recommendation is to create user with scanning permissions, [Link to documentations](https://docs.aquasec.com/docs/add-scanners#section-add-a-scanner-user)
 
 ## Configurable Variables

server/CHANGELOG.md

@@ -2,3 +2,10 @@
 
 Improvements:
 * Adding Changelog
+
+# 5.3.2 (May 4th 2021)
+
+Improvements:
+* Updated Readme
+* Added Maintenance Db support #[246](https://github.com/aquasecurity/aqua-helm/pull/246)
+* added annotations support for SA creation  #[249](https://github.com/aquasecurity/aqua-helm/pull/249)

server/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "5.3"
 description: A Helm chart for the Aqua Console components
 name: server
-version: 5.3.1
+version: 5.3.2
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 home: https://www.aquasec.com/
 maintainers:

server/README.md

@@ -37,23 +37,39 @@ db:
 ## Installing the Chart
 Follow the steps in this section for production grade deployments. You can either clone aqua-helm git repo or you can add our helm private repository ([https://helm.aquasec.com](https://helm.aquasec.com))
 
+### Installing Aqua Web from Github Repo
+
 * Clone the GitHub repository with the charts
 
 ```bash
-git clone https://github.com/aquasecurity/aqua-helm.git
-cd aqua-helm/
+$ git clone -b 5.3 https://github.com/aquasecurity/aqua-helm.git
+$ cd aqua-helm/
+```
+
+* Install Aqua
+
+```bash
+$ helm upgrade --install --namespace aqua aqua ./server --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<>
 ```
 
+### Installing Aqua Web from Helm Private Repository
+
 * Add Aqua Helm Repository
 ```bash
 $ helm repo add aqua-helm https://helm.aquasec.com
 ```
 
+* Check for the available chart versions either from [Changelog](./CHANGELOG.md) or by running the below command
+```bash
+$ helm search repo aqua-helm/server --versions
+```
+
 * Install Aqua
 
 ```bash
-helm upgrade --install --namespace aqua aqua ./server --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<>
+$ helm upgrade --install --namespace aqua aqua aqua-helm/server --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<> --version <>
 ```
+
 ## Advanced Configuration
 
 1. Envoy
@@ -92,8 +108,9 @@ helm upgrade --install --namespace aqua aqua ./server --set imageCredentials.use
    2. Create TLS cert secret
 
       ```bash
-      # Please be notified that tls.key and tls.crt in the below command are same
-      # as mydomain.com.key and mydomain.com.crt in the above openssl commands
+      # Please be notified that tls.key and tls.crt in the below command are default filenames
+      # and same as mydomain.com.key and mydomain.com.crt in the above openssl commands
+      # If tls.crt and tls.key filenames are changed then it should be changed in values.yaml envoy config
       $ kubectl create secret tls aqua-lb-tls --key tls.key --cert tls.crt -n aqua
       ```
 

server/values.yaml

@@ -134,7 +134,7 @@ gate:
     tag: "5.3"
     pullPolicy: IfNotPresent
   service:
-    type: ClusterIP
+    type: ClusterIP     #for OCP/OSD environments Can enable gateway to external by changing type to "LoadBalancer"
     annotations: {}
     ports:
       - name: aqua-gate

tenant-manager/CHANGELOG.md

@@ -2,3 +2,9 @@
 
 Improvements:
 * Adding Changelog
+
+# 5.3.2 (May 4th 2021)
+
+Improvements:
+* Updated Readme
+* Added Maintenance Db support #[253](https://github.com/aquasecurity/aqua-helm/pull/253)

tenant-manager/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "5.3"
 description: A Helm chart for the Aqua Tenant Manager
 name: tenant-manger
-version: 5.3.1
+version: 5.3.2
 icon: https://avatars3.githubusercontent.com/u/12783832?s=200&v=4
 home: https://www.aquasec.com/
 maintainers:

tenant-manager/README.md

@@ -39,31 +39,39 @@ db:
 ## Installing the Chart
 Follow the steps in this section for production-grade deployments. You can either clone the aqua-helm GitHub repo or you can add our private Helm repository ([https://helm.aquasec.com](https://helm.aquasec.com)).
 
-* Using the GitHub repo
+### Installing Aqua Tenant Manager from Github Repo
 
-    a. Clone the GitHub repository with the charts:
+* Clone the GitHub repository with the charts:
 
-    ```bash
-    git clone https://github.com/aquasecurity/aqua-helm.git
-    cd aqua-helm/
-    ```
-    b. Deploy the Aqua Tenant Manager
+```bash
+$ git clone -b 5.3 https://github.com/aquasecurity/aqua-helm.git
+$ cd aqua-helm/
+```
+
+* Deploy the Aqua Tenant Manager
 
-    ```bash
-    helm upgrade --install --namespace aqua aqua ./tenant-manger --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<>
-    ```
+```bash
+$ helm upgrade --install --namespace aqua tenant-manager ./tenant-manger --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<>
+```
 
-* Using the Helm Repo
+### Installing Aqua Tenant Manager from Helm Private Repository
 
-    a. Add the Aqua Helm repository
+* Add the Aqua Helm repository
+
+```bash
+$ helm repo add aqua-helm https://helm.aquasec.com
+```
+
+* Check for the available chart versions either from [Changelog](./CHANGELOG.md) or by running the below command
+```bash
+$ helm search repo aqua-helm/tenant-manager --versions
+```
 
-    ```bash
-    $ helm repo add aqua-helm https://helm.aquasec.com
-    ```
-    b. Deploy the Aqua Tenant Manager
+* Deploy the Aqua Tenant Manager
 
-    ```bash
-    helm upgrade --install --namespace aqua <release_name> aqua-helm/tenant-manager --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<>
+```bash
+$ helm upgrade --install --namespace aqua tenant-manager aqua-helm/tenant-manager --set imageCredentials.username=<>,imageCredentials.password=<>,platform=<> --version <>
+```
 
 ## Database