Skip to content

chore(chart-deps): update oauth2-proxy to version 7.17.1 #2449

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 9 commits into from
Closed

chore(chart-deps): update oauth2-proxy to version 7.17.1 #2449

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
3f6733d
chore(chart-deps): update oauth2-proxy to version 7.17.1
svcAPLBot Aug 12, 2025
17c4c31
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 12, 2025
c51f43b
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 12, 2025
5c4fcea
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 12, 2025
c03f68b
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 12, 2025
8e9d142
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 13, 2025
5d27167
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 14, 2025
5738976
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 14, 2025
3d7fd2a
Merge remote-tracking branch 'origin/main' into ci-update-oauth2-prox…
svcAPLBot Aug 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion chart/chart-index/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ dependencies:
version: 11.10.13
repository: https://charts.bitnami.com/bitnami
- name: oauth2-proxy
version: 7.12.18
version: 7.17.1
repository: https://oauth2-proxy.github.io/manifests
- name: opentelemetry-operator
alias: otel-operator
Expand Down
6 changes: 3 additions & 3 deletions charts/oauth2-proxy/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
dependencies:
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 21.2.3
digest: sha256:43cdc9bb861291fef9537f0d7186fc8db6eba1a42df5d23ddb9a39ac7917702e
generated: "2025-06-11T07:39:11.941597009Z"
version: 22.0.1
digest: sha256:7e8f393290629839ef212fb63e9ab4c5170ccba3da30c06c464a554987fcbb45
generated: "2025-08-11T14:45:37.460990457Z"
8 changes: 4 additions & 4 deletions charts/oauth2-proxy/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@ annotations:
description: Updated the Redis chart to the latest version
links:
- name: Github PR
url: https://github.com/oauth2-proxy/manifests/pull/316
url: https://github.com/oauth2-proxy/manifests/pull/334
apiVersion: v2
appVersion: 7.9.0
appVersion: 7.11.0
dependencies:
- alias: redis
condition: redis.enabled
name: redis
repository: https://charts.bitnami.com/bitnami
version: 21.2.3
version: 22.0.1
description: A reverse proxy that provides authentication with Google, Github or other
providers
home: https://oauth2-proxy.github.io/oauth2-proxy/
Expand All @@ -36,4 +36,4 @@ name: oauth2-proxy
sources:
- https://github.com/oauth2-proxy/oauth2-proxy
- https://github.com/oauth2-proxy/manifests
version: 7.12.18
version: 7.17.1
8 changes: 7 additions & 1 deletion charts/oauth2-proxy/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ The following table lists the configurable parameters of the oauth2-proxy chart
| `autoscaling.targetCPUUtilizationPercentage` | Horizontal Pod Autoscaler setting. | `80` |
| `autoscaling.targetMemoryUtilizationPercentage` | Horizontal Pod Autoscaler setting. | `` |
| `autoscaling.annotations` | Horizontal Pod Autoscaler annotations. | `{}` |
| `autoscaling.behavior` | Configure HPA behavior policies for scaling. See [docs](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#configuring-scaling-behavior) | `{}` |
| `alphaConfig.enabled` | Flag to toggle any alpha config-related logic | `false` |
| `alphaConfig.annotations` | Configmap annotations | `{}` |
| `alphaConfig.serverConfigData` | Arbitrary configuration data to append to the server section | `{}` |
Expand Down Expand Up @@ -178,7 +179,8 @@ The following table lists the configurable parameters of the oauth2-proxy chart
| `podAnnotations` | annotations to add to each pod | `{}` |
| `podLabels` | additional labels to add to each pod | `{}` |
| `podDisruptionBudget.enabled` | Enabled creation of PodDisruptionBudget (only if replicaCount > 1) | true |
| `podDisruptionBudget.minAvailable` | minAvailable parameter for PodDisruptionBudget | 1 |
| `podDisruptionBudget.maxUnavailable` | maxUnavailable parameter for PodDisruptionBudget, one of maxUnavailable and minAvailable must be null | null |
| `podDisruptionBudget.minAvailable` | minAvailable parameter for PodDisruptionBudget, one of maxUnavailable and minAvailable must be null | 1 |
| `podSecurityContext` | Kubernetes security context to apply to pod | `{}` |
| `priorityClassName` | priorityClassName | `nil` |
| `readinessProbe.enabled` | enable Kubernetes readinessProbe. Disable to use oauth2-proxy with Istio mTLS. See [Istio FAQ](https://istio.io/help/faq/security/#k8s-health-checks) | `true` |
Expand All @@ -199,6 +201,10 @@ The following table lists the configurable parameters of the oauth2-proxy chart
| `service.loadBalancerSourceRanges` | allowed source ranges in load balancer | `nil` |
| `service.nodePort` | external port number for the service when service.type is `NodePort` | `nil` |
| `service.targetPort` | (optional) a numeric port number (e.g., 80) or a port name defined in the pod's container(s) (e.g., http) | `""` |
| `service.ipDualStack.enabled` | enable IPv4/IPv6 dual-stack for the service | `false` |
| `service.ipDualStack.ipFamilies` | ip families for the service if IPv4/IPv6 dual-stack is enabled | `["IPv6", "IPv4"]` |
| `service.ipDualStack.ipFamilyPolicy` | ip family policy for the service if IPv4/IPv6 dual-stack is enabled | `"PreferDualStack"` |
| `service.trafficDistribution` | traffic distribution policy for the service. See [Kubernetes docs](https://kubernetes.io/docs/concepts/services-networking/service/#traffic-distribution) | `""` |
| `serviceAccount.enabled` | create a service account | `true` |
| `serviceAccount.name` | the service account name | `` |
| `serviceAccount.annotations` | (optional) annotations for the service account | `{}` |
Expand Down
6 changes: 3 additions & 3 deletions charts/oauth2-proxy/charts/redis/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.31.0
digest: sha256:c4c9af4e0ca23cf2c549e403b2a2bba2c53a3557cee23da09fa4cdf710044c2c
generated: "2025-05-06T10:59:26.624907586+02:00"
version: 2.31.3
digest: sha256:f9c314553215490ea1b94c70082cb152d6ff5916ce185b4e00f5287f81545b4c
generated: "2025-08-07T15:58:39.930610919Z"
14 changes: 7 additions & 7 deletions charts/oauth2-proxy/charts/redis/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,19 @@ annotations:
category: Database
images: |
- name: kubectl
image: docker.io/bitnami/kubectl:1.33.1-debian-12-r5
image: docker.io/bitnami/kubectl:1.33.3-debian-12-r3
- name: os-shell
image: docker.io/bitnami/os-shell:12-debian-12-r46
image: docker.io/bitnami/os-shell:12-debian-12-r50
- name: redis
image: docker.io/bitnami/redis:8.0.2-debian-12-r3
image: docker.io/bitnami/redis:8.2.0-debian-12-r0
- name: redis-exporter
image: docker.io/bitnami/redis-exporter:1.74.0-debian-12-r0
image: docker.io/bitnami/redis-exporter:1.75.0-debian-12-r0
- name: redis-sentinel
image: docker.io/bitnami/redis-sentinel:8.0.2-debian-12-r2
image: docker.io/bitnami/redis-sentinel:8.2.0-debian-12-r0
licenses: Apache-2.0
tanzuCategory: service
apiVersion: v2
appVersion: 8.0.2
appVersion: 8.2.0
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
Expand All @@ -36,4 +36,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis
version: 21.2.3
version: 22.0.1
22 changes: 22 additions & 0 deletions charts/oauth2-proxy/charts/redis/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,17 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/redis

Looking to use Redis® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog.

## ⚠️ Important Notice: Upcoming changes to the Bitnami Catalog

Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a curated set of hardened, security-focused images under the new [Bitnami Secure Images initiative](https://news.broadcom.com/app-dev/broadcom-introduces-bitnami-secure-images-for-production-ready-containerized-applications). As part of this transition:

- Granting community users access for the first time to security-optimized versions of popular container images.
- Bitnami will begin deprecating support for non-hardened, Debian-based software images in its free tier and will gradually remove non-latest tags from the public catalog. As a result, community users will have access to a reduced number of hardened images. These images are published only under the “latest” tag and are intended for development purposes
- Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.
- For production workloads and long-term support, users are encouraged to adopt Bitnami Secure Images, which include hardened containers, smaller attack surfaces, CVE transparency (via VEX/KEV), SBOMs, and enterprise support.

These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267).

## Introduction

This chart bootstraps a [Redis®](https://github.com/bitnami/containers/tree/main/bitnami/redis) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Expand Down Expand Up @@ -93,6 +104,17 @@ Bitnami will release a new chart updating its containers if a new version of the

To modify the application version used in this chart, specify a different version of the image using the `image.tag` parameter and/or a different repository using the `image.repository` parameter.

### Load custom modules in Redis®

You can use the `commonConfiguration` parameter to specify the modules to load. For example, to load the RediSearch, RedisBloom, RedisJSON and RedisTimeSeries modules supported from Redis® 8+, you can set the following:

```yaml
commonConfiguration: |
loadmodule /opt/bitnami/redis/lib/redis/modules/redisbloom.so
loadmodule /opt/bitnami/redis/lib/redis/modules/redisearch.so
loadmodule /opt/bitnami/redis/lib/redis/modules/rejson.so
loadmodule /opt/bitnami/redis/lib/redis/modules/redistimeseries.so

### Bootstrapping with an External Cluster

This chart is equipped with the ability to bring online a set of Pods that connect to an existing Redis deployment that lies outside of Kubernetes. This effectively creates a hybrid Redis Deployment where both Pods in Kubernetes and Instances such as Virtual Machines can partake in a single Redis Deployment. This is helpful in situations where one may be migrating Redis from Virtual Machines into Kubernetes, for example. To take advantage of this, use the following as an example configuration:
Expand Down
4 changes: 2 additions & 2 deletions charts/oauth2-proxy/charts/redis/charts/common/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.31.0
appVersion: 2.31.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://bitnami.com
Expand All @@ -20,4 +20,4 @@ name: common
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/common
type: library
version: 2.31.0
version: 2.31.3
2 changes: 0 additions & 2 deletions charts/oauth2-proxy/charts/redis/charts/common/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,6 @@ Looking to use our applications in production? Try [VMware Tanzu Application Cat

This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.

Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters.

## Prerequisites

- Kubernetes 1.23+
Expand Down
2 changes: 1 addition & 1 deletion charts/oauth2-proxy/charts/redis/charts/common/templates/_capabilities.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ Return the appropriate apiVersion for Horizontal Pod Autoscaler.
Return the appropriate apiVersion for Vertical Pod Autoscaler.
*/}}
{{- define "common.capabilities.vpa.apiVersion" -}}
{{- $kubeVersion := include "common.capabilities.kubeVersion" .context -}}
{{- $kubeVersion := include "common.capabilities.kubeVersion" . -}}
{{- if and (not (empty $kubeVersion)) (semverCompare "<1.25-0" $kubeVersion) -}}
{{- print "autoscaling/v1beta2" -}}
{{- else -}}
Expand Down
20 changes: 0 additions & 20 deletions charts/oauth2-proxy/charts/redis/charts/common/templates/_ingress.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,26 +27,6 @@ service:
{{- end }}
{{- end -}}

{{/*
TODO: Remove as soon it is removed from the rest of the charts
Print "true" if the API pathType field is supported
Usage:
{{ include "common.ingress.supportsPathType" . }}
*/}}
{{- define "common.ingress.supportsPathType" -}}
{{- print "true" -}}
{{- end -}}

{{/*
TODO: Remove as soon it is removed from the rest of the charts
Returns true if the ingressClassname field is supported
Usage:
{{ include "common.ingress.supportsIngressClassname" . }}
*/}}
{{- define "common.ingress.supportsIngressClassname" -}}
{{- print "true" -}}
{{- end -}}

{{/*
Return true if cert-manager required annotations for TLS signed
certificates are set in the Ingress annotations
Expand Down
Loading