search

hashicorp / vault-helm

Helm chart to install Vault and other associated components.
Mozilla Public License 2.0
1.05k stars 868 forks source link

Please release a new version of helm chart with the current vault versions #991

Open fcuello-fudo opened 5 months ago

fcuello-fudo commented 5 months ago

Current release is v1.15.4 and it contains security updates

hsimon-hashicorp commented 5 months ago

Thanks for opening this! The next vault-helm release will definitely have the latest version as the default image. In the meantime, since the chart isn't tightly coupled to vault features, you're free to set the image version yourself in the values overrides. And it's recommended to set the version explicitly, instead of relying on the chart's default, for anything other than dev mode (just so there are no unexpected upgrades).

fcuello-fudo commented 5 months ago

The next vault-helm release will definitely have the latest version as the default image.

Thank you.

set the image version yourself in the values overrides

Yes, we are doing this already when the new chart it's not released yet.

And it's recommended to set the version explicitly,

We are pinning the chart version which in turns pins the image tag, effectively also pinning the vault version as well.

It's not a big deal but it is somehow inconvenient as there are at least 3 places that need to be changed in order to have the same vault image tag.

An alternative could be to use appVersion in the templates instead, or provide a way to set the default vault version for the whole chart.

makarov-roman commented 4 months ago

I would also appreciate to receive vault updates via the helm chart releases, since it's a guarantee that the helmchart is compatible with vault version used.

TJM commented 3 months ago

I would also prefer to receive helm chart releases matching the vault releases, as that would give "renovate" a chance to catch that there is a new version of the helm chart available. Maybe setup something like "dependabot" to auto-update this chart when it sees a new release of vault? We would also like to not have to track which versions of helm chart are compatible with which versions of vault and vault-k8s, unless we are in a very unique configuration, we prefer to use the version of the application indicated by the helm chart.

Thanks, Tommy