feat(helm): update rook-ceph group ( v1.14.10 → v1.15.0 ) (minor)

This PR contains the following updates:

Package	Update	Change
rook-ceph	minor	`v1.14.10` -> `v1.15.0`
rook-ceph-cluster	minor	`v1.14.10` -> `v1.15.0`

Release Notes

rook/rook (rook-ceph)

### [`v1.15.0`](https://togithub.com/rook/rook/releases/tag/v1.15.0) [Compare Source](https://togithub.com/rook/rook/compare/v1.14.10...v1.15.0) ##### Upgrade Guide To upgrade from previous versions of Rook, see the [Rook upgrade guide](https://rook.github.io/docs/rook/v1.15/Upgrade/rook-upgrade/). ##### Breaking Changes - Minimum version of Kubernetes supported is increased to K8s v1.26. - During CephBlockPool updates, Rook will now return an error if an invalid device class is specified. Pools with invalid device classes may start failing until the correct device class is specified. For more details, see [#14057](https://togithub.com/rook/rook/pull/14057). - Rook has deprecated CSI network "holder" pods. If there are pods named `csi-*plugin-holder-*` in the Rook operator namespace, see the [detailed documentation](https://rook.io/docs/rook/v1.15/CRDs/Cluster/network-providers/#holder-pod-deprecation) to disable them. This deprecation process will be required before upgrading to the future Rook v1.16. - Ceph COSI driver images have been updated. This impacts existing COSI Buckets, BucketClaims, and BucketAccesses. Update existing clusters following the guide [here](https://togithub.com/rook/rook/discussions/14297). - CephObjectStore, CephObjectStoreUser, and OBC endpoint behavior has changed when CephObjectStore `spec.hosting` configurations are set. Use the new `spec.hosting.advertiseEndpoint` config to define required behavior as [documented](../Storage-Configuration/Object-Storage-RGW/object-storage.md#object-store-endpoint). ##### Features - Added support for Ceph Squid (v19), in addition to Reef (v18) and Quincy (v17). Quincy support will be removed in Rook v1.16. - Ceph-CSI driver v3.12, including new options for RBD, log rotation, and updated sidecar images. - Allow updating the device class of OSDs, if `allowDeviceClassUpdate: true` is set in the CephCluster CR. - Allow updating the weight of an OSD, if `allowOsdCrushWeightUpdate: true` is set in the CephCluster CR. - Use fully-qualified image names (`docker.io/rook/ceph`) in operator manifests and helm charts. ##### Experimental Features - CephObjectStore support for keystone authentication for S3 and Swift. See the [Object store documentation](https://rook.io/docs/rook/v1.15/Storage-Configuration/Object-Storage-RGW/ceph-object-swift/) to configure. - CSI operator: CSI settings are moving to CRs managed by a new operator. Once enabled, Rook will convert the settings previously defined in the operator configmap or env vars into the new CRs managed by the CSI operator. There are two steps to enable: - Create [csi-operator.yaml](https://togithub.com/rook/rook/blob/release-1.15/deploy/examples/csi-operator.yaml) - Set [ROOK_USE_CSI_OPERATOR: true](https://togithub.com/rook/rook/blob/release-1.15/deploy/examples/operator.yaml#L32) in `operator.yaml`.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

--- kubernetes/main/apps/rook-ceph/rook-ceph/app Kustomization: flux-system/rook-ceph HelmRelease: rook-ceph/rook-ceph-operator

+++ kubernetes/main/apps/rook-ceph/rook-ceph/app Kustomization: flux-system/rook-ceph HelmRelease: rook-ceph/rook-ceph-operator

@@ -13,13 +13,13 @@

     spec:
       chart: rook-ceph
       sourceRef:
         kind: HelmRepository
         name: rook-ceph
         namespace: flux-system
-      version: v1.14.10
+      version: v1.15.0
   dependsOn:
   - name: snapshot-controller
     namespace: volsync-system
   install:
     remediation:
       retries: 3
--- kubernetes/main/apps/rook-ceph/rook-ceph/cluster Kustomization: flux-system/rook-ceph-cluster HelmRelease: rook-ceph/rook-ceph-cluster

+++ kubernetes/main/apps/rook-ceph/rook-ceph/cluster Kustomization: flux-system/rook-ceph-cluster HelmRelease: rook-ceph/rook-ceph-cluster

@@ -13,13 +13,13 @@

     spec:
       chart: rook-ceph-cluster
       sourceRef:
         kind: HelmRepository
         name: rook-ceph
         namespace: flux-system
-      version: v1.14.10
+      version: v1.15.0
   dependsOn:
   - name: rook-ceph-operator
     namespace: rook-ceph
   - name: snapshot-controller
     namespace: volsync-system
   install:

--- HelmRelease: rook-ceph/rook-ceph-operator ConfigMap: rook-ceph/rook-ceph-operator-config

+++ HelmRelease: rook-ceph/rook-ceph-operator ConfigMap: rook-ceph/rook-ceph-operator-config

@@ -26,21 +26,21 @@

   CSI_PLUGIN_PRIORITY_CLASSNAME: system-node-critical
   CSI_PROVISIONER_PRIORITY_CLASSNAME: system-cluster-critical
   CSI_RBD_FSGROUPPOLICY: File
   CSI_CEPHFS_FSGROUPPOLICY: File
   CSI_NFS_FSGROUPPOLICY: File
   CSI_CEPHFS_KERNEL_MOUNT_OPTIONS: ms_mode=prefer-crc
-  ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.11.0
-  ROOK_CSI_REGISTRAR_IMAGE: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1
-  ROOK_CSI_PROVISIONER_IMAGE: registry.k8s.io/sig-storage/csi-provisioner:v4.0.1
-  ROOK_CSI_SNAPSHOTTER_IMAGE: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.2
-  ROOK_CSI_ATTACHER_IMAGE: registry.k8s.io/sig-storage/csi-attacher:v4.5.1
-  ROOK_CSI_RESIZER_IMAGE: registry.k8s.io/sig-storage/csi-resizer:v1.10.1
+  ROOK_CSI_CEPH_IMAGE: quay.io/cephcsi/cephcsi:v3.12.0
+  ROOK_CSI_REGISTRAR_IMAGE: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.11.1
+  ROOK_CSI_PROVISIONER_IMAGE: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1
+  ROOK_CSI_SNAPSHOTTER_IMAGE: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1
+  ROOK_CSI_ATTACHER_IMAGE: registry.k8s.io/sig-storage/csi-attacher:v4.6.1
+  ROOK_CSI_RESIZER_IMAGE: registry.k8s.io/sig-storage/csi-resizer:v1.11.1
   ROOK_CSI_IMAGE_PULL_POLICY: IfNotPresent
   CSI_ENABLE_CSIADDONS: 'false'
-  ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.8.0
+  ROOK_CSIADDONS_IMAGE: quay.io/csiaddons/k8s-sidecar:v0.9.0
   CSI_ENABLE_TOPOLOGY: 'false'
   ROOK_CSI_ENABLE_NFS: 'false'
   CSI_ENABLE_LIVENESS: 'true'
   CSI_FORCE_CEPHFS_KERNEL_CLIENT: 'true'
   CSI_GRPC_TIMEOUT_SECONDS: '150'
   CSI_PROVISIONER_REPLICAS: '2'
--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-system

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rook-ceph-system

@@ -39,7 +39,51 @@

 - apiGroups:
   - apiextensions.k8s.io
   resources:
   - customresourcedefinitions
   verbs:
   - get
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - cephconnections
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - clientprofiles
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - operatorconfigs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
+- apiGroups:
+  - csi.ceph.io
+  resources:
+  - drivers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch

--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-csi-nodeplugin

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-csi-nodeplugin

@@ -7,7 +7,31 @@

 - apiGroups:
   - ''
   resources:
   - nodes
   verbs:
   - get
+- apiGroups:
+  - ''
+  resources:
+  - secrets
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create

--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-external-provisioner-runner

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/cephfs-external-provisioner-runner

@@ -11,13 +11,27 @@

   verbs:
   - get
   - list
 - apiGroups:
   - ''
   resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
   - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - storage.k8s.io
+  resources:
+  - csinodes
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - ''
@@ -139,7 +153,19 @@

   - groupsnapshot.storage.k8s.io
   resources:
   - volumegroupsnapshotcontents/status
   verbs:
   - update
   - patch
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts
+  verbs:
+  - get
+- apiGroups:
+  - ''
+  resources:
+  - serviceaccounts/token
+  verbs:
+  - create

--- HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-external-provisioner-runner

+++ HelmRelease: rook-ceph/rook-ceph-operator ClusterRole: rook-ceph/rbd-external-provisioner-runner

@@ -173,15 +173,7 @@

   resources:
   - nodes
   verbs:
   - get
   - list
   - watch
-- apiGroups:
-  - storage.k8s.io
-  resources:
-  - csinodes
-  verbs:
-  - get
-  - list
-  - watch

--- HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/rook-ceph-operator

+++ HelmRelease: rook-ceph/rook-ceph-operator Deployment: rook-ceph/rook-ceph-operator

@@ -26,13 +26,13 @@

       - effect: NoExecute
         key: node.kubernetes.io/unreachable
         operator: Exists
         tolerationSeconds: 5
       containers:
       - name: rook-ceph-operator
-        image: rook/ceph:v1.14.10
+        image: docker.io/rook/ceph:v1.15.0
         imagePullPolicy: IfNotPresent
         args:
         - ceph
         - operator
         securityContext:
           capabilities:

onedr0p / home-ops

feat(helm): update rook-ceph group ( v1.14.10 → v1.15.0 ) (minor) #8019

Release Notes

Configuration