Updating Kong helm chart

build_system/charts/open-appsec-kong/CHANGELOG.md

@@ -1,8 +1,158 @@
 # Changelog
 
+## Unreleased
+
+## 2.22.0
+
+### Improvements
+
+* Removed redundant RBAC permissions for non-existing subresources `secrets/status`
+  and `endpoints/status`.
+  [#798](https://github.com/Kong/charts/pull/798)
+* For Kong Ingress Controller in version >= 2.10, RBAC permissions for `Endpoints`
+  are not configured anymore (because it uses `EndpointSlices`).
+  [#798](https://github.com/Kong/charts/pull/798)
+* Added support for setting `certificates.cluster.commonName`. This allows a custom
+  certificate `CommonName` to be provided when deploying Kong Gateway in hybrid
+  mode using Cert Manager [#804](https://github.com/Kong/charts/pull/804)
+
+## 2.21.0
+
+### Improvements
+
+* Added support for `startupProbe` on Kong pods. This can be configured via
+  `.Values.startupProbe`. To maintain backward compatibility, it is disabled by default.
+  [#792](https://github.com/Kong/charts/pull/792)
+* Customize Admission Webhook namespaceSelectors and compose them from values.
+  [#794](https://github.com/Kong/charts/pull/794)
+* Added `CustomResourceDefinition` `list` and `watch` permissions to controller's ClusterRole.
+  [#796](https://github.com/Kong/charts/pull/796)
+
+## 2.20.2
+
+### Fixed 
+
+* Automatic license provisioning for Gateways managed by Ingress Controllers in Konnect mode
+  is disabled by default.
+  To enable it, set `.Values.ingressController.konnect.license.enabled=true`.
+  [#793](https://github.com/Kong/charts/pull/793)
+
+## 2.20.1
+
+### Fixed
+
+* Fix correct timestamp format and remove `isCA` in certificates
+  [#791](https://github.com/Kong/charts/pull/791)
+
+## 2.20.0
+
+### Improvements
+
+* Added support for automatic license provisioning for Gateways managed by
+  Ingress Controllers in Konnect mode (`.Values.ingressController.konnect.enabled=true`).
+  [#787](https://github.com/Kong/charts/pull/787)
+
+## 2.19.1
+
+### Fixed
+
+* Fix `webhook-cert` being mounted regardless if `.Values.ingressController.enabled`
+  is set.
+  [#779](https://github.com/Kong/charts/pull/779)
+
+## 2.19.0
+
+### Improvements
+
+* Security context enforces read-only root filesystem by default. This is not
+  expected to affect most configurations, but [will affect custom plugins that
+  write to the container filesystem](https://github.com/Kong/charts/blob/main/charts/kong/UPGRADE.md#2170).
+  [#770](https://github.com/Kong/charts/pull/770)
+
+## 2.18.0
+
+### Improvements
+
+* Added support for the Admin API service TLS client verification.
+  [#780](https://github.com/Kong/charts/pull/780
+
+## 2.17.1
+
+### Fixed
+
+* The `-redhat` suffix on official KIC images is no longer considered part of
+  the semver string for version checks.
+  [#779](https://github.com/Kong/charts/pull/779)
+
+## 2.17.0
+
+### Improvements
+
+* Added support for controller's gateway discovery.
+  With `ingressController.gatewayDiscovery.enabled` set to `true` Kong Ingress Controller
+  will enable gateway discovery using an Admin API service.
+  For more information on this please see [the corresponding README.md section][kic_gateway_discovery_readme].
+  This feature is only available when deploying chart with Kong Ingress Controller in version 2.9 or higher.
+  [#747](https://github.com/Kong/charts/pull/747)
+* Added experimental support for the ingress controller's Konnect sync feature via `ingressController.konnect.*` values.
+  This feature is only available when deploying chart with Kong Ingress Controller in version 2.9 or higher and
+  requires `ingressController.gatewayDiscovery.enabled` set to `true`.
+  [#746](https://github.com/Kong/charts/pull/746)
+* Added support for annotations on the admission webhook ValidatingWebhookConfiguration.
+  [#760](https://github.com/Kong/charts/pull/760)
+* Added support for `subject` and `privateKey` properties on certificates.
+  [#762](https://github.com/Kong/charts/pull/762)
+* Added support for loadBalancerClass in LoadBalancer type services.
+  [#767](https://github.com/Kong/charts/pull/767)
+* Added support for `GRPCRoute`s.
+  [#772](https://github.com/Kong/charts/pull/772)
+* Default Kong version is bumped to 3.2.
+  [#773](https://github.com/Kong/charts/pull/773)
+* Added support for admissionhook to include labels.
+  [#768](https://github.com/Kong/charts/pull/768)
+
+### Under the hood
+
+* Add kube-linter to the CI pipeline to ensure produced manifests comply
+  with community best practices.
+  [#751](https://github.com/Kong/charts/pull/751)
+
+[kic_gateway_discovery_readme]: ./README.md#the-gatewaydiscovery-section
+
+## 2.16.5
+
+### Fixed
+
+* Fix autoscaling version detection.
+  [#752](https://github.com/Kong/charts/pull/752)
+* Don't include a clear-stale-pid initContainer when kong gateway is not
+  enabled in the deployment.
+  [#749](https://github.com/Kong/charts/pull/749)
+
+## 2.16.4
+
+### Fixed
+
+* HorizontalPodAutoscaler's API version is detected properly.
+  [#744](https://github.com/Kong/charts/pull/744)
+
+## 2.16.3
+
+### Fixed
+
+* Fix template issue preventing custom dblessconfig volume from being mounted.
+  [#741](https://github.com/Kong/charts/pull/741)
+
+## 2.16.2
+
+### Fixed
+
+* The admission webhook is disabled when the ingress controller is disabled, as
+  the admission webhook requires a service provided by the ingress controller.
+
 ## 2.16.1
 
-### Fixed 
+### Fixed
 
 * serviceAccount projected volume is properly provisioned for GKE clusters >= 1.20.
   [#735](https://github.com/Kong/charts/pull/735)