* fix(helm): add TLS params back
During a recent refactor, several TLS flags stopped being processed for
a few of the commands. This fixes those commands, and documents how to
set up TLS.
* fix(tiller): add stricter certificate verification
The older version of Tiller allowed a weaker set of certificate checks
than we intended. This version requires a client certificate, and then
requires that that certificate be signed by a known CA. This works
around the situation where a user could provide a self-signed
certificate.
(cherry picked from commit e8e6ac5d77)
This adds a new configuration option to Tiller to limit the number of
records stored per release.
Tiller stores historical release information (helm history, helm
rollback). This makes it possible to set a maximum number of versions
per release.
To enable this feature, use `helm init --history-max NNN`. Note that
because of the restrictions on Deployment objects, you will have to
re-install Tiller to add a limit.
Along the way, I found an unreported bug in the Memory storage driver.
This fixes that bug and adds substantially more tests to catch
regressions.
Closes#2332
This change introduces the concept of Rudders - pluggable modules that
Tiller communicates with via grpc, which allow to decouple orchestration
logic from Tiller into separate service.
This commit consists of simple Rudder implementation which does exactly
the same thing as built in Tiller orchestrator - it creates all k8s
objects from provided manifest without orchestrating them.
--experimental-release flag is introduced to enable this behaviour.
This change allows to use the service and tiller outside of the cluster.
Following commits will add Rudder to helm deployment.