aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-traversal
diff options
context:
space:
mode:
authorFiete Ostkamp <Fiete.Ostkamp@telekom.de>2024-03-06 09:45:59 +0100
committerAndreas Geissler <andreas-geissler@telekom.de>2024-03-24 11:21:07 +0000
commit013545ab19ff83dacacceaca251764c39b1cd1c8 (patch)
tree29bd48ba0d04ff290592ddd5eba4db0ac39810e9 /kubernetes/aai/components/aai-traversal
parent5fa1a05b3142c1f70757d5ce5b4519e574f6f5b2 (diff)
[AAI] Kyverno - disallow-host-path policy
- remove hostPath mounting of /etc/localtime Issue-ID: AAI-3803 Change-Id: Ia5d1bfef1581a5e3f1b2ed3869ad1f840337f969 Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
Diffstat (limited to 'kubernetes/aai/components/aai-traversal')
-rw-r--r--kubernetes/aai/components/aai-traversal/templates/deployment.yaml6
-rw-r--r--kubernetes/aai/components/aai-traversal/templates/job.yaml6
2 files changed, 0 insertions, 12 deletions
diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
index d6e49acc4b..2057ef44f3 100644
--- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
@@ -188,9 +188,6 @@ spec:
- name: INTERNAL_PORT_3
value: {{ .Values.service.internalPort3 | quote }}
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
name: {{ include "common.fullname" . }}-config
subPath: janusgraph-realtime.properties
@@ -292,9 +289,6 @@ spec:
{{ include "common.log.sidecar" . | nindent 6 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- name: logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs-misc
diff --git a/kubernetes/aai/components/aai-traversal/templates/job.yaml b/kubernetes/aai/components/aai-traversal/templates/job.yaml
index ae8bd85a37..605042b364 100644
--- a/kubernetes/aai/components/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/job.yaml
@@ -86,9 +86,6 @@ spec:
value: {{ .Values.global.config.groupId | quote }}
resources: {{ include "common.resources" . | nindent 10 }}
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- mountPath: /opt/app/aai-traversal/resources/etc/appprops/janusgraph-realtime.properties
name: {{ include "common.fullname" . }}-config
subPath: janusgraph-realtime.properties
@@ -115,9 +112,6 @@ spec:
# so K8s doesn't restart unresponsive container
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
- name: {{ include "common.fullname" . }}-logs-misc