diff options
| author |   Andreas Geissler <andreas-geissler@telekom.de> | 2024-05-08 15:18:55 +0200 |
|---|---|---|
| committer | Andreas Geissler <andreas-geissler@telekom.de> | 2024-07-05 09:25:23 +0200 |
| commit | dc8c05476d316a16627d5b0934b69c3a9ecc38b7 (patch) | |
| tree | 89c3b4a84a44c6e5db7086dfdc83630c17e6455b /kubernetes/common/timescaledb | |
| parent | 0f3311521a169a4774064f9c948460c955620f62 (diff) | |
[COMMON] Fix Kyverno Policies
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/common/timescaledb')
| -rw-r--r-- | kubernetes/common/timescaledb/.helmignore | 12 | ||||
| -rw-r--r-- | kubernetes/common/timescaledb/Chart.yaml | 2 | ||||
| -rw-r--r-- | kubernetes/common/timescaledb/templates/statefulset.yaml | 16 |
3 files changed, 12 insertions, 18 deletions
diff --git a/kubernetes/common/timescaledb/.helmignore b/kubernetes/common/timescaledb/.helmignore index 50af031725..0bab41b6b1 100644 --- a/kubernetes/common/timescaledb/.helmignore +++ b/kubernetes/common/timescaledb/.helmignore @@ -19,4 +19,14 @@ .project .idea/ *.tmproj -.vscode/ +# Project/CI/CD related items +.gitlab +.gitlab-ci.yml +.dockerignore +# Helm build files +.helmignore +.cache/ +.config/ +.local/ +# OOM specific dirs +components/ diff --git a/kubernetes/common/timescaledb/Chart.yaml b/kubernetes/common/timescaledb/Chart.yaml index d8b9869817..dd92121eb8 100644 --- a/kubernetes/common/timescaledb/Chart.yaml +++ b/kubernetes/common/timescaledb/Chart.yaml @@ -33,4 +33,4 @@ dependencies: repository: '@local' - name: repositoryGenerator version: ~13.x-0 - repository: 'file://../repositoryGenerator'
\ No newline at end of file + repository: 'file://../repositoryGenerator' diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml index 653326be5f..bee389f191 100644 --- a/kubernetes/common/timescaledb/templates/statefulset.yaml +++ b/kubernetes/common/timescaledb/templates/statefulset.yaml @@ -30,22 +30,6 @@ spec: spec: serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }} {{ include "common.podSecurityContext" . | indent 10 | trim}} - initContainers: - # we shouldn't need this but for unknown reason, it's fsGroup is not - # applied - - name: fix-permission - command: - - /bin/sh - args: - - -c - - chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /var/lib/postgresql/data - image: {{ include "repositoryGenerator.image.busybox" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - securityContext: - runAsUser: 0 - volumeMounts: - - mountPath: /var/lib/postgresql/data - name: {{ include "common.fullname" . }} containers: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }} |