aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/mariadb-init
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/mariadb-init')
-rw-r--r--kubernetes/common/mariadb-init/.helmignore11
-rw-r--r--kubernetes/common/mariadb-init/Chart.yaml9
-rw-r--r--kubernetes/common/mariadb-init/templates/_configmap.tpl4
-rw-r--r--kubernetes/common/mariadb-init/templates/_mariadb.tpl4
-rw-r--r--kubernetes/common/mariadb-init/templates/configmap.yaml4
-rw-r--r--kubernetes/common/mariadb-init/templates/job.yaml33
-rw-r--r--kubernetes/common/mariadb-init/templates/secret.yaml4
-rw-r--r--kubernetes/common/mariadb-init/tests/job_test.yaml54
-rw-r--r--kubernetes/common/mariadb-init/values.yaml45
9 files changed, 79 insertions, 89 deletions
diff --git a/kubernetes/common/mariadb-init/.helmignore b/kubernetes/common/mariadb-init/.helmignore
index dadf202953..f4d0b92f20 100644
--- a/kubernetes/common/mariadb-init/.helmignore
+++ b/kubernetes/common/mariadb-init/.helmignore
@@ -21,3 +21,14 @@
*.tmproj
tests
+# Project/CI/CD related items
+.gitlab
+.gitlab-ci.yml
+.dockerignore
+# Helm build files
+.helmignore
+.cache/
+.config/
+.local/
+# OOM specific dirs
+components/
diff --git a/kubernetes/common/mariadb-init/Chart.yaml b/kubernetes/common/mariadb-init/Chart.yaml
index fa89a669d2..d1844916e0 100644
--- a/kubernetes/common/mariadb-init/Chart.yaml
+++ b/kubernetes/common/mariadb-init/Chart.yaml
@@ -1,6 +1,7 @@
# Copyright © 2018 Amdocs, Bell Canada
# Modifications Copyright © 2021 Orange
# Modifications Copyright © 2021 Nordix Foundation
+# Modifications Copyright © 2024 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -13,19 +14,19 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+---
apiVersion: v2
description: Chart for MariaDB Galera init job
name: mariadb-init
-version: 13.0.0
+version: 13.0.2
dependencies:
- name: common
version: ~13.x-0
- repository: 'file://../common'
+ repository: '@local'
- name: repositoryGenerator
version: ~13.x-0
- repository: 'file://../repositoryGenerator'
+ repository: '@local'
- name: serviceAccount
version: ~13.x-0
repository: '@local'
diff --git a/kubernetes/common/mariadb-init/templates/_configmap.tpl b/kubernetes/common/mariadb-init/templates/_configmap.tpl
index ea612a078d..8d111b5170 100644
--- a/kubernetes/common/mariadb-init/templates/_configmap.tpl
+++ b/kubernetes/common/mariadb-init/templates/_configmap.tpl
@@ -1,4 +1,4 @@
-{{/*
+{{- /*
# Copyright © 2019 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -12,7 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
+*/ -}}
{{/*
Choose the name of the configmap to use.
diff --git a/kubernetes/common/mariadb-init/templates/_mariadb.tpl b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
index 5563fe714d..fda93b52ef 100644
--- a/kubernetes/common/mariadb-init/templates/_mariadb.tpl
+++ b/kubernetes/common/mariadb-init/templates/_mariadb.tpl
@@ -1,4 +1,4 @@
-{{/*
+{{- /*
# Copyright © 2019 Orange
# Copyright © 2020 Samsung Electronics
#
@@ -13,7 +13,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
+*/ -}}
{{/*
Choose the name of the mariadb secret to use.
diff --git a/kubernetes/common/mariadb-init/templates/configmap.yaml b/kubernetes/common/mariadb-init/templates/configmap.yaml
index 6708efdb60..6df329e8a5 100644
--- a/kubernetes/common/mariadb-init/templates/configmap.yaml
+++ b/kubernetes/common/mariadb-init/templates/configmap.yaml
@@ -1,4 +1,3 @@
-{{/*
# Copyright © 2019 Orange
# Modifications Copyright © 2018 AT&T
#
@@ -13,8 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-
+---
apiVersion: v1
kind: ConfigMap
metadata:
diff --git a/kubernetes/common/mariadb-init/templates/job.yaml b/kubernetes/common/mariadb-init/templates/job.yaml
index 88ff0e09c2..d620bd2edc 100644
--- a/kubernetes/common/mariadb-init/templates/job.yaml
+++ b/kubernetes/common/mariadb-init/templates/job.yaml
@@ -1,4 +1,3 @@
-{{/*
# Copyright © 2019 Orange
# Copyright © 2020 Samsung Electronics
#
@@ -13,8 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-
+---
{{ include "mariadbInit._updateSecrets" . -}}
apiVersion: batch/v1
@@ -31,29 +29,24 @@ spec:
backoffLimit: 20
template:
metadata:
+ annotations:
+ # Workarround to exclude K8S API from istio communication
+ # as init-container (readinessCheck) does not work with the
+ # Istio CNI plugin, see:
+ # (https://istio.io/latest/docs/setup/additional-setup/cni/#compatibility-with-application-init-containers)
+ traffic.sidecar.istio.io/excludeOutboundPorts: "443"
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
name: {{ include "common.name" . }}
spec:
- initContainers:
- {{- if .Values.global.mariadbGalera.localCluster }}
- {{- if .Values.global.mariadbGalera.useOperator }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local_operator ) | indent 6 | trim }}
- {{ else }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_local ) | indent 6 | trim }}
- {{- end }}
- {{ else }}
- {{- if .Values.global.mariadbGalera.useOperator }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global_operator ) | indent 6 | trim }}
- {{ else }}
- {{ include "common.readinessCheck.waitFor" (dict "dot" . "wait_for" .Values.readinessCheck.wait_for_global ) | indent 6 | trim }}
- {{- end }}
- {{- end }}
+ {{ include "common.podSecurityContext" . | indent 6 | trim }}
+ initContainers: {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.image.mariadb" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{ include "common.containerSecurityContext" . | indent 8 | trim }}
command:
- /bin/sh
- -c
@@ -81,9 +74,6 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" $root "uid" $db "key" "password") | indent 10 }}
{{ end }}
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- name: mariadb-init
mountPath: /db_init/
{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
@@ -102,9 +92,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
{{- if or .Values.dbScriptConfigMap .Values.dbScript }}
- name: mariadb-conf
configMap:
diff --git a/kubernetes/common/mariadb-init/templates/secret.yaml b/kubernetes/common/mariadb-init/templates/secret.yaml
index a9d9e0b704..b2876bcb82 100644
--- a/kubernetes/common/mariadb-init/templates/secret.yaml
+++ b/kubernetes/common/mariadb-init/templates/secret.yaml
@@ -1,4 +1,3 @@
-{{/*
# Copyright © 2017 Amdocs, Bell Canada, Orange
# Copyright © 2020 Samsung Electronics
#
@@ -13,8 +12,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-*/}}
-
+---
{{ include "mariadbInit._updateSecrets" . -}}
{{ include "common.secretFast" . }}
diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml
index 170eaf3c96..33cd1c2dc3 100644
--- a/kubernetes/common/mariadb-init/tests/job_test.yaml
+++ b/kubernetes/common/mariadb-init/tests/job_test.yaml
@@ -36,7 +36,7 @@ tests:
content: mariadb-galera
- equal:
path: spec.template.spec.initContainers[0].image
- value: nexus3.onap.org:10001/onap/oom/readiness:3.0.1
+ value: nexus3.onap.org:10001/onap/oom/readiness:6.0.3
- equal:
path: spec.template.spec.initContainers[0].imagePullPolicy
value: IfNotPresent
@@ -98,11 +98,11 @@ tests:
- it: "should render with default value (volumes)"
asserts:
- contains:
- path: spec.template.spec.volumes
- content:
- name: mariadb-conf
- configMap:
- name: RELEASE-NAME-mariadb-init
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-mariadb-init
- it: "should render with nameOverride set"
set:
@@ -136,11 +136,11 @@ tests:
name: RELEASE-NAME-myJob-secret
key: db-user-password
- contains:
- path: spec.template.spec.volumes
- content:
- name: mariadb-conf
- configMap:
- name: RELEASE-NAME-myJob
+ path: spec.template.spec.volumes
+ content:
+ name: mariadb-conf
+ configMap:
+ name: RELEASE-NAME-myJob
- it: "should render with configmap set"
set:
@@ -158,8 +158,8 @@ tests:
set:
global:
mariadbGalera:
- nameOverride: myMaria
- servicePort: 545
+ nameOverride: myMaria
+ servicePort: 545
asserts:
- contains:
path: spec.template.spec.initContainers[0].args
@@ -187,10 +187,10 @@ tests:
set:
global:
mariadbGalera:
- nameOverride: myMaria
- servicePort: 545
- userRootSecret: galera-secret
- userRootSecretKey: root-password
+ nameOverride: myMaria
+ servicePort: 545
+ userRootSecret: galera-secret
+ userRootSecretKey: root-password
asserts:
- contains:
path: spec.template.spec.initContainers[0].args
@@ -230,11 +230,11 @@ tests:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- - key: kubernetes.io/e2e-az-name
- operator: In
- values:
- - e2e-az1
- - e2e-az2
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
asserts:
- equal:
path: spec.template.spec.affinity
@@ -243,11 +243,11 @@ tests:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- - key: kubernetes.io/e2e-az-name
- operator: In
- values:
- - e2e-az1
- - e2e-az2
+ - key: kubernetes.io/e2e-az-name
+ operator: In
+ values:
+ - e2e-az1
+ - e2e-az2
- it: "should use large flavor"
set:
flavor: large
diff --git a/kubernetes/common/mariadb-init/values.yaml b/kubernetes/common/mariadb-init/values.yaml
index 5c181dded2..591477c5cf 100644
--- a/kubernetes/common/mariadb-init/values.yaml
+++ b/kubernetes/common/mariadb-init/values.yaml
@@ -11,7 +11,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+---
#################################################################
# Global configuration defaults.
#################################################################
@@ -106,21 +106,25 @@ config:
# externalSecret: some-secret-name
config_map: default
+securityContext:
+ user_id: 100
+ group_id: 65533
+
nodeSelector: {}
affinity: {}
-#resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- #
- # Example:
- # Configure resource requests and limits
- # ref: http://kubernetes.io/docs/user-guide/compute-resources/
- # Minimum memory for development is 2 CPU cores and 4GB memory
- # Minimum memory for production is 4 CPU cores and 8GB memory
+# resources: {}
+# We usually recommend not to specify default resources and to leave this as a conscious
+# choice for the user. This also increases chances charts run on environments with little
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+#
+# Example:
+# Configure resource requests and limits
+# ref: http://kubernetes.io/docs/user-guide/compute-resources/
+# Minimum memory for development is 2 CPU cores and 4GB memory
+# Minimum memory for production is 4 CPU cores and 8GB memory
flavor: small
resources:
small:
@@ -139,7 +143,7 @@ resources:
memory: "20Mi"
unlimited: {}
-#Pods Service Account
+# Pods Service Account
serviceAccount:
nameOverride: mariadb-init
roles:
@@ -150,15 +154,6 @@ wait_for_job_container:
- '{{ include "common.name" . }}'
readinessCheck:
- wait_for_global_operator:
- pods:
- - '{{ .Values.global.mariadbGalera.nameOverride }}-0'
- wait_for_local_operator:
- pods:
- - '{{ index .Values "mariadb-galera" "nameOverride" }}-0'
- wait_for_global:
- apps:
- - '{{ include "common.mariadbAppName" . }}'
- wait_for_local:
- apps:
- - '{{ include "common.mariadbAppName" . }}'
+ wait_for:
+ services:
+ - '{{ include "common.mariadbService" . }}'