aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/readinessCheck
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/readinessCheck')
-rw-r--r--kubernetes/common/readinessCheck/.helmignore32
-rw-r--r--kubernetes/common/readinessCheck/Chart.yaml4
-rw-r--r--kubernetes/common/readinessCheck/templates/_readinessCheck.tpl7
3 files changed, 41 insertions, 2 deletions
diff --git a/kubernetes/common/readinessCheck/.helmignore b/kubernetes/common/readinessCheck/.helmignore
new file mode 100644
index 0000000000..0bab41b6b1
--- /dev/null
+++ b/kubernetes/common/readinessCheck/.helmignore
@@ -0,0 +1,32 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# Project/CI/CD related items
+.gitlab
+.gitlab-ci.yml
+.dockerignore
+# Helm build files
+.helmignore
+.cache/
+.config/
+.local/
+# OOM specific dirs
+components/
diff --git a/kubernetes/common/readinessCheck/Chart.yaml b/kubernetes/common/readinessCheck/Chart.yaml
index bb2986a9fb..bd8adbfcea 100644
--- a/kubernetes/common/readinessCheck/Chart.yaml
+++ b/kubernetes/common/readinessCheck/Chart.yaml
@@ -17,7 +17,7 @@
apiVersion: v2
description: Template used to wait for other deployment/sts/jobs in onap
name: readinessCheck
-version: 13.1.0
+version: 13.1.1
dependencies:
- name: common
@@ -25,4 +25,4 @@ dependencies:
repository: 'file://../common'
- name: repositoryGenerator
version: ~13.x-0
- repository: 'file://../repositoryGenerator' \ No newline at end of file
+ repository: 'file://../repositoryGenerator'
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 51791fec13..42f526148a 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -95,6 +95,13 @@
securityContext:
runAsUser: {{ $subchartDot.Values.user }}
runAsGroup: {{ $subchartDot.Values.group }}
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
command:
- /app/ready.py
args: