| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- make pod/containerSecurityContext settings more configurable
in _pod.tpl
- fix MariaDB statefulset
- Fix temporal statefulset to comply with security rules
- Set timescaleDB via RepositoryGenerator
Issue-ID: OOM-3310
Change-Id: I870f1e835020c2b30225741e700d1a6abfba8ad3
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
- solve actual findings during tests with kyverno policies
- synchronize headers
Issue-ID: OOM-3288
Issue-ID: OOM-3296
Change-Id: Ia7e7daa8864069493e09dd6511825aa939c5eeaf
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Some settings are still wrongly interpreted (e.g. 0.02Gi)
Therefor they are changed to non-floating numbers (e.g. 20Mi)
Issue-ID: OOM-3273
Change-Id: Icc88dead1ac5b1df8629d6adcc438a739e20522e
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update all resource settings to the kubernetes recommended
normalized form. Fix ReadinessCheck resource limits.
Issue-ID: OOM-3273
Change-Id: Ie10903b801e4dc1689bcec092162d711a431a7a6
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
|
|
Update chart versions to 13.0.0 for Montreal
Issue-ID: OOM-3173
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ie53fd021f01e459c464e44f4459a73ba0b00c172
|
|
Fix of resources template indent and therefore resources in components
Issue-ID: OOM-3104
Signed-off-by: miroslavmasaryk <miroslav.masaryk@telekom.com>
Change-Id: I825a3860db00cae4bb80b2aa2d82ac1a42b33124
|
|
Update chart versions 12.0.0 for London
Issue-ID: OOM-3046
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Ic196235ff4f6ae14a7ecad799bd75a9666b2594a
|
|
Use version 11.0.0 for Kohn
Issue-ID: OOM-2971
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: Icc0e0839fc6def2035383b5fa4c9153fc15fafda
|
|
Remove helm chart label from timescaledb statefulset fields for which
updates are forbidden
Issue-ID: CPS-857
Change-Id: I024ef0cd8c23c477e1d43a1a4ee9c5d6d1743f3b
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
|
|
Timescaledb is upgraded to 2.5.1-pg14 to have postgres 14.1
Issue-ID: CPS-842
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: I454543989041d2f595de05ed2b6efab62b8b2c58
|
|
Move all Chart.yaml to use apiVersion: 2
Move dependencies from requirements.yaml to Chart.yaml
Changes to all makeFiles
Changes to helm deploy plugin
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I03c5290eee9e40f76eacbf171e774204cf5fb1c0
Issue-ID: OOM-2845
|
|
Use version 9.0.0 for Istanbul
Also update the doc.
Issue-ID: OOM-1
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I03e11799bf487226784c98b04116f005c89d1e70
|
|
- Added init-container to change mounted volume permission
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I3161400cbcf2de88580ea768c97212a2983f5fff
|
|
- Added resources limit similar to postgres in the timescaledb
- Using common.podSecurityContext
- removed init-container and it is handled by kubernetes
if fsGroup is provided
Issue-ID: CPS-667
Signed-off-by: Renu Kumari <renu.kumari@bell.ca>
Change-Id: I944cc93526d0d89f32840450121c1ff608fdd4c5
|
|
Timescale container is ran with postgres user and group which are
defined with uid 70 and gid 70.
Data volume owner is changed for postgres.
See also:
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
Issue-ID: CPS-667
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: Ia87922ba68bb47a7a07aaf61f368143d970278b6
|
|
- add checkbahims to tox.ini default profiles
- remove -f options to unforce bashisms detection in explicit bash
scripts and to differentiate treatments between bash and sh
- migrate #!/bin/bash shebangs to #!/bin/sh for scripts without bashisms
The following scripts have not been migrated since they still use
bashisms difficult to migrate (mostly arrays - more details below)
./kubernetes/common/mariadb-init/resources/config/db_init.sh
./kubernetes/portal/components/portal-mariadb/resources/config/ \
mariadb/docker-entrypoint.sh
./kubernetes/helm/plugins/deploy/deploy.sh
./kubernetes/helm/plugins/undeploy/undeploy.sh
./kubernetes/sdnc/components/sdnc-prom/resources/bin/ensureSdncActive.sh
$ find . -not -path '*/\.*' -name *.sh -exec checkbashisms -f {} + 2>&1\
| grep line | cut -d' ' -f 7- | sort | uniq -c | sort -k1,1nr
18 (bash arrays, ${name[0|*|@]}):
2 (declare):
1 ($FUNCNAME):
1 (shopt):
1 (trap with ERR|DEBUG|RETURN):
https://mywiki.wooledge.org/Bashism#Arrays
https://mywiki.wooledge.org/Bashism#Special_Variables
https://mywiki.wooledge.org/Bashism#Builtins
https://www.oilshell.org/release/0.5.alpha2/test/spec.wwz/builtin-trap.html
Issue-ID: OOM-2643
Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com>
Change-Id: Id06ad1d45004321a293bdd26038d8da5f7b6b4ac
|
|
cps-temporal component added for cps-temporal-db and cps-temporal(application)
Issue-ID: CPS-482
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I91998e0d2e9f953f8579ee40d1670199155d3396
|
Andreas Geissler
miroslavmasaryk
Bruno Sakoto
efiacor
Sylvain Desbureaux
Renu Kumari
Guillaume Lambert
puthuparambil.aditya