From 23428032527583798d5e42aa96555728cc71a06d Mon Sep 17 00:00:00 2001 From: Andreas Seelinger Date: Thu, 7 Nov 2024 10:20:07 +0100 Subject: [AAI] Fix Kyverno Policy violations - Refactored code for readiness check and use library readinessCheck - Fixed securityContext settings - Limit emptyVolume size and make it configurable - Important: Need to use aai-haproxy docker image version >= 1.15.2 - Refactore meta labels and use common.labels instead Issue-ID: AAI-4044 Change-Id: I346316e64cb67222836951cf12b3772bbf509c6a Signed-off-by: Andreas Seelinger --- kubernetes/aai/templates/service.yaml | 30 ++++++------------------------ 1 file changed, 6 insertions(+), 24 deletions(-) (limited to 'kubernetes/aai/templates/service.yaml') diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml index b5a8cc1a0d..1509311a2b 100644 --- a/kubernetes/aai/templates/service.yaml +++ b/kubernetes/aai/templates/service.yaml @@ -19,12 +19,7 @@ kind: Service metadata: name: {{ include "common.servicename" . }} namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - app.kubernetes.io/name: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} spec: ports: - name: {{ .Values.service.portName }} @@ -36,8 +31,7 @@ spec: {{ end }} {{- end }} type: {{ if (include "common.ingressEnabled" .) }}ClusterIP{{ else }}{{ .Values.service.type }}{{ end }} - selector: - app: {{ include "common.name" . }} + selector: {{- include "common.matchLabels" . | nindent 4 }} sessionAffinity: {{ .Values.service.sessionAffinity }} --- apiVersion: v1 @@ -45,38 +39,26 @@ kind: Service metadata: name: {{ include "common.servicename" . }}-internal namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - app.kubernetes.io/name: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} spec: ports: - name: {{ .Values.service.portName }} port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} type: ClusterIP - selector: - app: {{ include "common.name" . }} + selector: {{- include "common.matchLabels" . | nindent 4 }} --- apiVersion: v1 kind: Service metadata: name: {{ include "common.servicename" . }}-metrics namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }}-metrics - app.kubernetes.io/name: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} + labels: {{- include "common.labels" . | nindent 4 }} spec: ports: - port: {{ .Values.metricsService.externalPort }} targetPort: {{ .Values.metricsService.internalPort }} name: {{ .Values.metricsService.portName }} type: {{ .Values.metricsService.type }} - selector: - app: {{ include "common.name" . }} + selector: {{- include "common.matchLabels" . | nindent 4 }} clusterIP: None -- cgit 1.2.3-korg