Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-08 08:47:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/nginx] fix: 🔒 Move service-account token auto-mount to pod declaration (#22441)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-01-19 10:22:20 +01:00
committed by GitHub
parent fff45899e5
commit 2413d64624
4 changed files with 20 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/nginx/Chart.yaml
View File

@@ -34,4 +34,4 @@ maintainers:
name: nginx
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/nginx
version: 15.8.1
version: 15.9.0

29
bitnami/nginx/README.md
View File

@@ -80,20 +80,21 @@ The command removes all the Kubernetes components associated with the chart and
### NGINX parameters
| Name | Description | Value |
| -------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | NGINX image registry | `REGISTRY_NAME` |
| `image.repository` | NGINX image repository | `REPOSITORY_NAME/nginx` |
| `image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | NGINX image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Set to true if you would like to see extra information on logs | `false` |
| `hostAliases` | Deployment pod host aliases | `[]` |
| `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
| `extraEnvVars` | Extra environment variables to be set on NGINX containers | `[]` |
| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` |
| `extraEnvVarsSecret` | Secret with extra environment variables | `""` |
| Name | Description | Value |
| ------------------------------ | ----------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | NGINX image registry | `REGISTRY_NAME` |
| `image.repository` | NGINX image repository | `REPOSITORY_NAME/nginx` |
| `image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | NGINX image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Set to true if you would like to see extra information on logs | `false` |
| `automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `hostAliases` | Deployment pod host aliases | `[]` |
| `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
| `extraEnvVars` | Extra environment variables to be set on NGINX containers | `[]` |
| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` |
| `extraEnvVarsSecret` | Secret with extra environment variables | `""` |
### NGINX deployment parameters

1
bitnami/nginx/templates/deployment.yaml
View File

@@ -41,6 +41,7 @@ spec:
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
shareProcessNamespace: {{ .Values.sidecarSingleProcessNamespace }}
serviceAccountName: {{ template "nginx.serviceAccountName" . }}
automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
{{- if .Values.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
{{- end }}

3
bitnami/nginx/values.yaml
View File

@@ -92,6 +92,9 @@ image:
## Set to true if you would like to see extra information on logs
##
debug: false
## @param automountServiceAccountToken Mount Service Account token in pod
##
automountServiceAccountToken: false
## @param hostAliases Deployment pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
##