Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-02 16:17:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/jasperreports] feat: Add support for PSA restricted policy (#20454)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2023-10-31 14:07:15 +01:00
committed by GitHub
parent b98e0dca01
commit 26ed2c0161
4 changed files with 84 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bitnami/jasperreports/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies:
- name: mariadb
repository: oci://registry-1.docker.io/bitnamicharts
version: 14.0.1
version: 14.1.0
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.13.2
digest: sha256:7617e01cd06d41043c65d55055935e5b34bfb7a55014a5c7d8da13a52b7f070c
generated: "2023-10-10T16:45:08.692744267+02:00"
version: 2.13.3
digest: sha256:ed18965f3ec543d94074f9ce7d71e9dd607ae50eac145184698b6cc1e1b175ef
generated: "2023-10-26T15:09:50.347219025+02:00"

2
bitnami/jasperreports/Chart.yaml
View File

@@ -35,4 +35,4 @@ maintainers:
name: jasperreports
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/jasperreports
version: 17.1.0
version: 17.2.0

125
bitnami/jasperreports/README.md
View File

@@ -109,66 +109,71 @@ The command removes all the Kubernetes components associated with the chart and
### Jasperreports deployment parameters
| Name | Description | Value |
| --------------------------------------- | ----------------------------------------------------------------------------------------- | -------------------------- |
| `hostAliases` | Add deployment host aliases | `[]` |
| `containerPorts.http` | HTTP port to expose at container level | `8080` |
| `dnsConfig` | Pod DNS configuration. | `{}` |
| `podSecurityContext.enabled` | Enable pod's Security Context | `true` |
| `podSecurityContext.fsGroup` | Set pod's Security Context fsGroup | `1001` |
| `containerSecurityContext.enabled` | Enable container's Security Context | `true` |
| `containerSecurityContext.runAsUser` | Set container's Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `resources.limits` | The resources limits for the Jasperreports container | `{}` |
| `resources.requests` | The requested resources for the Jasperreports container | `{}` |
| `startupProbe.enabled` | Enable startupProbe | `false` |
| `startupProbe.path` | Request path for startupProbe | `/jasperserver/login.html` |
| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `450` |
| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `livenessProbe.enabled` | Enable livenessProbe | `true` |
| `livenessProbe.path` | Request path for livenessProbe | `/jasperserver/login.html` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `450` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe | `true` |
| `readinessProbe.path` | Request path for readinessProbe | `/jasperserver/login.html` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `customStartupProbe` | Override default startup probe | `{}` |
| `customLivenessProbe` | Override default liveness probe | `{}` |
| `customReadinessProbe` | Override default readiness probe | `{}` |
| `podLabels` | Extra labels for Jasperreports pods | `{}` |
| `podAnnotations` | Annotations for Jasperreports pods | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` |
| `affinity` | Affinity for pod assignment | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `tolerations` | Tolerations for pod assignment | `[]` |
| `priorityClassName` | JasperReports pods' priorityClassName | `""` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `""` |
| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
| `lifecycleHooks` | LifecycleHooks to set additional configuration at startup. | `{}` |
| `extraVolumes` | Optionally specify extra list of additional volumes for Jasperreports pods | `[]` |
| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Jasperreports container(s) | `[]` |
| `initContainers` | Add additional init containers to the Jasperreports pods | `[]` |
| `sidecars` | Add additional sidecar containers to the Jasperreports pods | `[]` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.storageClass` | PVC Storage Class for Jasperreports volume | `""` |
| `persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` |
| `persistence.size` | PVC Storage Request for Jasperreports volume | `8Gi` |
| `persistence.existingClaim` | An Existing PVC name for Jasperreports volume | `""` |
| `persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| Name | Description | Value |
| --------------------------------------------------- | ----------------------------------------------------------------------------------------- | -------------------------- |
| `hostAliases` | Add deployment host aliases | `[]` |
| `containerPorts.http` | HTTP port to expose at container level | `8080` |
| `dnsConfig` | Pod DNS configuration. | `{}` |
| `podSecurityContext.enabled` | Enable pod's Security Context | `true` |
| `podSecurityContext.fsGroup` | Set pod's Security Context fsGroup | `1001` |
| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` |
| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` |
| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `resources.limits` | The resources limits for the Jasperreports container | `{}` |
| `resources.requests` | The requested resources for the Jasperreports container | `{}` |
| `startupProbe.enabled` | Enable startupProbe | `false` |
| `startupProbe.path` | Request path for startupProbe | `/jasperserver/login.html` |
| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `450` |
| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `livenessProbe.enabled` | Enable livenessProbe | `true` |
| `livenessProbe.path` | Request path for livenessProbe | `/jasperserver/login.html` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `450` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe | `true` |
| `readinessProbe.path` | Request path for readinessProbe | `/jasperserver/login.html` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `customStartupProbe` | Override default startup probe | `{}` |
| `customLivenessProbe` | Override default liveness probe | `{}` |
| `customReadinessProbe` | Override default readiness probe | `{}` |
| `podLabels` | Extra labels for Jasperreports pods | `{}` |
| `podAnnotations` | Annotations for Jasperreports pods | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` |
| `affinity` | Affinity for pod assignment | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `tolerations` | Tolerations for pod assignment | `[]` |
| `priorityClassName` | JasperReports pods' priorityClassName | `""` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `""` |
| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
| `lifecycleHooks` | LifecycleHooks to set additional configuration at startup. | `{}` |
| `extraVolumes` | Optionally specify extra list of additional volumes for Jasperreports pods | `[]` |
| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Jasperreports container(s) | `[]` |
| `initContainers` | Add additional init containers to the Jasperreports pods | `[]` |
| `sidecars` | Add additional sidecar containers to the Jasperreports pods | `[]` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.storageClass` | PVC Storage Class for Jasperreports volume | `""` |
| `persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` |
| `persistence.size` | PVC Storage Request for Jasperreports volume | `8Gi` |
| `persistence.existingClaim` | An Existing PVC name for Jasperreports volume | `""` |
| `persistence.annotations` | Persistent Volume Claim annotations | `{}` |
### Exposure parameters

16
bitnami/jasperreports/values.yaml
View File

@@ -176,14 +176,26 @@ podSecurityContext:
fsGroup: 1001
## JasperReports containers' SecurityContext
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param containerSecurityContext.enabled Enable container's Security Context
## @param containerSecurityContext.runAsUser Set container's Security Context runAsUser
## @param containerSecurityContext.enabled Enabled containers' Security Context
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param containerSecurityContext.privileged Set container's Security Context privileged
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
##
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## JasperReports resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious