Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-15 14:57:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/thanos] fix: 🐛 Set seLinuxOptions to null for Openshift compatibility (#22664)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-01-24 10:35:12 +01:00
committed by GitHub
parent 6c55cfb29b
commit 38e9c47af9
3 changed files with 25 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/thanos/Chart.yaml
View File

@@ -35,4 +35,4 @@ maintainers:
name: thanos
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/thanos
version: 12.21.1
version: 12.21.2

16
bitnami/thanos/README.md
View File

@@ -165,7 +165,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `query.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `query.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Query pods | `1001` |
| `query.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `query.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `query.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `query.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `query.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `query.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -325,7 +325,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `queryFrontend.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `queryFrontend.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Query Frontend pods | `1001` |
| `queryFrontend.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `queryFrontend.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `queryFrontend.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `queryFrontend.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `queryFrontend.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `queryFrontend.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -442,7 +442,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `bucketweb.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `bucketweb.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Bucket Web pods | `1001` |
| `bucketweb.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `bucketweb.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `bucketweb.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `bucketweb.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `bucketweb.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `bucketweb.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -567,7 +567,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `compactor.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `compactor.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Compactor pods | `1001` |
| `compactor.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `compactor.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `compactor.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `compactor.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `compactor.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `compactor.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -687,7 +687,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `storegateway.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `storegateway.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Store Gateway pods | `1001` |
| `storegateway.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `storegateway.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `storegateway.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `storegateway.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `storegateway.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `storegateway.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -839,7 +839,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `ruler.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `ruler.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Ruler pods | `1001` |
| `ruler.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `ruler.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `ruler.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `ruler.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `ruler.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `ruler.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -973,7 +973,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `receive.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `receive.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Receive pods | `1001` |
| `receive.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `receive.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `receive.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `receive.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `receive.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `receive.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -1099,7 +1099,7 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate
| `receiveDistributor.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `receiveDistributor.podSecurityContext.fsGroup` | Group ID for the filesystem used by Thanos Receive Distributor pods | `1001` |
| `receiveDistributor.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `receiveDistributor.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `receiveDistributor.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `receiveDistributor.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `receiveDistributor.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `receiveDistributor.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |

32
bitnami/thanos/values.yaml
View File

@@ -234,7 +234,7 @@ query:
## K8s containers' Security Context for Thanos Query containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param query.containerSecurityContext.enabled Enabled containers' Security Context
## @param query.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param query.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param query.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param query.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param query.containerSecurityContext.privileged Set container's Security Context privileged
@@ -245,7 +245,7 @@ query:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -928,7 +928,7 @@ queryFrontend:
## K8s containers' Security Context for Thanos Query Frontend containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param queryFrontend.containerSecurityContext.enabled Enabled containers' Security Context
## @param queryFrontend.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param queryFrontend.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param queryFrontend.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param queryFrontend.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param queryFrontend.containerSecurityContext.privileged Set container's Security Context privileged
@@ -939,7 +939,7 @@ queryFrontend:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -1391,7 +1391,7 @@ bucketweb:
## K8s containers' Security Context for Thanos Bucket Web containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param bucketweb.containerSecurityContext.enabled Enabled containers' Security Context
## @param bucketweb.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param bucketweb.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param bucketweb.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param bucketweb.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param bucketweb.containerSecurityContext.privileged Set container's Security Context privileged
@@ -1402,7 +1402,7 @@ bucketweb:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -1856,7 +1856,7 @@ compactor:
## K8s containers' Security Context for Thanos Compactor containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param compactor.containerSecurityContext.enabled Enabled containers' Security Context
## @param compactor.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param compactor.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param compactor.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param compactor.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param compactor.containerSecurityContext.privileged Set container's Security Context privileged
@@ -1867,7 +1867,7 @@ compactor:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -2337,7 +2337,7 @@ storegateway:
## K8s containers' Security Context for Thanos Store Gateway containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param storegateway.containerSecurityContext.enabled Enabled containers' Security Context
## @param storegateway.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param storegateway.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param storegateway.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param storegateway.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param storegateway.containerSecurityContext.privileged Set container's Security Context privileged
@@ -2348,7 +2348,7 @@ storegateway:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -2996,7 +2996,7 @@ ruler:
## K8s containers' Security Context for Thanos Ruler containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param ruler.containerSecurityContext.enabled Enabled containers' Security Context
## @param ruler.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param ruler.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param ruler.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param ruler.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param ruler.containerSecurityContext.privileged Set container's Security Context privileged
@@ -3007,7 +3007,7 @@ ruler:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -3519,7 +3519,7 @@ receive:
## K8s containers' Security Context for Thanos Receive containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param receive.containerSecurityContext.enabled Enabled containers' Security Context
## @param receive.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param receive.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param receive.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param receive.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param receive.containerSecurityContext.privileged Set container's Security Context privileged
@@ -3530,7 +3530,7 @@ receive:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -4005,7 +4005,7 @@ receiveDistributor:
## K8s containers' Security Context for Thanos Receive Distributor containers
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param receiveDistributor.containerSecurityContext.enabled Enabled containers' Security Context
## @param receiveDistributor.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param receiveDistributor.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param receiveDistributor.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param receiveDistributor.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param receiveDistributor.containerSecurityContext.privileged Set container's Security Context privileged
@@ -4016,7 +4016,7 @@ receiveDistributor:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false