Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-04 06:47:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mariadb] feat: Add support for PSA restricted policy (#20360)

Browse Source 
* [bitnami/mariadb] feat:  Add support for PSA restricted policy

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* test:  Bump timeouts

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* test:  Decrease timeouts

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* chore: 🔧 Move seccompProfile to containerSecurityContext

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* chore: 🔧 Move seccompprofile

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* Update bitnami/mariadb/values.yaml

Co-authored-by: Fran Mulero <fmulero@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>

* Update bitnami/mariadb/values.yaml

Co-authored-by: Fran Mulero <fmulero@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>

* Update bitnami/mariadb/values.yaml

Co-authored-by: Fran Mulero <fmulero@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* chore:  Revert values.schema.json

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* chore: 🚚 Move seccompProfile to containerSecurityContext

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* fix: 🐛 Add missing seccompProfile to metrics

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

* chore: 🔧 Fix metadata

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>

---------

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>
Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
Co-authored-by: Fran Mulero <fmulero@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2023-10-24 14:29:07 +02:00
committed by GitHub
parent e654d39a44
commit 68ea75458a
3 changed files with 31 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/mariadb/Chart.yaml
View File

@@ -34,4 +34,4 @@ maintainers:
name: mariadb
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/mariadb
version: 14.0.3
version: 14.1.0

8
bitnami/mariadb/README.md
View File

@@ -143,6 +143,8 @@ The command removes all the Kubernetes components associated with the chart and
| `primary.containerSecurityContext.runAsNonRoot` | Set primary container's Security Context runAsNonRoot | `true` |
| `primary.containerSecurityContext.privileged` | Set primary container's Security Context privileged | `false` |
| `primary.containerSecurityContext.allowPrivilegeEscalation` | Set primary container's Security Context allowPrivilegeEscalation | `false` |
| `primary.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
| `primary.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `primary.resources.limits` | The resources limits for MariaDB primary containers | `{}` |
| `primary.resources.requests` | The requested resources for MariaDB primary containers | `{}` |
| `primary.startupProbe.enabled` | Enable startupProbe | `false` |
@@ -237,6 +239,8 @@ The command removes all the Kubernetes components associated with the chart and
| `secondary.containerSecurityContext.runAsNonRoot` | Set secondary container's Security Context runAsNonRoot | `true` |
| `secondary.containerSecurityContext.privileged` | Set secondary container's Security Context privileged | `false` |
| `secondary.containerSecurityContext.allowPrivilegeEscalation` | Set secondary container's Security Context allowPrivilegeEscalation | `false` |
| `secondary.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
| `secondary.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `secondary.resources.limits` | The resources limits for MariaDB secondary containers | `{}` |
| `secondary.resources.requests` | The requested resources for MariaDB secondary containers | `{}` |
| `secondary.startupProbe.enabled` | Enable startupProbe | `false` |
@@ -331,8 +335,12 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` |
| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` |
| `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` |
| `metrics.containerSecurityContext.runAsUser` | User ID for the MariaDB metrics container | `1001` |
| `metrics.containerSecurityContext.runAsNonRoot` | Set metrics container's Security Context runAsNonRoot | `true` |
| `metrics.containerSecurityContext.privileged` | Set metrics container's Security Context privileged | `false` |
| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set metrics container's Security Context allowPrivilegeEscalation | `false` |
| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `metrics.resources.limits` | The resources limits for MariaDB prometheus exporter containers | `{}` |
| `metrics.resources.requests` | The requested resources for MariaDB prometheus exporter containers | `{}` |
| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` |

22
bitnami/mariadb/values.yaml
View File

@@ -325,6 +325,8 @@ primary:
## @param primary.containerSecurityContext.runAsNonRoot Set primary container's Security Context runAsNonRoot
## @param primary.containerSecurityContext.privileged Set primary container's Security Context privileged
## @param primary.containerSecurityContext.allowPrivilegeEscalation Set primary container's Security Context allowPrivilegeEscalation
## @param primary.containerSecurityContext.capabilities.drop List of capabilities to be dropped
## @param primary.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
##
containerSecurityContext:
enabled: true
@@ -332,6 +334,10 @@ primary:
runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## MariaDB primary container's resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious
@@ -721,6 +727,8 @@ secondary:
## @param secondary.containerSecurityContext.runAsNonRoot Set secondary container's Security Context runAsNonRoot
## @param secondary.containerSecurityContext.privileged Set secondary container's Security Context privileged
## @param secondary.containerSecurityContext.allowPrivilegeEscalation Set secondary container's Security Context allowPrivilegeEscalation
## @param secondary.containerSecurityContext.capabilities.drop List of capabilities to be dropped
## @param secondary.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
##
containerSecurityContext:
enabled: true
@@ -728,6 +736,10 @@ secondary:
runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## MariaDB secondary container's resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious
@@ -1104,8 +1116,12 @@ metrics:
## MariaDB metrics container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param metrics.containerSecurityContext.enabled Enable security context for MariaDB metrics container
## @param metrics.containerSecurityContext.runAsUser User ID for the MariaDB metrics container
## @param metrics.containerSecurityContext.runAsNonRoot Set metrics container's Security Context runAsNonRoot
## @param metrics.containerSecurityContext.privileged Set metrics container's Security Context privileged
## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set metrics container's Security Context allowPrivilegeEscalation
## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped
## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
## Example:
## containerSecurityContext:
## enabled: true
@@ -1116,7 +1132,13 @@ metrics:
containerSecurityContext:
enabled: false
privileged: false
runAsNonRoot: true
runAsUser: 1001
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## Mysqld Prometheus exporter resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious