Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-16 06:47:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/postgresql-ha] fix: 🐛 Set seLinuxOptions to null for Openshift compatibility (#22647)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-01-26 09:16:37 +01:00
committed by GitHub
parent aa8363581b
commit 908db5a341
3 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/postgresql-ha/Chart.yaml
View File

@@ -40,4 +40,4 @@ maintainers:
name: postgresql-ha
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha
version: 12.8.0
version: 12.8.1

12
bitnami/postgresql-ha/README.md
View File

@@ -142,7 +142,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `postgresql.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `postgresql.podSecurityContext.fsGroup` | Group ID for the PostgreSQL with Repmgr filesystem | `1001` |
| `postgresql.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `postgresql.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `postgresql.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `postgresql.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `postgresql.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `postgresql.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -274,7 +274,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `witness.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `witness.podSecurityContext.fsGroup` | Group ID for the PostgreSQL witness with Repmgr filesystem | `1001` |
| `witness.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `witness.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `witness.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `witness.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `witness.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `witness.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -405,7 +405,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `pgpool.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `pgpool.podSecurityContext.fsGroup` | Group ID for the Pgpool filesystem | `1001` |
| `pgpool.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `pgpool.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `pgpool.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `pgpool.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `pgpool.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `pgpool.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
@@ -509,7 +509,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `metrics.image.debug` | Specify if debug logs should be enabled | `false` |
| `metrics.podSecurityContext.enabled` | Enable security context for PostgreSQL Prometheus exporter | `true` |
| `metrics.podSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `metrics.podSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `metrics.podSecurityContext.runAsUser` | User ID for the PostgreSQL Prometheus exporter container | `1001` |
| `metrics.podSecurityContext.runAsGroup` | Group ID for the PostgreSQL Prometheus exporter container | `0` |
| `metrics.podSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter container's Security Context runAsNonRoot | `true` |
@@ -573,7 +573,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.podSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `volumePermissions.podSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.podSecurityContext.runAsUser` | Init container volume-permissions User ID | `0` |
| `volumePermissions.podSecurityContext.runAsGroup` | Group ID for the init container volume-permissions container | `0` |
| `volumePermissions.podSecurityContext.runAsNonRoot` | Set Security Context runAsNonRoot for the init container volume-permissions container | `false` |
@@ -636,7 +636,7 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua
| `backup.cronjob.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `backup.cronjob.podSecurityContext.fsGroup` | Group ID for the CronJob | `1001` |
| `backup.cronjob.containerSecurityContext.enabled` | Enable container security context | `true` |
| `backup.cronjob.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `backup.cronjob.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `backup.cronjob.containerSecurityContext.runAsUser` | User ID for the backup container | `1001` |
| `backup.cronjob.containerSecurityContext.runAsGroup` | Group ID for the backup container | `0` |
| `backup.cronjob.containerSecurityContext.runAsNonRoot` | Set backup container's Security Context runAsNonRoot | `true` |

24
bitnami/postgresql-ha/values.yaml
View File

@@ -238,7 +238,7 @@ postgresql:
## Container Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## @param postgresql.containerSecurityContext.enabled Enabled containers' Security Context
## @param postgresql.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param postgresql.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param postgresql.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param postgresql.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param postgresql.containerSecurityContext.privileged Set container's Security Context privileged
@@ -255,7 +255,7 @@ postgresql:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -749,7 +749,7 @@ witness:
## Container Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## @param witness.containerSecurityContext.enabled Enabled containers' Security Context
## @param witness.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param witness.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param witness.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param witness.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param witness.containerSecurityContext.privileged Set container's Security Context privileged
@@ -766,7 +766,7 @@ witness:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -1245,7 +1245,7 @@ pgpool:
## Container Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## @param pgpool.containerSecurityContext.enabled Enabled containers' Security Context
## @param pgpool.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param pgpool.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param pgpool.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
## @param pgpool.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
## @param pgpool.containerSecurityContext.privileged Set container's Security Context privileged
@@ -1262,7 +1262,7 @@ pgpool:
##
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsNonRoot: true
privileged: false
@@ -1616,7 +1616,7 @@ metrics:
## K8s Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## @param metrics.podSecurityContext.enabled Enable security context for PostgreSQL Prometheus exporter
## @param metrics.podSecurityContext.seLinuxOptions Set SELinux options in container
## @param metrics.podSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param metrics.podSecurityContext.runAsUser User ID for the PostgreSQL Prometheus exporter container
## @param metrics.podSecurityContext.runAsGroup Group ID for the PostgreSQL Prometheus exporter container
## @param metrics.podSecurityContext.runAsNonRoot Set PostgreSQL Prometheus exporter container's Security Context runAsNonRoot
@@ -1624,7 +1624,7 @@ metrics:
##
podSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
@@ -1866,14 +1866,14 @@ volumePermissions:
pullSecrets: []
## K8s Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
## @param volumePermissions.podSecurityContext.seLinuxOptions Set SELinux options in container
## @param volumePermissions.podSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param volumePermissions.podSecurityContext.runAsUser Init container volume-permissions User ID
## @param volumePermissions.podSecurityContext.runAsGroup Group ID for the init container volume-permissions container
## @param volumePermissions.podSecurityContext.runAsNonRoot Set Security Context runAsNonRoot for the init container volume-permissions container
## @param volumePermissions.podSecurityContext.seccompProfile.type Set Security Context seccompProfile for the init container volume-permissions container
##
podSecurityContext:
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 0
runAsGroup: 0
runAsNonRoot: false
@@ -2070,7 +2070,7 @@ backup:
## backup container's Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param backup.cronjob.containerSecurityContext.enabled Enable container security context
## @param backup.cronjob.containerSecurityContext.seLinuxOptions Set SELinux options in container
## @param backup.cronjob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param backup.cronjob.containerSecurityContext.runAsUser User ID for the backup container
## @param backup.cronjob.containerSecurityContext.runAsGroup Group ID for the backup container
## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set backup container's Security Context runAsNonRoot
@@ -2080,7 +2080,7 @@ backup:
## @param backup.cronjob.containerSecurityContext.capabilities.drop Set backup container's Security Context capabilities to drop
containerSecurityContext:
enabled: true
seLinuxOptions: {}
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true