Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-09 15:38:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/grafana-mimir] feat: 🔒 Add automatic adaptation for Openshift restricted-v2 SCC (#24089)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-03-06 10:34:18 +01:00
committed by GitHub
parent e4a253ce7d
commit ce21621e28
15 changed files with 45 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
bitnami/grafana-mimir/Chart.lock
View File

@@ -4,18 +4,18 @@ dependencies:
version: 12.13.2
- name: memcached
repository: oci://registry-1.docker.io/bitnamicharts
version: 6.12.1
version: 6.12.2
- name: memcached
repository: oci://registry-1.docker.io/bitnamicharts
version: 6.12.1
version: 6.12.2
- name: memcached
repository: oci://registry-1.docker.io/bitnamicharts
version: 6.12.1
version: 6.12.2
- name: memcached
repository: oci://registry-1.docker.io/bitnamicharts
version: 6.12.1
version: 6.12.2
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.16.1
digest: sha256:f6e717bfb529e3c7c81c04063490861c6840ef6ce4a1947f4970a8ac9b1a6b76
generated: "2024-02-21T17:25:00.772620065Z"
version: 2.18.0
digest: sha256:d04861d30090910fe321c7f62ab376365a99adb870d81cf2b24e1731866990bf
generated: "2024-03-05T14:02:28.121971939+01:00"

2
bitnami/grafana-mimir/Chart.yaml
View File

@@ -59,4 +59,4 @@ maintainers:
name: grafana-mimir
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/grafana-mimir
version: 0.13.0
version: 0.14.0

11
bitnami/grafana-mimir/README.md
View File

@@ -58,11 +58,12 @@ The command removes all the Kubernetes components associated with the chart and
### Global parameters
| Name | Description | Value |
| ------------------------- | ----------------------------------------------- | ----- |
| `global.imageRegistry` | Global Docker image registry | `""` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
| Name | Description | Value |
| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- |
| `global.imageRegistry` | Global Docker image registry | `""` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` |
### Common parameters

4
bitnami/grafana-mimir/templates/alertmanager/statefulset.yaml
View File

@@ -67,7 +67,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.alertmanager.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.alertmanager.podSecurityContext.enabled }}
securityContext: {{- omit .Values.alertmanager.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.alertmanager.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.alertmanager.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.alertmanager.terminationGracePeriodSeconds }}
@@ -111,7 +111,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.alertmanager.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.alertmanager.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.alertmanager.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/compactor/statefulset.yaml
View File

@@ -66,7 +66,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.compactor.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.compactor.podSecurityContext.enabled }}
securityContext: {{- omit .Values.compactor.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.compactor.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.compactor.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.compactor.terminationGracePeriodSeconds }}
@@ -110,7 +110,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.compactor.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.compactor.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.compactor.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/distributor/deployment.yaml
View File

@@ -64,7 +64,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.distributor.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.distributor.podSecurityContext.enabled }}
securityContext: {{- omit .Values.distributor.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.distributor.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.distributor.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.distributor.terminationGracePeriodSeconds }}
@@ -78,7 +78,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.distributor.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.distributor.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.distributor.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/gateway/deployment.yaml
View File

@@ -67,7 +67,7 @@ spec:
schedulerName: {{ .Values.gateway.schedulerName }}
{{- end }}
{{- if .Values.gateway.podSecurityContext.enabled }}
securityContext: {{- omit .Values.gateway.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.gateway.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.gateway.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.gateway.initContainers "context" $) | nindent 8 }}
@@ -77,7 +77,7 @@ spec:
image: {{ include "grafana-mimir.gateway.image" . }}
imagePullPolicy: {{ .Values.gateway.image.pullPolicy | quote }}
{{- if .Values.gateway.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.gateway.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.gateway.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/ingester/statefulset.yaml
View File

@@ -66,7 +66,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.ingester.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.ingester.podSecurityContext.enabled }}
securityContext: {{- omit .Values.ingester.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.ingester.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.ingester.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.ingester.terminationGracePeriodSeconds }}
@@ -110,7 +110,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.ingester.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.ingester.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.ingester.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/overrides-exporter/deployment.yaml
View File

@@ -64,7 +64,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.overridesExporter.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.overridesExporter.podSecurityContext.enabled }}
securityContext: {{- omit .Values.overridesExporter.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.overridesExporter.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.overridesExporter.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.overridesExporter.terminationGracePeriodSeconds }}
@@ -78,7 +78,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.overridesExporter.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.overridesExporter.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.overridesExporter.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/querier/deployment.yaml
View File

@@ -64,7 +64,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.querier.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.querier.podSecurityContext.enabled }}
securityContext: {{- omit .Values.querier.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.querier.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.querier.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.querier.terminationGracePeriodSeconds }}
@@ -78,7 +78,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.querier.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.querier.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.querier.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/query-frontend/deployment.yaml
View File

@@ -63,7 +63,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.queryFrontend.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.queryFrontend.podSecurityContext.enabled }}
securityContext: {{- omit .Values.queryFrontend.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.queryFrontend.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.queryFrontend.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.queryFrontend.terminationGracePeriodSeconds }}
@@ -77,7 +77,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.queryFrontend.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.queryFrontend.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.queryFrontend.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/query-scheduler/deployment.yaml
View File

@@ -64,7 +64,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.queryScheduler.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.queryScheduler.podSecurityContext.enabled }}
securityContext: {{- omit .Values.queryScheduler.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.queryScheduler.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.queryScheduler.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.queryScheduler.terminationGracePeriodSeconds }}
@@ -78,7 +78,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.queryScheduler.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.queryScheduler.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.queryScheduler.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/ruler/deployment.yaml
View File

@@ -64,7 +64,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.ruler.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.ruler.podSecurityContext.enabled }}
securityContext: {{- omit .Values.ruler.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.ruler.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.ruler.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.ruler.terminationGracePeriodSeconds }}
@@ -78,7 +78,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.ruler.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.ruler.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.ruler.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

4
bitnami/grafana-mimir/templates/store-gateway/statefulset.yaml
View File

@@ -66,7 +66,7 @@ spec:
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.storeGateway.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if .Values.storeGateway.podSecurityContext.enabled }}
securityContext: {{- omit .Values.storeGateway.podSecurityContext "enabled" | toYaml | nindent 8 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.storeGateway.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.storeGateway.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.storeGateway.terminationGracePeriodSeconds }}
@@ -110,7 +110,7 @@ spec:
image: {{ template "grafana-mimir.image" . }}
imagePullPolicy: {{ .Values.mimir.image.pullPolicy }}
{{- if .Values.storeGateway.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.storeGateway.containerSecurityContext "enabled" | toYaml | nindent 12 }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.storeGateway.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}

9
bitnami/grafana-mimir/values.yaml
View File

@@ -19,6 +19,15 @@ global:
##
imagePullSecrets: []
storageClass: ""
## Compatibility adaptations for Kubernetes platforms
##
compatibility:
## Compatibility adaptations for Openshift
##
openshift:
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
##
adaptSecurityContext: disabled
## @section Common parameters
##