mirror of
https://github.com/bitnami/charts.git
synced 2026-03-29 16:27:11 +08:00
[bitnami/*] Improve Goss' user-info test to avoid incompatibilities (#14398)
* [bitnami/*] Improve Goss' user-info test to avoid incompatibilities Signed-off-by: FraPazGal <fdepaz@vmware.com> * Apply suggestions Signed-off-by: FraPazGal <fdepaz@vmware.com> Signed-off-by: FraPazGal <fdepaz@vmware.com>
This commit is contained in:
Francisco de Paz Galan
committed by
GitHub
GitHub
parent
e7e0b84971
commit
e860294486
@@ -14,9 +14,10 @@ file:
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
command:
|
||||
{{- $uid := .Vars.client.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.client.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.client.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.client.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/var/run/secrets/kubernetes.io/serviceaccount:
|
||||
exists: {{ .Vars.serviceAccount.automountServiceAccountToken }}
|
||||
|
||||
@@ -36,9 +36,10 @@ command:
|
||||
- "CapEff: 0000000000000000"
|
||||
- "CapBnd: 0000000000000000"
|
||||
- "CapAmb: 0000000000000000"
|
||||
{{- $uid := .Vars.server.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.server.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.server.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.server.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -29,9 +29,10 @@ command:
|
||||
exec: if [ "$(nodetool status | grep {{ .Vars.cluster.numTokens }} | wc -l)" -ne {{ $nodes }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
timeout: 20000
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -4,9 +4,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.controller.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.controller.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.controller.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.controller.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -21,12 +21,13 @@ http:
|
||||
body:
|
||||
- Ok
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
check-cluster-status:
|
||||
exec: clickhouse-client --port {{ .Vars.containerPorts.tcp }} --user '{{ .Vars.auth.username }}' --password '{{ .Vars.auth.password }}' --query='SELECT COUNT(*) FROM system.clusters;'
|
||||
exit-status: 0
|
||||
|
||||
@@ -21,9 +21,10 @@ command:
|
||||
check-ports-config:
|
||||
exec: $(echo $CONCOURSE_BIND_PORT | grep -q {{ .Vars.web.containerPorts.http }}) && $(echo $CONCOURSE_TSA_BIND_PORT | grep -q {{ .Vars.web.containerPorts.tsa }}) && $(echo $CONCOURSE_TSA_DEBUG_BIND_PORT | grep -q {{ .Vars.web.containerPorts.pprof }})
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.web.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.web.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.web.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.web.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -21,9 +21,10 @@ command:
|
||||
check-ports-config:
|
||||
exec: $(echo $CONCOURSE_BIND_PORT | grep -q {{ .Vars.worker.containerPorts.garden }}) && $(echo $CONCOURSE_HEALTHCHECK_BIND_PORT | grep -q {{ .Vars.worker.containerPorts.health }}) && $(echo $CONCOURSE_BAGGAGECLAIM_BIND_PORT | grep -q {{ .Vars.worker.containerPorts.baggageclaim }}) && $(echo $CONCOURSE_BAGGAGECLAIM_DEBUG_BIND_PORT | grep -q {{ .Vars.worker.containerPorts.pprof }})
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.worker.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.worker.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.worker.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.worker.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -15,9 +15,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.contour.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.contour.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.contour.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.contour.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -3,12 +3,13 @@ http:
|
||||
status: 200
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/drupal:
|
||||
exists: true
|
||||
|
||||
@@ -30,9 +30,10 @@ command:
|
||||
exec: cd /opt/bitnami/ejbca && ejbca.sh ra addendentity --username '{{ $user }}' --caname '{{ $caName}}' --dn '{{ $dn }}' --type {{ $identityType }} --token P12 --password '{{ $pass }}' && ejbca.sh ra setclearpwd '{{ $user }}' '{{ $pass }}' && ejbca.sh batch && ls ./p12/{{ $user }}.p12
|
||||
exit-status: 0
|
||||
timeout: 20000
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -25,9 +25,10 @@ command:
|
||||
stdout:
|
||||
- {{ $key }}
|
||||
{{- end }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -9,12 +9,13 @@ command:
|
||||
check-db-config:
|
||||
exec: ($dbCheck) && ($userCheck) && ($passCheck)
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/ghost:
|
||||
exists: true
|
||||
@@ -24,4 +25,4 @@ file:
|
||||
/var/run/secrets/kubernetes.io/serviceaccount:
|
||||
exists: {{ .Vars.serviceAccount.automountServiceAccountToken }}
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
mode: "3777"
|
||||
|
||||
@@ -6,12 +6,13 @@ addr:
|
||||
reachable: true
|
||||
timeout: 500
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/var/run/secrets/kubernetes.io/serviceaccount:
|
||||
exists: {{ .Vars.serviceAccount.automountServiceAccountToken }}
|
||||
|
||||
@@ -16,9 +16,10 @@ http:
|
||||
body:
|
||||
- /log_level.*{{ .Vars.promtail.logLevel }}/
|
||||
command:
|
||||
{{- $uid := .Vars.promtail.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.promtail.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.promtail.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.promtail.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -34,9 +34,10 @@ command:
|
||||
check-logcli:
|
||||
exec: logcli instant-query --addr=http://grafana-loki-querier:{{ .Vars.querier.service.ports.http }} '{app="grafana-loki"}'
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.querier.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.querier.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.querier.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.querier.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -7,9 +7,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.operator.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.operator.containerSecurityContext.runAsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.operator.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.operator.containerSecurityContext.runAsGroup }}/
|
||||
|
||||
@@ -33,9 +33,10 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- "vulture"
|
||||
{{- $uid := .Vars.compactor.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.compactor.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.compactor.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.compactor.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -13,9 +13,10 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- /datasources.*already encrypted/
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -4,9 +4,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -9,12 +9,13 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.influxdb.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.influxdb.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.influxdb.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.influxdb.podSecurityContext.fsGroup }}/
|
||||
{{- $org := .Vars.auth.user.org }}
|
||||
{{- $bucket := .Vars.auth.user.bucket }}
|
||||
{{- $port := .Vars.influxdb.service.ports.http }}
|
||||
@@ -25,4 +26,4 @@ command:
|
||||
exec: export INFLUX_TOKEN='{{ $adminToken }}' && influx write --host http://influxdb:{{ $port }} --org {{ $org }} --bucket {{ $bucket }} 'cpu_error,host=bitnami-server value="{{ $msg }}"' && export INFLUX_TOKEN=$(influx auth list | grep {{ $user }} | awk '{print $2}') && influx query --host http://influxdb:{{ $port }} --org {{ $org }} 'from(bucket:"{{ $bucket }}") |> range(start:-2m)'
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- {{ $msg }}
|
||||
- {{ $msg }}
|
||||
|
||||
@@ -25,9 +25,10 @@ command:
|
||||
check-cassandra-auth:
|
||||
exec: \[ $CASSANDRA_USERNAME = {{ .Vars.cassandra.dbUser.user }} ] && [ $CASSANDRA_PASSWORD = {{ .Vars.cassandra.dbUser.password }} ] && [ $CASSANDRA_KEYSPACE = {{ .Vars.cassandra.keyspace }} ];
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.agent.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.agent.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.agent.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.agent.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/opt/bitnami/jasperreports/META-INF/context.xml:
|
||||
exists: true
|
||||
|
||||
@@ -31,9 +31,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.hub.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.hub.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.hub.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.hub.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -28,9 +28,10 @@ command:
|
||||
exec: kafka-topics.sh --create --topic quickstart-events{{randAlpha 5}} --bootstrap-server kafka:{{ .Vars.service.ports.client }}
|
||||
exit-status: 0
|
||||
timeout: 20000
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -21,9 +21,10 @@ file:
|
||||
contains:
|
||||
- "csp.strict: {{ .Vars.extraConfiguration.csp_strict }}"
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -26,8 +26,9 @@ file:
|
||||
- /listen.*{{ .Vars.kong.containerPorts.proxyHttps }}.*ssl/
|
||||
- /listen.*{{ .Vars.kong.containerPorts.adminHttps }}.*ssl/
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
@@ -13,9 +13,10 @@ command:
|
||||
- "CapEff: 0000000000000000"
|
||||
- "CapBnd: 0000000000000000"
|
||||
- "CapAmb: 0000000000000000"
|
||||
{{- $uid := .Vars.operator.podSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.operator.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.operator.podSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.operator.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -11,9 +11,10 @@ file:
|
||||
mode: "3777"
|
||||
owner: root
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
@@ -24,9 +24,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.kubeappsapis.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.kubeappsapis.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.kubeappsapis.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.kubeappsapis.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -20,9 +20,10 @@ command:
|
||||
- "CapEff: 0000000000000000"
|
||||
- "CapBnd: 0000000000000000"
|
||||
- "CapAmb: 0000000000000000"
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -30,9 +30,10 @@ command:
|
||||
- /status_code.*200/
|
||||
- /referrer.*{{ $rnd_address }}/
|
||||
timeout: 30000
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -34,9 +34,10 @@ command:
|
||||
- {{ $testValue }}
|
||||
timeout: 9000
|
||||
{{- end }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
command:
|
||||
{{- $uid := .Vars.web.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.web.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.web.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.web.podSecurityContext.fsGroup }}/
|
||||
check-no-capabilities:
|
||||
exec: cat /proc/1/status
|
||||
exit-status: 0
|
||||
|
||||
@@ -21,12 +21,13 @@ http:
|
||||
no-follow-redirects: true
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
check-db-credentials:
|
||||
exec: env
|
||||
exit-status: 0
|
||||
|
||||
@@ -13,9 +13,10 @@ command:
|
||||
stdout:
|
||||
- STORED
|
||||
- {{ $value }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -13,9 +13,10 @@ command:
|
||||
- "CapEff: 0000000000000000"
|
||||
- "CapBnd: 0000000000000000"
|
||||
- "CapAmb: 0000000000000000"
|
||||
{{- $uid := .Vars.controller.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.controller.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.controller.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.controller.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -11,8 +11,9 @@ file:
|
||||
mode: "1777"
|
||||
owner: root
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
|
||||
@@ -17,12 +17,13 @@ command:
|
||||
stdout:
|
||||
- /Network.*OK/
|
||||
- /Drives.*OK/
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
file:
|
||||
{{ .Vars.persistence.mountPath }}:
|
||||
|
||||
@@ -26,12 +26,13 @@ command:
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
timeout: 20000
|
||||
{{- $uid := .Vars.mongos.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.mongos.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.mongos.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.mongos.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/opt/bitnami/mongodb/conf/keyfile:
|
||||
mode: "0600"
|
||||
|
||||
@@ -26,9 +26,10 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- {{ $testCollection }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
@@ -8,9 +8,10 @@ http:
|
||||
status: 200
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -8,9 +8,10 @@ command:
|
||||
run-git-example:
|
||||
exec: python {{ .Vars.entrypoint.workDir }}/example/memcost/inception_memcost.py
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.standalone.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.standalone.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.standalone.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.standalone.podSecurityContext.fsGroup }}/
|
||||
@@ -33,9 +33,10 @@ command:
|
||||
- {{ $msg }}
|
||||
timeout: 20000
|
||||
{{ end }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ $running_user }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -8,12 +8,13 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
check-capabilities:
|
||||
exec: capsh --print
|
||||
exit-status: 0
|
||||
|
||||
@@ -12,9 +12,10 @@ file:
|
||||
contains:
|
||||
- /listen.*{{ .Vars.containerPorts.http }}/
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -14,9 +14,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -10,9 +10,10 @@ command:
|
||||
check-redis-auth:
|
||||
exec: \[ $OAUTH2_PROXY_REDIS_PASSWORD = {{ .Vars.redis.auth.password }} ]
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -3,12 +3,13 @@ http:
|
||||
status: 200
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/opencart:
|
||||
exists: true
|
||||
|
||||
@@ -4,12 +4,13 @@ http:
|
||||
allow-insecure: true
|
||||
timeout: 70000
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/osclass/config.php:
|
||||
exists: true
|
||||
|
||||
@@ -17,9 +17,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.dashboard.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.dashboard.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.dashboard.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.dashboard.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -16,9 +16,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.server.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.server.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.server.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.server.podSecurityContext.fsGroup }}/
|
||||
@@ -14,9 +14,10 @@ http:
|
||||
status: 200
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -14,9 +14,10 @@ command:
|
||||
{{ range $e, $i := until $nodes }}
|
||||
- /postgresql-ha-postgresql-{{ $i }}/
|
||||
{{ end }}
|
||||
{{- $uid := .Vars.pgpool.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.pgpool.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.pgpool.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.pgpool.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -29,9 +29,10 @@ command:
|
||||
xargs -I '{}' psql -U {{ $repmgr_user }} -d {{ $repmgr_database }} -h '{}'.postgresql-ha-postgresql-headless -p {{ $repmgr_port }} -c "CREATE DATABASE {{ $database }};" && sleep 5 \
|
||||
{{ range $e, $i := until $nodes }}&& psql -U {{ $repmgr_user }} -d {{ $repmgr_database }} -h postgresql-ha-postgresql-{{ $i }}.postgresql-ha-postgresql-headless -p {{ $repmgr_port }} -c "SELECT datname FROM pg_database" | grep {{ $database }}{{ end }}
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.postgresql.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.postgresql.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.postgresql.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.postgresql.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -22,12 +22,13 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- '2'
|
||||
{{- $uid := .Vars.primary.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.primary.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.primary.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.primary.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
{{ .Vars.primary.persistence.mountPath }}:
|
||||
exists: true
|
||||
|
||||
@@ -12,12 +12,13 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- /PS_COOKIE_CHECKIP={{ (eq .Vars.prestashopCookieCheckIP "yes") | int }}/
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/etc/hosts:
|
||||
exists: true
|
||||
@@ -41,4 +42,4 @@ file:
|
||||
contains:
|
||||
- /database_name.*{{ .Vars.mariadb.auth.database }}/
|
||||
- /database_user.*{{ .Vars.mariadb.auth.username }}/
|
||||
- /database_password.*{{ .Vars.mariadb.auth.password }}/
|
||||
- /database_password.*{{ .Vars.mariadb.auth.password }}/
|
||||
|
||||
@@ -8,9 +8,10 @@ command:
|
||||
run-git-example:
|
||||
exec: python /app/beginner_source/examples_tensor/polynomial_tensor.py
|
||||
exit-status: 0
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -38,9 +38,10 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- {{ .Vars.extraPlugins }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -27,12 +27,13 @@ command:
|
||||
stdout:
|
||||
- "role:master"
|
||||
- "connected_slaves:{{ .Vars.cluster.replicas }}"
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
{{ .Vars.persistence.path }}:
|
||||
filetype: directory
|
||||
|
||||
@@ -28,12 +28,13 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- slave
|
||||
{{- $uid := .Vars.master.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.master.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.master.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.master.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
{{ .Vars.master.persistence.path }}:
|
||||
filetype: directory
|
||||
|
||||
@@ -14,12 +14,13 @@ command:
|
||||
- /solr-{{ $i }}/
|
||||
{{ end }}
|
||||
timeout: 30000
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
{{ .Vars.persistence.mountPath }}:
|
||||
filetype: directory
|
||||
|
||||
@@ -18,9 +18,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -23,9 +23,10 @@ file:
|
||||
mode: "3777"
|
||||
owner: root
|
||||
command:
|
||||
{{- $uid := .Vars.server.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.server.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.server.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.server.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -3,12 +3,13 @@ http:
|
||||
status: 200
|
||||
allow-insecure: true
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/suitecrm:
|
||||
exists: true
|
||||
|
||||
@@ -13,9 +13,10 @@ file:
|
||||
mode: "2777"
|
||||
owner: root
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
file:
|
||||
/bitnami/tomcat:
|
||||
exists: true
|
||||
filetype: directory
|
||||
mode: "2775"
|
||||
owner: root
|
||||
owner: root
|
||||
|
||||
@@ -2,9 +2,10 @@ http:
|
||||
http://localhost:{{ .Vars.containerPorts.http }}/health:
|
||||
status: 200
|
||||
command:
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -7,9 +7,10 @@ file:
|
||||
filetype: directory
|
||||
mode: "3777"
|
||||
command:
|
||||
{{- $uid := .Vars.proxy.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.proxy.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.proxy.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.proxy.podSecurityContext.fsGroup }}/
|
||||
|
||||
@@ -20,9 +20,10 @@ command:
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- {{ .Vars.wordpressEmail }}
|
||||
{{- $uid := .Vars.containerSecurityContext.runAsUser }}
|
||||
{{- $gid := .Vars.podSecurityContext.fsGroup }}
|
||||
check-user-info:
|
||||
exec: id
|
||||
# The UID and GID should always be either the one specified as vars (always a bigger number that the default)
|
||||
# or the one randomly defined by openshift (larger values). Otherwise, the chart is still using the default value.
|
||||
exec: if [ $(id -u) -lt {{ $uid }} ] || [ $(id -G | awk '{print $2}') -lt {{ $gid }} ]; then exit 1; fi
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- uid={{ .Vars.containerSecurityContext.runAsUser }}
|
||||
- /groups=.*{{ .Vars.podSecurityContext.fsGroup }}/
|
||||
|
||||
Reference in New Issue
Block a user