[AAI] Kyverno - disallow-host-path policy

[oom.git] / kubernetes / aai / components / aai-graphadmin / templates / job-migration.yaml

diff --git a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
index d585491..49a4de3 100644 (file)
--- a/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/templates/job-migration.yaml
@@ -63,7 +63,7 @@ spec:
       - command:
         - /app/ready.py
         args:
-        - --container-name
+        - --app-name
         {{- if .Values.global.cassandra.localCluster }}
         - aai-cassandra
         {{- else }}
@@ -80,6 +80,13 @@ spec:
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
+        resources:
+          limits:
+            cpu: "100m"
+            memory: "500Mi"
+          requests:
+            cpu: "3m"
+            memory: "20Mi"
       - command:
         - sh
         args:
@@ -92,9 +99,6 @@ spec:
         - name: LOCAL_GROUP_ID
           value: {{ .Values.securityContext.group_id | quote }}
         volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
         - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
           name: config
           subPath: janusgraph-realtime.properties
@@ -139,9 +143,6 @@ spec:
         - name: LOCAL_GROUP_ID
           value: {{ .Values.securityContext.group_id | quote }}
         volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
         - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
           name: config
           subPath: janusgraph-realtime.properties
@@ -171,9 +172,6 @@ spec:
       {{- end }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
       {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix .)) | nindent 8 }}
       - name: {{ include "common.fullname" . }}-logs
         emptyDir: {}
@@ -218,7 +216,7 @@ spec:
       - command:
         - /bin/bash
         - -c
-        - /app/ready.py --container-name aai-cassandra --timeout 1 || /app/ready.py --container-name cassandra
+        - /app/ready.py --app-name aai-cassandra --timeout 1 || /app/ready.py --app-name cassandra
         env:
         - name: NAMESPACE
           valueFrom:
@@ -228,6 +226,13 @@ spec:
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-db-backup-readiness
+        resources:
+          limits:
+            cpu: "100m"
+            memory: "500Mi"
+          requests:
+            cpu: "3m"
+            memory: "20Mi"
       {{- end }}
       containers:
       - name: {{ include "common.name" . }}-db-backup-job
@@ -248,9 +253,6 @@ spec:
         - name: LOCAL_GROUP_ID
           value: {{ .Values.securityContext.group_id | quote }}
         volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
         - mountPath: /opt/app/aai-graphadmin/logs/data/dataSnapshots
           name: snapshots
         - mountPath: /opt/app/aai-graphadmin/resources/etc/appprops/janusgraph-realtime.properties
@@ -282,9 +284,6 @@ spec:
       {{- end }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "common.resources" . | nindent 10 }}
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
       - name: logs
         emptyDir: {}
       - name: config