Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
[CPS] Fix statefulset upgrade
[oom.git] / kubernetes / common / timescaledb / templates / statefulset.yaml
diff --git a/kubernetes/common/timescaledb/templates/statefulset.yaml b/kubernetes/common/timescaledb/templates/statefulset.yaml
index 435c925..2e83c5b 100644 (file)
--- a/kubernetes/common/timescaledb/templates/statefulset.yaml
+++ b/kubernetes/common/timescaledb/templates/statefulset.yaml
@@ -1,6 +1,6 @@
 {{/*
 # ============LICENSE_START=======================================================
-#  Copyright (c) 2021 Bell Canada.
+#  Copyright (c) 2021-2022 Bell Canada.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -26,28 +26,29 @@ spec:
   selector: {{- include "common.selectors" . | nindent 4 }}
   serviceName: {{ include "common.servicename" . }}
   template:
-    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
+    metadata: {{- include "common.templateMetadata" (dict "ignoreHelmChart" true "dot" . ) | nindent 6 }}
     spec:
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . ) }}
-      securityContext:
-      {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      {{ include "common.podSecurityContext" . | indent 10 | trim}}
       initContainers:
-        - name: chowm-mount-path
+        # we shouldn't need this but for unknown reason, it's fsGroup is not
+        # applied
+        - name: fix-permission
           command:
             - /bin/sh
           args:
             - -c
-            - chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} /var/lib/postgresql/data
+            - chown -R {{ .Values.securityContext.user_id }}:{{ .Values.securityContext.group_id }} /var/lib/postgresql/data
           image: {{ include "repositoryGenerator.image.busybox" . }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          securityContext:
+            runAsUser: 0
           volumeMounts:
             - mountPath: /var/lib/postgresql/data
               name: {{ include "common.fullname" . }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
-          securityContext:
-          {{- toYaml .Values.securityContext | nindent 12 }}
           imagePullPolicy: {{ .Values.pullPolicy }}
           ports: {{ include "common.containerPorts" . | nindent 12  }}
           livenessProbe:
@@ -98,5 +99,5 @@ spec:
   {{- end }}
  {{if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
   volumeClaimTemplates:
-    - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence) | indent 6 | trim }}
+    - {{ include "common.PVCTemplate" (dict "dot" . "suffix" "data" "persistenceInfos" .Values.persistence "ignoreHelmChart" true) | indent 6 | trim }}
 {{- end }}
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).