Code Review
/
oom.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Run SDC pods as non-root
[oom.git]
/
kubernetes
/
sdc
/
charts
/
sdc-cs
/
templates
/
job.yaml
diff --git
a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml
b/kubernetes/sdc/charts/sdc-cs/templates/job.yaml
index
cdccbf4
..
4e4aad4
100644
(file)
--- a/
kubernetes/sdc/charts/sdc-cs/templates/job.yaml
+++ b/
kubernetes/sdc/charts/sdc-cs/templates/job.yaml
@@
-1,4
+1,5
@@
# Copyright © 2017 Amdocs, AT&T, Bell Canada
# Copyright © 2017 Amdocs, AT&T, Bell Canada
+# Modifications Copyright © 2018 ZTE
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@
-20,7
+21,7
@@
metadata:
labels:
app: {{ include "common.name" . }}-job
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
labels:
app: {{ include "common.name" . }}-job
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{
.Release.Name
}}
+ release: {{
include "common.release" .
}}
heritage: {{ .Release.Service }}
spec:
backoffLimit: 20
heritage: {{ .Release.Service }}
spec:
backoffLimit: 20
@@
-28,7
+29,7
@@
spec:
metadata:
labels:
app: {{ include "common.name" . }}-job
metadata:
labels:
app: {{ include "common.name" . }}-job
- release: {{
.Release.Name
}}
+ release: {{
include "common.release" .
}}
spec:
restartPolicy: Never
initContainers:
spec:
restartPolicy: Never
initContainers:
@@
-39,7
+40,11
@@
spec:
- /root/ready.py
args:
- --container-name
- /root/ready.py
args:
- --container-name
+ {{- if .Values.global.cassandra.localCluster }}
- sdc-cs
- sdc-cs
+ {{- else }}
+ - cassandra
+ {{- end }}
env:
- name: NAMESPACE
valueFrom:
env:
- name: NAMESPACE
valueFrom:
@@
-52,11
+57,9
@@
spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-environments
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
volumeMounts:
- name: {{ include "common.fullname" . }}-environments
- mountPath: /root/chef-solo/environments/
- - name: {{ include "common.fullname" . }}-data
- mountPath: /var/lib/cassandra/
+ mountPath: /home/sdc/chef-solo/environments/
- name: {{ include "common.fullname" . }}-chef-cache
- name: {{ include "common.fullname" . }}-chef-cache
- mountPath: /
root
/chef-solo/cache
+ mountPath: /
home/sdc
/chef-solo/cache
env:
- name: ENVNAME
value: {{ .Values.global.env.name }}
env:
- name: ENVNAME
value: {{ .Values.global.env.name }}
@@
-64,13
+67,13
@@
spec:
value: {{ .Values.config.release }}
- name: SDC_USER
valueFrom:
value: {{ .Values.config.release }}
- name: SDC_USER
valueFrom:
- secretKeyRef: {name: {{
.Release.Name
}}-sdc-cs-secrets, key: sdc_user}
+ secretKeyRef: {name: {{
include "common.release" .
}}-sdc-cs-secrets, key: sdc_user}
- name: SDC_PASSWORD
valueFrom:
- name: SDC_PASSWORD
valueFrom:
- secretKeyRef: {name: {{
.Release.Name
}}-sdc-cs-secrets, key: sdc_password}
+ secretKeyRef: {name: {{
include "common.release" .
}}-sdc-cs-secrets, key: sdc_password}
- name: CS_PASSWORD
valueFrom:
- name: CS_PASSWORD
valueFrom:
- secretKeyRef: {name: {{
.Release.Name
}}-sdc-cs-secrets, key: cs_password}
+ secretKeyRef: {name: {{
include "common.release" .
}}-sdc-cs-secrets, key: cs_password}
- name: HOST_IP
valueFrom:
fieldRef:
- name: HOST_IP
valueFrom:
fieldRef:
@@
-78,15
+81,8
@@
spec:
volumes:
- name: {{ include "common.fullname" . }}-environments
configMap:
volumes:
- name: {{ include "common.fullname" . }}-environments
configMap:
- name: {{
.Release.Name
}}-sdc-environments-configmap
+ name: {{
include "common.release" .
}}-sdc-environments-configmap
defaultMode: 0755
defaultMode: 0755
- - name: {{ include "common.fullname" . }}-data
- {{- if .Values.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname" . }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- name: {{ include "common.fullname" . }}-chef-cache
emptyDir: {}
imagePullSecrets:
- name: {{ include "common.fullname" . }}-chef-cache
emptyDir: {}
imagePullSecrets: