From a90669f802c0636b7cb54fe368af4099122546b3 Mon Sep 17 00:00:00 2001 From: Tvion Date: Thu, 17 Apr 2025 11:08:01 +0500 Subject: [PATCH 1/6] fix: Set PowaUI security context default value --- charts/patroni-services/values.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/patroni-services/values.yaml b/charts/patroni-services/values.yaml index 716eca97..a2a37ead 100644 --- a/charts/patroni-services/values.yaml +++ b/charts/patroni-services/values.yaml @@ -373,7 +373,8 @@ powaUI: limits: cpu: 500m memory: 512Mi - securityContext: {} + securityContext: + runAsUser: 1001 replicationController: install: false @@ -386,7 +387,7 @@ replicationController: cpu: 200m memory: 64Mi securityContext: - runAsUser: 101 + runAsUser: 1001 apiUser: replicator apiPassword: paSsW0rdForReplicat!oN From 9cdd04c91dbe9811ec3c2d9d50898b41a6a92563 Mon Sep 17 00:00:00 2001 From: Tvion Date: Thu, 17 Apr 2025 11:24:35 +0500 Subject: [PATCH 2/6] enable go validation --- .github/super-linter.env | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/super-linter.env b/.github/super-linter.env index 427ac01b..b06944ee 100644 --- a/.github/super-linter.env +++ b/.github/super-linter.env @@ -20,3 +20,4 @@ VALIDATE_PYTHON_PYINK=false VALIDATE_PYTHON_PYLINT=false VALIDATE_GO=false +VALIDATE_GO_MODULES=true \ No newline at end of file From 7d60c234f3413de7275fd85a60bb3490f6c15ed8 Mon Sep 17 00:00:00 2001 From: Tvion Date: Thu, 17 Apr 2025 11:27:56 +0500 Subject: [PATCH 3/6] enable go validation --- .github/super-linter.env | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/super-linter.env b/.github/super-linter.env index b06944ee..d1171084 100644 --- a/.github/super-linter.env +++ b/.github/super-linter.env @@ -19,5 +19,4 @@ VALIDATE_PYTHON_MYPY=false VALIDATE_PYTHON_PYINK=false VALIDATE_PYTHON_PYLINT=false -VALIDATE_GO=false -VALIDATE_GO_MODULES=true \ No newline at end of file +VALIDATE_GO=false \ No newline at end of file From a7481faabf290d97d2602032afb80ce832a70018 Mon Sep 17 00:00:00 2001 From: Tvion Date: Thu, 17 Apr 2025 14:23:55 +0500 Subject: [PATCH 4/6] fix: powaUI securityContext for OS --- .github/super-linter.env | 2 +- charts/patroni-services/templates/_helpers.tpl | 11 +++++++++++ charts/patroni-services/templates/cr.yaml | 4 +--- charts/patroni-services/values.yaml | 4 ++-- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/super-linter.env b/.github/super-linter.env index d1171084..427ac01b 100644 --- a/.github/super-linter.env +++ b/.github/super-linter.env @@ -19,4 +19,4 @@ VALIDATE_PYTHON_MYPY=false VALIDATE_PYTHON_PYINK=false VALIDATE_PYTHON_PYLINT=false -VALIDATE_GO=false \ No newline at end of file +VALIDATE_GO=false diff --git a/charts/patroni-services/templates/_helpers.tpl b/charts/patroni-services/templates/_helpers.tpl index be82cc99..7e53fbb0 100644 --- a/charts/patroni-services/templates/_helpers.tpl +++ b/charts/patroni-services/templates/_helpers.tpl @@ -419,3 +419,14 @@ Service Name for dbaas adapter {{- define "dbaas.serviceName" -}} {{ printf "dbaas-postgres-adapter" }} {{- end -}} + +{{/* +Return securityContext for powaUI +*/}} +{{- define "powaUI.securityContext" -}} + {{- if .Values.powaUI.securityContext -}} + {{- if not (.Capabilities.APIVersions.Has "security.openshift.io/v1/SecurityContextConstraints") -}} + {{- toYaml .Values.powaUI.securityContext | nindent 6 }} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/patroni-services/templates/cr.yaml b/charts/patroni-services/templates/cr.yaml index 1e48a1fb..5549710f 100644 --- a/charts/patroni-services/templates/cr.yaml +++ b/charts/patroni-services/templates/cr.yaml @@ -271,9 +271,7 @@ spec: {{ toYaml .Values.powaUI.resources | indent 6 }} securityContext: {{- include "restricted.globalPodSecurityContext" . | nindent 6 }} - {{- with .Values.powaUI.securityContext }} - {{- toYaml . | nindent 6 -}} - {{- end }} + {{- include "powaUI.securityContext" . }} {{- end }} {{- if .Values.queryExporter.install }} queryExporter: diff --git a/charts/patroni-services/values.yaml b/charts/patroni-services/values.yaml index a2a37ead..8fdc3f59 100644 --- a/charts/patroni-services/values.yaml +++ b/charts/patroni-services/values.yaml @@ -17,8 +17,8 @@ privateRegistry: create: false # registry: ghcr.io/netcracker # username: - # password: - # email: + # password: + # email: global: cloudIntegrationEnabled: true From d611ca9d749c5259b66155fd09be4e2b8023a12f Mon Sep 17 00:00:00 2001 From: Tvion Date: Thu, 17 Apr 2025 14:25:20 +0500 Subject: [PATCH 5/6] fix: rollback old default change for replicator --- charts/patroni-services/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/patroni-services/values.yaml b/charts/patroni-services/values.yaml index 8fdc3f59..d24b2c36 100644 --- a/charts/patroni-services/values.yaml +++ b/charts/patroni-services/values.yaml @@ -387,7 +387,7 @@ replicationController: cpu: 200m memory: 64Mi securityContext: - runAsUser: 1001 + runAsUser: 101 apiUser: replicator apiPassword: paSsW0rdForReplicat!oN From 0179d15838c8978b9054ebb53e68bfb6b34876d4 Mon Sep 17 00:00:00 2001 From: Tvion Date: Fri, 18 Apr 2025 11:00:00 +0500 Subject: [PATCH 6/6] fix: trailing whitespaces --- charts/patroni-services/templates/cr.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/patroni-services/templates/cr.yaml b/charts/patroni-services/templates/cr.yaml index 5549710f..59bb6c72 100644 --- a/charts/patroni-services/templates/cr.yaml +++ b/charts/patroni-services/templates/cr.yaml @@ -11,8 +11,8 @@ spec: enabled: true names: {{- range $i, $v := .Values.privateRegistry.secrets }} - - {{ $v.name }} - {{- end }} + - {{ $v.name }} + {{- end }} {{- end }} installationTimestamp: {{ now | unixEpoch | quote }} {{ if .Values.serviceAccount.create }} @@ -159,7 +159,7 @@ spec: connectionName: "{{ .Values.externalDataBase.connectionName }}" authSecretName: "{{ .Values.externalDataBase.authSecretName }}" {{- if .Values.externalDataBase.restoreConfig }} - restoreConfig: + restoreConfig: {{ .Values.externalDataBase.restoreConfig | toYaml | nindent 6 }} {{- end }} {{ end }}