Enable Apparmor to all osh-infra test pods
Also Changed container names to static. Change-Id: I51f53b480d18aaa38a9707429f01052ee122e7e9 Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
This commit is contained in:
parent
0e6314ff14
commit
163c5aa780
@ -25,6 +25,7 @@ metadata:
|
|||||||
{{ tuple $envAll "ceph-client" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ceph-client" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
|
{{ dict "envAll" $envAll "podName" "ceph-client-test" "containerNames" (list "init" "ceph-cluster-helm-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
restartPolicy: Never
|
restartPolicy: Never
|
||||||
|
@ -16,6 +16,9 @@ pod:
|
|||||||
ceph-client-bootstrap:
|
ceph-client-bootstrap:
|
||||||
ceph-client-bootstrap: runtime/default
|
ceph-client-bootstrap: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
ceph-client-test:
|
||||||
|
init: runtime/default
|
||||||
|
ceph-cluster-helm-test: runtime/default
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
manifests:
|
manifests:
|
||||||
|
@ -26,6 +26,7 @@ metadata:
|
|||||||
{{ tuple $envAll "ceph-osd" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ceph-osd" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
|
{{ dict "envAll" $envAll "podName" "ceph-osd-test" "containerNames" (list "init" "ceph-cluster-helm-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
restartPolicy: Never
|
restartPolicy: Never
|
||||||
|
@ -7,3 +7,6 @@ pod:
|
|||||||
ceph-log-ownership: runtime/default
|
ceph-log-ownership: runtime/default
|
||||||
osd-init: runtime/default
|
osd-init: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
ceph-osd-test:
|
||||||
|
init: runtime/default
|
||||||
|
ceph-cluster-helm-test: runtime/default
|
@ -67,6 +67,7 @@ metadata:
|
|||||||
{{ tuple $envAll "ceph" "provisioner-test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "ceph" "provisioner-test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
|
{{ dict "envAll" $envAll "podName" "ceph-provisioner-test" "containerNames" (list "init" "ceph-provisioner-helm-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
restartPolicy: Never
|
restartPolicy: Never
|
||||||
|
@ -9,3 +9,6 @@ pod:
|
|||||||
ceph-rbd-provisioner:
|
ceph-rbd-provisioner:
|
||||||
ceph-rbd-provisioner: runtime/default
|
ceph-rbd-provisioner: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
ceph-provisioner-test:
|
||||||
|
init: runtime/default
|
||||||
|
ceph-provisioner-helm-test: runtime/default
|
@ -28,6 +28,7 @@ metadata:
|
|||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
{{ dict "envAll" $envAll "podName" "elasticsearch-test" "containerNames" (list "init" "elasticsearch-helm-tests") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
@ -37,7 +38,7 @@ spec:
|
|||||||
initContainers:
|
initContainers:
|
||||||
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{.Release.Name}}-helm-tests
|
- name: elasticsearch-helm-tests
|
||||||
{{ tuple $envAll "helm_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
{{ tuple $envAll "helm_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
||||||
{{ dict "envAll" $envAll "application" "test" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
{{ dict "envAll" $envAll "application" "test" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
||||||
|
@ -20,3 +20,6 @@ pod:
|
|||||||
prometheus-elasticsearch-exporter:
|
prometheus-elasticsearch-exporter:
|
||||||
elasticsearch-exporter: runtime/default
|
elasticsearch-exporter: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
elasticsearch-test:
|
||||||
|
init: runtime/default
|
||||||
|
elasticsearch-helm-tests: runtime/default
|
||||||
|
@ -28,6 +28,7 @@ metadata:
|
|||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
{{ dict "envAll" $envAll "podName" "grafana-test" "containerNames" (list "init" "grafana-selenium-tests") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
@ -37,7 +38,7 @@ spec:
|
|||||||
initContainers:
|
initContainers:
|
||||||
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{.Release.Name}}-selenium-tests
|
- name: grafana-selenium-tests
|
||||||
{{ tuple $envAll "selenium_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
{{ tuple $envAll "selenium_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
||||||
{{ dict "envAll" $envAll "application" "test" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
{{ dict "envAll" $envAll "application" "test" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
||||||
|
@ -19,3 +19,6 @@ pod:
|
|||||||
grafana-set-admin-user:
|
grafana-set-admin-user:
|
||||||
grafana-set-admin-password: runtime/default
|
grafana-set-admin-password: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
grafana-test:
|
||||||
|
init: runtime/default
|
||||||
|
grafana-selenium-tests: runtime/default
|
@ -29,6 +29,7 @@ metadata:
|
|||||||
annotations:
|
annotations:
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
{{ dict "envAll" $envAll "podName" "nagios-test" "containerNames" (list "init" "nagios-helm-tests") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "monitoring" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
{{ dict "envAll" $envAll "application" "monitoring" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
@ -38,7 +39,7 @@ spec:
|
|||||||
initContainers:
|
initContainers:
|
||||||
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{.Release.Name}}-helm-tests
|
- name: nagios-helm-tests
|
||||||
{{ tuple $envAll "selenium_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
{{ tuple $envAll "selenium_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
||||||
{{ dict "envAll" $envAll "application" "monitoring" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
{{ dict "envAll" $envAll "application" "monitoring" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
|
||||||
|
@ -6,3 +6,6 @@ pod:
|
|||||||
init: runtime/default
|
init: runtime/default
|
||||||
define-nagios-hosts: runtime/default
|
define-nagios-hosts: runtime/default
|
||||||
apache-proxy: runtime/default
|
apache-proxy: runtime/default
|
||||||
|
nagios-test:
|
||||||
|
init: runtime/default
|
||||||
|
nagios-helm-tests: runtime/default
|
@ -26,6 +26,7 @@ metadata:
|
|||||||
{{ tuple $envAll "prometheus" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "prometheus" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
|
{{ dict "envAll" $envAll "podName" "prometheus-test" "containerNames" (list "init" "prometheus-helm-tests") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||||
"helm.sh/hook": test-success
|
"helm.sh/hook": test-success
|
||||||
spec:
|
spec:
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
@ -35,7 +36,7 @@ spec:
|
|||||||
initContainers:
|
initContainers:
|
||||||
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{.Release.Name}}-helm-tests
|
- name: prometheus-helm-tests
|
||||||
{{ tuple $envAll "helm_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
{{ tuple $envAll "helm_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
||||||
command:
|
command:
|
||||||
|
@ -6,3 +6,6 @@ pod:
|
|||||||
prometheus-perms: runtime/default
|
prometheus-perms: runtime/default
|
||||||
apache-proxy: runtime/default
|
apache-proxy: runtime/default
|
||||||
init: runtime/default
|
init: runtime/default
|
||||||
|
prometheus-test:
|
||||||
|
prometheus-helm-tests: runtime/default
|
||||||
|
init: runtime/default
|
Loading…
Reference in New Issue
Block a user