[mariadb-ingress] Uplift Mariadb-ingress to 0.42.0
- Uplifts the image to nginx 0.42.0 to address CVEs - Updates nginx.tmpl accordingly for nginx 0.42.0 - Adds CLusterRole and labels needed for nginx 0.42.0 - Updates release notes for mariadb Change-Id: Ie4e2a66873bc130c547ff8f30d8e1b2ee9a62186
This commit is contained in:
parent
87e3a02dd5
commit
dcd77ceba3
@ -15,7 +15,7 @@ apiVersion: v1
|
|||||||
appVersion: v10.2.31
|
appVersion: v10.2.31
|
||||||
description: OpenStack-Helm MariaDB
|
description: OpenStack-Helm MariaDB
|
||||||
name: mariadb
|
name: mariadb
|
||||||
version: 0.1.8
|
version: 0.1.9
|
||||||
home: https://mariadb.com/kb/en/
|
home: https://mariadb.com/kb/en/
|
||||||
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
|
icon: http://badges.mariadb.org/mariadb-badge-180x60.png
|
||||||
sources:
|
sources:
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -18,10 +18,9 @@ set -ex
|
|||||||
COMMAND="${@:-start}"
|
COMMAND="${@:-start}"
|
||||||
|
|
||||||
function start () {
|
function start () {
|
||||||
find /tmp/ -maxdepth 1 -writable | grep -v "^/tmp/$" | xargs -L1 -r rm -rfv
|
find /tmp -maxdepth 1 \! -path /tmp -perm /222 -exec rm -rfv {} \;
|
||||||
exec /usr/bin/dumb-init \
|
exec /usr/bin/dumb-init \
|
||||||
/nginx-ingress-controller \
|
/nginx-ingress-controller \
|
||||||
--force-namespace-isolation \
|
|
||||||
--watch-namespace ${POD_NAMESPACE} \
|
--watch-namespace ${POD_NAMESPACE} \
|
||||||
--election-id=${RELEASE_NAME} \
|
--election-id=${RELEASE_NAME} \
|
||||||
--ingress-class=${INGRESS_CLASS} \
|
--ingress-class=${INGRESS_CLASS} \
|
||||||
|
@ -21,6 +21,82 @@ limitations under the License.
|
|||||||
{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRole
|
||||||
|
metadata:
|
||||||
|
name: {{ $serviceAccountName }}
|
||||||
|
rules:
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps
|
||||||
|
- endpoints
|
||||||
|
- nodes
|
||||||
|
- pods
|
||||||
|
- secrets
|
||||||
|
verbs:
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- nodes
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- services
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- update
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- events
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- patch
|
||||||
|
- apiGroups:
|
||||||
|
- "extensions"
|
||||||
|
- "networking.k8s.io"
|
||||||
|
resources:
|
||||||
|
- ingresses
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- "extensions"
|
||||||
|
- "networking.k8s.io"
|
||||||
|
resources:
|
||||||
|
- ingresses/status
|
||||||
|
verbs:
|
||||||
|
- update
|
||||||
|
- apiGroups:
|
||||||
|
- "networking.k8s.io"
|
||||||
|
resources:
|
||||||
|
- ingressclasses
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: {{ $serviceAccountName }}
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: {{ $serviceAccountName }}
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: {{ $serviceAccountName }}
|
||||||
|
namespace: {{ $envAll.Release.Namespace }}
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: Role
|
kind: Role
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ $serviceAccountName }}
|
name: {{ $serviceAccountName }}
|
||||||
@ -123,6 +199,13 @@ metadata:
|
|||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||||
labels:
|
labels:
|
||||||
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
|
app.kubernetes.io/instance: {{ $serviceAccountName }}
|
||||||
|
app.kubernetes.io/name: "mariadb"
|
||||||
|
app.kubernetes.io/component: "ingress"
|
||||||
|
app.kubernetes.io/managed-by: {{ $envAll.Release.Service }}
|
||||||
|
{{- if $envAll.Chart.AppVersion }}
|
||||||
|
app.kubernetes.io/version: {{ $envAll.Chart.AppVersion | quote }}
|
||||||
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.pod.replicas.ingress }}
|
replicas: {{ .Values.pod.replicas.ingress }}
|
||||||
selector:
|
selector:
|
||||||
@ -133,6 +216,13 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
app.kubernetes.io/instance: {{ $serviceAccountName }}
|
||||||
|
app.kubernetes.io/name: "mariadb"
|
||||||
|
app.kubernetes.io/component: "ingress"
|
||||||
|
app.kubernetes.io/managed-by: {{ $envAll.Release.Service }}
|
||||||
|
{{- if $envAll.Chart.AppVersion }}
|
||||||
|
app.kubernetes.io/version: {{ $envAll.Chart.AppVersion | quote }}
|
||||||
|
{{- end }}
|
||||||
annotations:
|
annotations:
|
||||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
@ -21,7 +21,7 @@ release_group: null
|
|||||||
images:
|
images:
|
||||||
tags:
|
tags:
|
||||||
mariadb: docker.io/openstackhelm/mariadb:latest-ubuntu_xenial
|
mariadb: docker.io/openstackhelm/mariadb:latest-ubuntu_xenial
|
||||||
ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
|
ingress: k8s.gcr.io/ingress-nginx/controller:v0.42.0
|
||||||
error_pages: k8s.gcr.io/defaultbackend:1.4
|
error_pages: k8s.gcr.io/defaultbackend:1.4
|
||||||
prometheus_create_mysql_user: docker.io/mariadb:10.2.31
|
prometheus_create_mysql_user: docker.io/mariadb:10.2.31
|
||||||
prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.11.0
|
prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.11.0
|
||||||
|
@ -9,4 +9,5 @@ mariadb:
|
|||||||
- 0.1.6 Change Issuer to ClusterIssuer
|
- 0.1.6 Change Issuer to ClusterIssuer
|
||||||
- 0.1.7 Revert - Change Issuer to ClusterIssuer
|
- 0.1.7 Revert - Change Issuer to ClusterIssuer
|
||||||
- 0.1.8 Change Issuer to ClusterIssuer with logic in place to support cert-manager versioning
|
- 0.1.8 Change Issuer to ClusterIssuer with logic in place to support cert-manager versioning
|
||||||
|
- 0.1.9 Uplift Mariadb-ingress to 0.42.0
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user