This updates the post-run pod logs task to gather logs from any
failed containers, allowing for identifying issues associated with
pods that fail to start in the gate jobs
Change-Id: I9195f319a064f84f62d2aa558df05f8f81b9abea
This updates the prometheus chart to include the pod
security context on the pod template. This changes the pod's
user from root to the nobody user instead
This also adds the container security context to explicitly set
allowPrivilegeEscalation to false and readOnlyRootFilesystem to true
Change-Id: I2a3a4b77d9b25c086dc23b4fd66dca92872c422d
This reverts commit 244f177ecb2574e8984b8590655af491e49420b4.
removing readOnlyRootFilesystem flag since pods are running to "crashLoopBackOff" state by implementing HTK functionality
when we have set the readOnly flag at pod without HTK functionality the changes were not effected. That is why it passed the gate.
Change-Id: I6920956b881fa358a37003d21a7b76602e2ac61c
This reverts commit ab86685bea6df436c93220ce63900549c19effff.
removing readOnlyRootFilesystem flag since pods are running to "crashLoopBackOff" state by implementing HTK functionality
when we have set the readOnly flag at pod without HTK functionality the changes were not effected. That is why it passed the gate.
Change-Id: Iaa6b89a6a19e8f85d02bf6d06f45570469674d4f
This updates the Calico-etcd chart to include the pod
security context on the pod template
This also adds the container security context to set
readOnlyRootFilesystem to true
Change-Id: I10ff398d7a552d5287d841ca39c77ea097f7e67e
This reverts commit e20242fbdb3de6a2a7e42f2026937a4a17c88d09.
removing readOnlyRootFilesystem flag since pods are running to "crashLoopBackOff" state by implementing HTK functionality
when we have set the readOnly flag at pod without HTK functionality the changes were not effected. That is why it passed the gate.
Change-Id: I6027be601b4241b26b0fbc3c70c886714dac4a48
This adds ingress network policy for the fluent-logging, kibana
and Elasticsearch charts. This leverages the helm-toolkit template
that was used in openstack-helm for the openstack services
Change-Id: I2a89b62f1002851346e9a25de40113078e9c518f
This updates the ceph-provisioners chart to include the pod
security context on the pod template
This also adds the container security context to set allowPrivilegeEscalation
to false and readOnlyRootFilesystem to true
Change-Id: Iee49ffe17f2cd08fc978461269b654d3b2cb4406
This updates the tiller chart to include the pod
security context on the pod template
This also adds the container security context to set
allowPrivilegeEscalation to false
Change-Id: Ic0d87ba2e933444ebe8a6d59d7bb74aae81a051d
I believe when we have set the readOnly flag at pod without HTK functionality the changes were not reflected. That is why it passed the gate.
Later with HTK functionality the gates never passed and I have tested that in various ways and finally I had to unset the readOnly flag
This reverts commit 598040bea05737ea1ee2460ba8675ed7c061e63a.
Change-Id: Icf8d3cc60045926ab60b9735ee1e8202c15df9d5
This PS temporaily removes the mysql_upgrade logic as it breaks
mariabackup as currently implemented.
Change-Id: I1f74d104b004ddb641d354dfee82557b18c3677a
Signed-off-by: Pete Birley <pete@port.direct>
Trivial fix. This patch set fixes inconsistent indentations in YAML file.
Change-Id: I98ed9680d93f9c21e44b7da8462c9ce3607350bd
Signed-off-by: Tin Lam <tin@irrational.io>
This indents the closing {{ end }} for the check for executing the
Elasticsearch test that checks the snapshot repositories
Change-Id: I77ebb1af7ee648cc9787665bfb81dfbb1a30663a
This allows to pass a new env var into shell scripts, for value
overrides, with Zuul's help (value_overrides can be part of the
job definition).
Change-Id: Ia5dcecb73f4b872fd8fb65d3cd0bf69c19addf07
In order to align with ceph-provisioner storageclass
.Values we need to update ceph-mon .Values and tenant-
ceph scripts
Change-Id: I36fb07de9e791ac33cf0b4c38b3e4d63337d3e72
Story: storageclass schema changes
Signed-off-by: kranthi guttikonda <kranthi.guttikonda@att.com>
Signed-off-by: kranthikirang <kranthi.guttikonda@b-yond.com>
This adds the selector.matchLabel key to the packetbeat daemonset
and the elastic-apm-server deployment templates as it's a required
field for apps/v1
Change-Id: Idcc639b49b34579508e77a03f814dcf45ecf667c
* Postgresql lack the feature of creating databases if not exist
* Add a function to workaround in the restore script.
Change-Id: If451204e3cec573a0dbfe91549a47ee569799a22
This PS updates the htk k8s-entrypoint container macro to add security
context, with a set of defaults to allow operation with existing charts.
Change-Id: Ib41600e2e3c848ae0d62181ad7e01f3cf00a26a0
Signed-off-by: Pete Birley <pete@port.direct>
