[COMMON] Fix Kyverno Policies
common:
- Add settings to common pod templates and fix Cassandra
serviceMesh and MariaDB operator templates
- Added template for mongodb
- Empty lines to files added
readinessCheck:
- Add missing security settings
mariadb-init:
- add security settings in job
cassandra:
- Empty lines added to files
mongodb:
- make emptyDir volume size configurable
others:
- update chart dependency for mongodb in components
- fix linter errors in all files
Issue-ID: OOM-3295
Issue-ID: OOM-3296
Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848
Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
diff --git a/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml b/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml
index 041b0cb..ee033e9 100644
--- a/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/arbiter/statefulset.yaml
@@ -274,7 +274,8 @@
{{- end }}
volumes:
- name: empty-dir
- emptyDir: {}
+ emptyDir:
+ sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
{{- if or .Values.arbiter.configuration .Values.arbiter.existingConfigmap .Values.arbiter.extraVolumes .Values.tls.enabled }}
- name: common-scripts
configMap:
@@ -287,7 +288,8 @@
{{- end }}
{{- if and .Values.tls.enabled .Values.arbiter.enabled }}
- name: certs
- emptyDir: {}
+ emptyDir:
+ sizeLimit: 64Mi
{{- if (include "mongodb.autoGenerateCerts" .) }}
- name: certs-volume
secret:
diff --git a/kubernetes/common/mongodb/templates/backup/cronjob.yaml b/kubernetes/common/mongodb/templates/backup/cronjob.yaml
index 2e884b1..44c297a 100644
--- a/kubernetes/common/mongodb/templates/backup/cronjob.yaml
+++ b/kubernetes/common/mongodb/templates/backup/cronjob.yaml
@@ -167,7 +167,7 @@
volumes:
- name: empty-dir
emptyDir:
- sizeLimit: 64Mi
+ sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
diff --git a/kubernetes/common/mongodb/templates/hidden/statefulset.yaml b/kubernetes/common/mongodb/templates/hidden/statefulset.yaml
index 08a55eb..a64002a 100644
--- a/kubernetes/common/mongodb/templates/hidden/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/hidden/statefulset.yaml
@@ -515,7 +515,7 @@
volumes:
- name: empty-dir
emptyDir:
- sizeLimit: 64Mi
+ sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
diff --git a/kubernetes/common/mongodb/templates/networkpolicy.yaml b/kubernetes/common/mongodb/templates/networkpolicy.yaml
index f6d62ca..63c4d71 100644
--- a/kubernetes/common/mongodb/templates/networkpolicy.yaml
+++ b/kubernetes/common/mongodb/templates/networkpolicy.yaml
@@ -80,4 +80,4 @@
{{- if $extraIngress }}
{{- include "common.tplvalues.render" ( dict "value" $extraIngress "context" $ ) | nindent 4 }}
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml b/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml
index b171eca..089119c 100644
--- a/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml
+++ b/kubernetes/common/mongodb/templates/replicaset/statefulset.yaml
@@ -513,7 +513,7 @@
volumes:
- name: empty-dir
emptyDir:
- sizeLimit: 64Mi
+ sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}
diff --git a/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml b/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml
index 6f63f0b..619533d 100644
--- a/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml
+++ b/kubernetes/common/mongodb/templates/standalone/dep-sts.yaml
@@ -438,7 +438,7 @@
volumes:
- name: empty-dir
emptyDir:
- sizeLimit: 64Mi
+ sizeLimit: {{ .Values.arbiter.emptyDir.sizeLimit }}
- name: common-scripts
configMap:
name: {{ printf "%s-common-scripts" (include "mongodb.fullname" .) }}