Skip to content

Commit

Permalink
refa: avoid hard-coded uid in helm chart
Browse files Browse the repository at this point in the history 
In order to improve installation on openshift, we need to avoid the
hard-coded uid/gid in the helm chart
  • Loading branch information
@joshiste
joshiste committed Dec 9, 2024
1 parent 0d4f737 commit 4ea2587
Show file tree
Hide file tree
Showing 47 changed files with 86 additions and 96 deletions.
44 changes: 22 additions & 22 deletions charts/steadybit-agent/Chart.lock
View file
Original file line number Diff line number Diff line change
@@ -1,75 +1,75 @@
dependencies:
- name: steadybit-extension-aws
repository: https://steadybit.github.io/extension-aws
version: 2.1.21
version: 2.1.23
- name: steadybit-extension-azure
repository: https://steadybit.github.io/extension-azure
version: 1.1.8
version: 1.1.10
- name: steadybit-extension-container
repository: https://steadybit.github.io/extension-container
version: 1.1.31
version: 1.1.32
- name: steadybit-extension-datadog
repository: https://steadybit.github.io/extension-datadog
version: 1.5.7
version: 1.5.9
- name: steadybit-extension-debug
repository: https://steadybit.github.io/extension-debug
version: 1.0.14
- name: steadybit-extension-dynatrace
repository: https://steadybit.github.io/extension-dynatrace
version: 1.1.5
version: 1.1.7
- name: steadybit-extension-gatling
repository: https://steadybit.github.io/extension-gatling
version: 1.1.13
version: 1.1.15
- name: steadybit-extension-gcp
repository: https://steadybit.github.io/extension-gcp
version: 1.1.16
version: 1.1.18
- name: steadybit-extension-host
repository: https://steadybit.github.io/extension-host
version: 1.1.27
version: 1.1.28
- name: steadybit-extension-http
repository: https://steadybit.github.io/extension-http
version: 1.1.15
version: 1.1.17
- name: steadybit-extension-instana
repository: https://steadybit.github.io/extension-instana
version: 1.1.6
version: 1.1.8
- name: steadybit-extension-istio
repository: https://steadybit.github.io/extension-istio
version: 1.1.7
version: 1.1.9
- name: steadybit-extension-jmeter
repository: https://steadybit.github.io/extension-jmeter
version: 1.1.10
version: 1.1.12
- name: steadybit-extension-jvm
repository: https://steadybit.github.io/extension-jvm
version: 1.1.12
- name: steadybit-extension-k6
repository: https://steadybit.github.io/extension-k6
version: 1.2.9
version: 1.2.11
- name: steadybit-extension-kafka
repository: https://steadybit.github.io/extension-kafka
version: 1.0.29
- name: steadybit-extension-kong
repository: https://steadybit.github.io/extension-kong
version: 1.7.6
version: 1.7.8
- name: steadybit-extension-kubernetes
repository: https://steadybit.github.io/extension-kubernetes
version: 1.5.23
version: 1.5.25
- name: steadybit-extension-loadtest
repository: https://steadybit.github.io/extension-loadtest
version: 1.0.40
- name: steadybit-extension-newrelic
repository: https://steadybit.github.io/extension-newrelic
version: 1.1.5
version: 1.1.6
- name: steadybit-extension-postman
repository: https://steadybit.github.io/extension-postman
version: 1.7.9
version: 1.7.11
- name: steadybit-extension-prometheus
repository: https://steadybit.github.io/extension-prometheus
version: 1.5.9
version: 1.5.11
- name: steadybit-extension-stackstate
repository: https://steadybit.github.io/extension-stackstate
version: 1.1.6
version: 1.1.8
- name: steadybit-extension-grafana
repository: https://steadybit.github.io/extension-grafana
version: 1.2.4
digest: sha256:a2354b2ce158d3961ec9bd965cf70fa38587356be508473e5101b1c6e787479e
generated: "2024-12-03T06:09:54.369863177Z"
version: 1.2.6
digest: sha256:1508df99b3cd7bb087dbf0d5d73a19b8462e6b351c5ca16a7545e532b3711e3f
generated: "2024-12-09T09:59:03.468184+01:00"
2 changes: 1 addition & 1 deletion charts/steadybit-agent/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,4 +139,4 @@ dependencies:
version: ^1.1.8
repository: https://steadybit.github.io/extension-grafana
alias: extension-grafana
condition: extension-grafana.enabled
condition: extension-grafana.enabled
Binary file removed charts/steadybit-agent/charts/steadybit-extension-aws-2.1.21.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-aws-2.1.23.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-azure-1.1.10.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-azure-1.1.8.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-container-1.1.31.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-container-1.1.32.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-datadog-1.5.7.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-datadog-1.5.9.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-dynatrace-1.1.5.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-dynatrace-1.1.7.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-gatling-1.1.13.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-gatling-1.1.15.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-gcp-1.1.16.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-gcp-1.1.18.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-grafana-1.2.4.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-grafana-1.2.6.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-host-1.1.27.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-host-1.1.28.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-http-1.1.15.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-http-1.1.17.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-instana-1.1.6.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-instana-1.1.8.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-istio-1.1.7.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-istio-1.1.9.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-jmeter-1.1.10.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-jmeter-1.1.12.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-k6-1.2.11.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-k6-1.2.9.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-kong-1.7.6.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-kong-1.7.8.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-kubernetes-1.5.23.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-kubernetes-1.5.25.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-newrelic-1.1.5.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-newrelic-1.1.6.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-postman-1.7.11.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-postman-1.7.9.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-prometheus-1.5.11.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-prometheus-1.5.9.tgz
View file
Binary file not shown.
Binary file removed charts/steadybit-agent/charts/steadybit-extension-stackstate-1.1.6.tgz
View file
Binary file not shown.
Binary file added charts/steadybit-agent/charts/steadybit-extension-stackstate-1.1.8.tgz
View file
Binary file not shown.
15 changes: 6 additions & 9 deletions charts/steadybit-agent/templates/_podTemplate.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,9 @@
priorityClassName: {{ .Values.priorityClassName.name }}
{{- end }}
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
runAsNonRoot: true
{{- with .Values.podSecurityContext }}
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: steadybit-agent
image: "{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}"
Expand Down Expand Up @@ -140,11 +139,9 @@
{{- toYaml . | nindent 12 }}
{{- end }}
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
{{- with .Values.containerSecurityContext }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- if eq .Values.agent.persistence.provider "filesystem"}}
- name: steadybit-agent-state
Expand Down
50 changes: 20 additions & 30 deletions charts/steadybit-agent/tests/__snapshot__/deployment_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,10 +104,9 @@ manifest should match snapshot:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -238,10 +237,9 @@ should add aws account id from values:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -367,10 +365,9 @@ should add extra volumes and mount:
- mountPath: /extra
name: extramount
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -519,10 +516,9 @@ should add match labels:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -661,10 +657,9 @@ should add proxy configuration:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -794,10 +789,9 @@ should apply extra pod labels:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -929,10 +923,9 @@ should render redis settings:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -1075,10 +1068,9 @@ using extensions with mtls from containerpath:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -1227,10 +1219,9 @@ using extensions with mtls from secrets:
- mountPath: /opt/steadybit/agent/etc/extra-certs
name: extra-certs
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -1365,10 +1356,9 @@ using image pull secrets with debug json log:
imagePullSecrets:
- name: test-pull-secret
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down
10 changes: 4 additions & 6 deletions charts/steadybit-agent/tests/__snapshot__/statefulset_auth_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,10 +113,9 @@ using oauth2 with mtls from containerPath and token uri:
- mountPath: /tmp
name: tmp-dir
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down Expand Up @@ -261,10 +260,9 @@ using oauth2 with mtls from secrets:
name: oauth2-tls-server
readOnly: true
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: steadybit-agent
volumes:
- emptyDir:
Expand Down
Loading

0 comments on commit 4ea2587

Please sign in to comment.