Skip to content

Commit 4234df5

Browse files
authored
Merge branch 'develop' into fix/value-2
2 parents fe2818c + aabfead commit 4234df5

File tree

6 files changed

+34
-21
lines changed

6 files changed

+34
-21
lines changed

charts/netbox/templates/cronjob.yaml

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -36,15 +36,17 @@ spec:
3636
{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image) "context" $) | nindent 6 }}
3737
serviceAccountName: {{ include "netbox.serviceAccountName" . }}
3838
automountServiceAccountToken: {{ .Values.housekeeping.automountServiceAccountToken }}
39-
securityContext:
40-
{{- toYaml .Values.housekeeping.podSecurityContext | nindent 12 }}
39+
{{- if .Values.housekeeping.podSecurityContext.enabled }}
40+
securityContext: {{- omit .Values.housekeeping.podSecurityContext "enabled" | toYaml | nindent 12 }}
41+
{{- end }}
4142
{{- if .Values.housekeeping.initContainers }}
4243
{{- include "common.tplvalues.render" (dict "value" .Values.housekeeping.initContainers "context" $) | trim | nindent 10 }}
4344
{{- end }}
4445
containers:
4546
- name: {{ .Chart.Name }}-housekeeping
46-
securityContext:
47-
{{- toYaml .Values.housekeeping.securityContext | nindent 14 }}
47+
{{- if .Values.housekeeping.securityContext.enabled }}
48+
securityContext: {{- omit .Values.housekeeping.securityContext "enabled" | toYaml | nindent 14 }}
49+
{{- end }}
4850
image: {{ include "netbox.image" . | quote }}
4951
command:
5052
- /opt/netbox/venv/bin/python

charts/netbox/templates/deployment.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,9 @@ spec:
5353
{{- else if ne .Values.init.resourcesPreset "none" }}
5454
resources: {{- include "common.resources.preset" (dict "type" .Values.init.resourcesPreset) | nindent 10 }}
5555
{{- end }}
56-
securityContext: {{- .Values.init.securityContext | toYaml | nindent 10 }}
56+
{{- if .Values.init.securityContext.enabled }}
57+
securityContext: {{- omit .Values.init.securityContext "enabled" | toYaml | nindent 10 }}
58+
{{- end }}
5759
volumeMounts:
5860
- name: optunit
5961
mountPath: /opt/unit

charts/netbox/templates/ingress.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ metadata:
55
name: {{ include "common.names.fullname" . }}
66
namespace: {{ include "common.names.namespace" . | quote }}
77
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
8-
{{- if or .Values.service.annotations .Values.commonAnnotations }}
8+
{{- if or .Values.ingress.annotations .Values.commonAnnotations }}
99
{{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }}
1010
annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
1111
{{- end }}

charts/netbox/templates/tests/test-connection.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,4 +18,7 @@ spec:
1818
{{- else if ne .Values.test.resourcesPreset "none" }}
1919
resources: {{- include "common.resources.preset" (dict "type" .Values.test.resourcesPreset) | nindent 6 }}
2020
{{- end }}
21+
{{- if .Values.test.securityContext.enabled }}
22+
securityContext: {{- omit .Values.test.securityContext "enabled" | toYaml | nindent 12 }}
23+
{{- end }}
2124
restartPolicy: Never

charts/netbox/templates/worker-deployment.yaml

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -44,15 +44,17 @@ spec:
4444
{{- end }}
4545
serviceAccountName: {{ include "netbox.serviceAccountName" . }}
4646
automountServiceAccountToken: {{ .Values.worker.automountServiceAccountToken }}
47-
securityContext:
48-
{{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
49-
{{- if .Values.worker.initContainers }}
47+
{{- if .Values.worker.podSecurityContext.enabled }}
48+
securityContext: {{- omit .Values.worker.podSecurityContext "enabled" | toYaml | nindent 8 }}
49+
{{- end }}
50+
{{- with .Values.worker.initContainers }}
5051
{{- include "common.tplvalues.render" (dict "value" .Values.worker.initContainers "context" $) | trim | nindent 6 }}
5152
{{- end }}
5253
containers:
5354
- name: {{ .Chart.Name }}-worker
54-
securityContext:
55-
{{- toYaml .Values.worker.securityContext | nindent 10 }}
55+
{{- if .Values.worker.securityContext.enabled }}
56+
securityContext: {{- omit .Values.worker.securityContext "enabled" | toYaml | nindent 10 }}
57+
{{- end }}
5658
image: {{ include "netbox.image" . | quote }}
5759
command:
5860
- /opt/netbox/venv/bin/python

charts/netbox/values.yaml

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -679,16 +679,16 @@ podSecurityContext:
679679
fsGroup: 1000
680680
## Configure Container Security Context (only main container)
681681
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
682-
## @param containerSecurityContext.enabled Enabled containers' Security Context
683-
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
684-
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
685-
## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
686-
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
687-
## @param containerSecurityContext.privileged Set container's Security Context privileged
688-
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
689-
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
690-
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
691-
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
682+
## @param securityContext.enabled Enabled containers' Security Context
683+
## @param securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
684+
## @param securityContext.runAsUser Set containers' Security Context runAsUser
685+
## @param securityContext.runAsGroup Set containers' Security Context runAsGroup
686+
## @param securityContext.runAsNonRoot Set container's Security Context runAsNonRoot
687+
## @param securityContext.privileged Set container's Security Context privileged
688+
## @param securityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
689+
## @param securityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
690+
## @param securityContext.capabilities.drop List of capabilities to be dropped
691+
## @param securityContext.seccompProfile.type Set container's Security Context seccomp profile
692692
##
693693
securityContext:
694694
enabled: true
@@ -990,13 +990,15 @@ init:
990990
## Init container' Security Context
991991
## Note: the chown of the data folder is done to securityContext.runAsUser
992992
## and not the below init.securityContext.runAsUser
993+
## @param init.securityContext.enabled Enabled containers' Security Context
993994
## @param init.securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
994995
## @param init.securityContext.runAsUser User ID for the init container
995996
## @param init.securityContext.runAsGroup Group ID for the init container
996997
## @param init.securityContext.runAsNonRoot runAsNonRoot for the init container
997998
## @param init.securityContext.seccompProfile.type seccompProfile.type for the init container
998999
##
9991000
securityContext:
1001+
enabled: true
10001002
seLinuxOptions: {}
10011003
seccompProfile:
10021004
type: RuntimeDefault
@@ -1055,13 +1057,15 @@ test:
10551057
## test container' Security Context
10561058
## Note: the chown of the data folder is done to securityContext.runAsUser
10571059
## and not the below test.securityContext.runAsUser
1060+
## @param test.securityContext.enabled Enabled containers' Security Context
10581061
## @param test.securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
10591062
## @param test.securityContext.runAsUser User ID for the test container
10601063
## @param test.securityContext.runAsGroup Group ID for the test container
10611064
## @param test.securityContext.runAsNonRoot runAsNonRoot for the test container
10621065
## @param test.securityContext.seccompProfile.type seccompProfile.type for the test container
10631066
##
10641067
securityContext:
1068+
enabled: false
10651069
seLinuxOptions: {}
10661070
seccompProfile:
10671071
type: RuntimeDefault

0 commit comments

Comments
 (0)