New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[prometheus]: Add possibility to disable securityContext for Prometheus and Alertmanager workloads #2595
Conversation
…ager workloads Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove all unrealted format changes in the values file.
also new values needs to be in values file.
…ager workloads - fix formatting, add default values Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
…ager workloads - fix Chart version Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
@monotek requested changes have been applied, would appreciate a review from your side, thanks in advance! |
Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
That's fine with me. |
@ericpdurand Yeah, I left it explicitly because of the known bug in Helm. |
@@ -111,8 +115,12 @@ spec: | |||
- name: {{ template "prometheus.name" . }}-{{ .Values.alertmanager.name }}-{{ .Values.configmapReload.alertmanager.name }} | |||
image: "{{ .Values.configmapReload.alertmanager.image.repository }}:{{ .Values.configmapReload.alertmanager.image.tag }}" | |||
imagePullPolicy: "{{ .Values.configmapReload.alertmanager.image.pullPolicy }}" | |||
{{- if .Values.configmapReload.alertmanager.containerSecurityContextEnabled }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
superfluous too. see above.
@zanhsieh |
Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
34efe4e
@monotek @zanhsieh @ericpdurand Your requested changes have been applied. Please kindly review. |
@monotek |
@zanhsieh |
With |
…p is non-empty Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
Just pushed changes for that |
Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm, thanks @CarpathianUA
@monotek Please kindly review, thanks in advance! |
…us and Alertmanager workloads (prometheus-community#2595) * Add possbility to disable securityContext for Prometheus and Alertmanager workloads Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Add possbility to disable securityContext for Prometheus and Alertmanager workloads - fix formatting, add default values Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Add possbility to disable securityContext for Prometheus and Alertmanager workloads - fix Chart version Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Add condition to disable containerSecurityContext Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Remove redundant containerSecurityContextEnabled variable and condtition Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Remove redundant if condition for check if containerSecurtyContext map is non-empty Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Remove redundant if condition with omit func in vafour of with iterator Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> * Remove redundant if condition Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com> Signed-off-by: Roman Slipchenko <romanslipchenko@gmail.com>
Add possibility to disable securityContext for Prometheus and Alertmanager workloads
Signed-off-by: Roman Slipchenko romanslipchenko@gmail.com
What this PR does / why we need it:
If securityContext is omitted, OpenShift SCC Admission controller can inject needed securityContext on chart deploy time.
More details - https://docs.openshift.com/container-platform/4.11/authentication/managing-security-context-constraints.html
Which issue this PR fixes
None
Special notes for your reviewer
Checklist
[prometheus-couchdb-exporter]
)