From 97b29d2625079d2d0c06f222a26043f6d0fbf522 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 5 Oct 2023 08:33:45 +0000 Subject: [PATCH] Update Helm release postgresql to v13 Signed-off-by: Renovate Bot --- class/defaults.yml | 2 +- .../templates/primary/networkpolicy.yaml | 3 +- .../templates/primary/statefulset.yaml | 34 ++++++++++++++----- .../templates/primary/svc-headless.yaml | 6 ++-- .../postgresql/templates/primary/svc.yaml | 3 +- .../templates/primary/networkpolicy.yaml | 3 +- .../templates/primary/statefulset.yaml | 24 ++++++++----- .../templates/primary/svc-headless.yaml | 6 ++-- .../postgresql/templates/primary/svc.yaml | 3 +- 9 files changed, 57 insertions(+), 27 deletions(-) diff --git a/class/defaults.yml b/class/defaults.yml index fdc78cb9..ea6df49f 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -62,7 +62,7 @@ parameters: version: v2.2.2 postgresql: source: https://charts.bitnami.com/bitnami - version: v12.5.6 + version: 13.1.0 # FQDN should be overwritten on the cluster level fqdn: keycloak.example.com # Disables dynamically resolving the hostname from request headers. diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml index 42bab512..81547bed 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql-ingress namespace: syn-builtin spec: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml index 86ca17c2..255bc587 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml @@ -2,11 +2,12 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: keycloak + app.kubernetes.io/component: primary app.kubernetes.io/instance: builtin app.kubernetes.io/managed-by: commodore app.kubernetes.io/name: keycloak - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql namespace: syn-builtin spec: @@ -28,7 +29,8 @@ spec: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql spec: affinity: @@ -56,17 +58,17 @@ spec: value: /bitnami/postgresql/data - name: POSTGRES_USER value: keycloak - - name: POSTGRES_POSTGRES_PASSWORD + - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: postgres-password + key: password name: keycloak-postgresql - - name: POSTGRES_PASSWORD + - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: password + key: postgres-password name: keycloak-postgresql - - name: POSTGRES_DB + - name: POSTGRES_DATABASE value: keycloak - name: POSTGRESQL_ENABLE_LDAP value: 'no' @@ -128,7 +130,15 @@ spec: cpu: 250m memory: 256Mi securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsGroup: 0 + runAsNonRoot: true runAsUser: 1001 + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /opt/bitnami/postgresql/certs name: postgresql-certificates @@ -160,7 +170,11 @@ spec: limits: {} requests: {} securityContext: + runAsGroup: 0 + runAsNonRoot: false runAsUser: 0 + seccompProfile: + type: RuntimeDefault volumeMounts: - mountPath: /bitnami/postgresql name: data @@ -186,7 +200,9 @@ spec: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - - metadata: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: name: data spec: accessModes: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml index bb13dd96..c65af8a5 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: Service metadata: + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 - service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql-hl namespace: syn-builtin spec: diff --git a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml index f4543e5e..035a66dd 100644 --- a/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml +++ b/tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql namespace: syn-builtin spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml index bc583379..7e6a8550 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql-ingress namespace: syn-openshift-postgres spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml index 37bd55e9..7a827af5 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml @@ -2,11 +2,12 @@ apiVersion: apps/v1 kind: StatefulSet metadata: labels: - app.kubernetes.io/component: keycloak + app.kubernetes.io/component: primary app.kubernetes.io/instance: openshift-postgres app.kubernetes.io/managed-by: commodore app.kubernetes.io/name: keycloak - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql namespace: syn-openshift-postgres spec: @@ -28,7 +29,8 @@ spec: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql spec: affinity: @@ -56,17 +58,17 @@ spec: value: /bitnami/postgresql/data - name: POSTGRES_USER value: keycloak - - name: POSTGRES_POSTGRES_PASSWORD + - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: postgres-password + key: password name: keycloak-postgresql - - name: POSTGRES_PASSWORD + - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: - key: password + key: postgres-password name: keycloak-postgresql - - name: POSTGRES_DB + - name: POSTGRES_DATABASE value: keycloak - name: POSTGRESQL_ENABLE_LDAP value: 'no' @@ -132,6 +134,7 @@ spec: capabilities: drop: - ALL + runAsGroup: 0 runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -163,6 +166,7 @@ spec: capabilities: drop: - ALL + runAsGroup: 0 runAsNonRoot: true seccompProfile: type: RuntimeDefault @@ -185,7 +189,9 @@ spec: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - - metadata: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: name: data spec: accessModes: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml index 97566948..82acffda 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: Service metadata: + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 - service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql-hl namespace: syn-openshift-postgres spec: diff --git a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml index d81678b5..62f1a26e 100644 --- a/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml +++ b/tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: keycloak app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - helm.sh/chart: postgresql-12.5.6 + app.kubernetes.io/version: 16.0.0 + helm.sh/chart: postgresql-13.1.0 name: keycloak-postgresql namespace: syn-openshift-postgres spec: