Skip to content

Commit

Permalink
Update Helm release postgresql to v15
Browse files Browse the repository at this point in the history
Signed-off-by: Renovate Bot <[email protected]>
  • Loading branch information
vshn-renovate committed Oct 1, 2024
1 parent 5ece72b commit b505fe3
Show file tree
Hide file tree
Showing 17 changed files with 200 additions and 52 deletions.
2 changes: 1 addition & 1 deletion class/defaults.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ parameters:
version: v2.3.0
postgresql:
source: https://charts.bitnami.com/bitnami
version: 12.12.10
version: 15.5.38
# FQDN should be overwritten on the cluster level
fqdn: keycloak.example.com
# Default path since Quarkus is "/" rather than "/auth"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
name: keycloak-postgresql-ingress
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-builtin
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/instance: keycloakx
app.kubernetes.io/name: keycloakx
ports:
- ports:
- port: 5432
podSelector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
policyTypes:
- Ingress
- Egress
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: builtin
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-builtin
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ metadata:
app.kubernetes.io/instance: builtin
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-builtin
spec:
Expand All @@ -29,8 +29,8 @@ spec:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
spec:
affinity:
Expand All @@ -46,6 +46,7 @@ spec:
app.kubernetes.io/name: postgresql
topologyKey: kubernetes.io/hostname
weight: 1
automountServiceAccountToken: false
containers:
- env:
- name: BITNAMI_DEBUG
Expand Down Expand Up @@ -125,20 +126,36 @@ spec:
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 250m
memory: 256Mi
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /opt/bitnami/postgresql/conf
name: empty-dir
subPath: app-conf-dir
- mountPath: /opt/bitnami/postgresql/tmp
name: empty-dir
subPath: app-tmp-dir
- mountPath: /opt/bitnami/postgresql/certs
name: postgresql-certificates
readOnly: true
Expand Down Expand Up @@ -166,15 +183,25 @@ spec:
imagePullPolicy: IfNotPresent
name: init-chmod-data
resources:
limits: {}
requests: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /bitnami/postgresql
name: data
- mountPath: /dev/shm
Expand All @@ -185,8 +212,13 @@ spec:
name: postgresql-certificates
securityContext:
fsGroup: 1001
serviceAccountName: default
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
serviceAccountName: keycloak-postgresql
volumes:
- emptyDir: {}
name: empty-dir
- name: raw-certificates
secret:
secretName: keycloak-postgresql-tls
Expand Down
Original file line number Diff line number Diff line change
@@ -1,15 +1,14 @@
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'
annotations: null
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql-hl
namespace: syn-builtin
spec:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-builtin
spec:
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-builtin
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-external
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
name: keycloak-postgresql-ingress
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-openshift-postgres
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/instance: keycloakx
app.kubernetes.io/name: keycloakx
ports:
- ports:
- port: 5432
podSelector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
policyTypes:
- Ingress
- Egress
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: openshift-postgres
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-openshift-postgres
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ metadata:
app.kubernetes.io/instance: openshift-postgres
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
namespace: syn-openshift-postgres
spec:
Expand All @@ -29,8 +29,8 @@ spec:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 16.4.0
helm.sh/chart: postgresql-15.5.38
name: keycloak-postgresql
spec:
affinity:
Expand All @@ -46,6 +46,7 @@ spec:
app.kubernetes.io/name: postgresql
topologyKey: kubernetes.io/hostname
weight: 1
automountServiceAccountToken: false
containers:
- env:
- name: BITNAMI_DEBUG
Expand Down Expand Up @@ -125,19 +126,35 @@ spec:
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 250m
memory: 256Mi
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /opt/bitnami/postgresql/conf
name: empty-dir
subPath: app-conf-dir
- mountPath: /opt/bitnami/postgresql/tmp
name: empty-dir
subPath: app-tmp-dir
- mountPath: /opt/bitnami/postgresql/certs
name: postgresql-certificates
readOnly: true
Expand All @@ -156,28 +173,43 @@ spec:
imagePullPolicy: IfNotPresent
name: copy-certs
resources:
limits: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 250m
memory: 256Mi
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /tmp/certs
name: raw-certificates
- mountPath: /opt/bitnami/postgresql/certs
name: postgresql-certificates
securityContext:
fsGroupChangePolicy: Always
seccompProfile:
type: RuntimeDefault
serviceAccountName: default
supplementalGroups: []
sysctls: []
serviceAccountName: keycloak-postgresql
volumes:
- emptyDir: {}
name: empty-dir
- name: raw-certificates
secret:
secretName: keycloak-postgresql-tls
Expand Down
Loading

0 comments on commit b505fe3

Please sign in to comment.