Skip to content

Update Helm release postgresql to v18 #265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Helm release postgresql to v18 #265

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion class/defaults.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ parameters:
version: 7.0.1
postgresql:
source: https://charts.bitnami.com/bitnami
version: 12.12.10
version: 18.1.8
# FQDN should be overwritten on the cluster level
fqdn: keycloak.example.com
# Default path since Quarkus is "/" rather than "/auth"
Expand Down
18 changes: 9 additions & 9 deletions ...tin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
name: keycloak-postgresql-ingress
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-builtin
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/instance: keycloakx
app.kubernetes.io/name: keycloakx
ports:
- ports:
- port: 5432
podSelector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
policyTypes:
- Ingress
- Egress
19 changes: 19 additions & 0 deletions ...olden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/pdb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: builtin
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-builtin
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
77 changes: 57 additions & 20 deletions ...iltin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ metadata:
app.kubernetes.io/instance: builtin
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-builtin
spec:
Expand All @@ -29,8 +29,8 @@ spec:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
spec:
affinity:
Expand All @@ -46,6 +46,7 @@ spec:
app.kubernetes.io/name: postgresql
topologyKey: kubernetes.io/hostname
weight: 1
automountServiceAccountToken: false
containers:
- env:
- name: BITNAMI_DEBUG
Expand All @@ -54,20 +55,16 @@ spec:
value: '5432'
- name: POSTGRESQL_VOLUME_DIR
value: /bitnami/postgresql
- name: OPENSSL_FIPS
value: 'yes'
- name: PGDATA
value: /bitnami/postgresql/data
- name: POSTGRES_USER
value: keycloak
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keycloak-postgresql
- name: POSTGRES_POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: postgres-password
name: keycloak-postgresql
- name: POSTGRES_PASSWORD_FILE
value: /opt/bitnami/postgresql/secrets/password
- name: POSTGRES_POSTGRES_PASSWORD_FILE
value: /opt/bitnami/postgresql/secrets/postgres-password
- name: POSTGRES_DATABASE
value: keycloak
- name: POSTGRESQL_ENABLE_LDAP
Expand Down Expand Up @@ -119,26 +116,45 @@ spec:
- |
exec pg_isready -U "keycloak" -d "dbname=keycloak sslcert=/opt/bitnami/postgresql/certs/tls.crt sslkey=/opt/bitnami/postgresql/certs/tls.key" -h 127.0.0.1 -p 5432
[ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
[ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
failureThreshold: 6
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 250m
memory: 256Mi
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /opt/bitnami/postgresql/conf
name: empty-dir
subPath: app-conf-dir
- mountPath: /opt/bitnami/postgresql/tmp
name: empty-dir
subPath: app-tmp-dir
- mountPath: /opt/bitnami/postgresql/secrets/
name: postgresql-password
- mountPath: /opt/bitnami/postgresql/certs
name: postgresql-certificates
readOnly: true
Expand All @@ -162,19 +178,32 @@ spec:
cp /tmp/certs/* /opt/bitnami/postgresql/certs/
chown -R 1001:1001 /opt/bitnami/postgresql/certs/
chmod 600 /opt/bitnami/postgresql/certs/tls.key
env:
- name: OPENSSL_FIPS
value: 'yes'
image: docker.io/bitnamilegacy/os-shell:12-debian-12-r49
imagePullPolicy: IfNotPresent
name: init-chmod-data
resources:
limits: {}
requests: {}
limits:
cpu: 150m
ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
securityContext:
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: empty-dir
subPath: tmp-dir
- mountPath: /bitnami/postgresql
name: data
- mountPath: /dev/shm
Expand All @@ -185,8 +214,16 @@ spec:
name: postgresql-certificates
securityContext:
fsGroup: 1001
serviceAccountName: default
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
serviceAccountName: keycloak-postgresql
volumes:
- emptyDir: {}
name: empty-dir
- name: postgresql-password
secret:
secretName: keycloak-postgresql
- name: raw-certificates
secret:
secretName: keycloak-postgresql-tls
Expand Down
7 changes: 3 additions & 4 deletions ...ltin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc-headless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,14 @@
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true'
annotations: null
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql-hl
namespace: syn-builtin
spec:
Expand Down
5 changes: 2 additions & 3 deletions ...olden/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/primary/svc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-builtin
spec:
Expand All @@ -20,5 +20,4 @@ spec:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
sessionAffinity: None
type: ClusterIP
12 changes: 12 additions & 0 deletions ...en/builtin/builtin/builtin/01_keycloak_helmchart/postgresql/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-builtin
Empty file added ...en/external/external/external/01_keycloak_helmchart/postgresql/templates/primary/pdb.yaml
View file
Open in desktop
Empty file.
12 changes: 12 additions & 0 deletions ...external/external/external/01_keycloak_helmchart/postgresql/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-external
18 changes: 9 additions & 9 deletions .../openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/networkpolicy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@ metadata:
app.kubernetes.io/instance: keycloak
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: postgresql
app.kubernetes.io/version: 15.4.0
helm.sh/chart: postgresql-12.12.10
name: keycloak-postgresql-ingress
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-openshift-postgres
spec:
egress:
- {}
ingress:
- from:
- podSelector:
matchLabels:
app.kubernetes.io/instance: keycloakx
app.kubernetes.io/name: keycloakx
ports:
- ports:
- port: 5432
podSelector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
policyTypes:
- Ingress
- Egress
19 changes: 19 additions & 0 deletions ...t-postgres/openshift-postgres/01_keycloak_helmchart/postgresql/templates/primary/pdb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: openshift-postgres
app.kubernetes.io/managed-by: commodore
app.kubernetes.io/name: keycloak
app.kubernetes.io/version: 18.0.0
helm.sh/chart: postgresql-18.1.8
name: keycloak-postgresql
namespace: syn-openshift-postgres
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/component: primary
app.kubernetes.io/instance: keycloak
app.kubernetes.io/name: postgresql
Loading
Loading