From f7abea735474515ca4a7c4aa1871e866011b20e4 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 24 Oct 2024 11:54:09 +0000 Subject: [PATCH] Update Helm release etcd to v10 Signed-off-by: Renovate Bot --- class/defaults.yml | 2 +- .../etcd/templates/networkpolicy.yaml | 27 +++++++++++ .../etcd/10_chart/etcd/templates/pdb.yaml | 4 +- .../etcd/templates/serviceaccount.yaml | 12 +++++ .../10_chart/etcd/templates/statefulset.yaml | 47 +++++++++++++++---- .../10_chart/etcd/templates/svc-headless.yaml | 5 +- .../etcd/10_chart/etcd/templates/svc.yaml | 6 ++- 7 files changed, 90 insertions(+), 13 deletions(-) create mode 100644 tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/networkpolicy.yaml create mode 100644 tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/serviceaccount.yaml diff --git a/class/defaults.yml b/class/defaults.yml index 453bee3..9b447cb 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -22,7 +22,7 @@ parameters: charts: etcd: source: https://charts.bitnami.com/bitnami - version: "9.1.0" + version: "10.4.1" helm_release_name: ${_instance} helm_values: diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/networkpolicy.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/networkpolicy.yaml new file mode 100644 index 0000000..3798b7c --- /dev/null +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/networkpolicy.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/component: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: etcd + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 + name: etcd + namespace: syn-etcd +spec: + egress: + - {} + ingress: + - ports: + - port: 2379 + - port: 2380 + podSelector: + matchLabels: + app.kubernetes.io/component: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/name: etcd + policyTypes: + - Ingress + - Egress diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/pdb.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/pdb.yaml index f710bce..cc3f8b1 100644 --- a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/pdb.yaml +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/pdb.yaml @@ -2,10 +2,12 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: etcd - helm.sh/chart: etcd-9.1.0 + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 name: etcd namespace: syn-etcd spec: diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/serviceaccount.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/serviceaccount.yaml new file mode 100644 index 0000000..abeda3a --- /dev/null +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +automountServiceAccountToken: false +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: etcd + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: etcd + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 + name: etcd + namespace: syn-etcd diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/statefulset.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/statefulset.yaml index cf17121..0824630 100644 --- a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/statefulset.yaml +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/statefulset.yaml @@ -6,7 +6,8 @@ metadata: app.kubernetes.io/instance: etcd app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: etcd - helm.sh/chart: etcd-9.1.0 + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 name: etcd namespace: syn-etcd spec: @@ -26,7 +27,8 @@ spec: app.kubernetes.io/instance: etcd app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: etcd - helm.sh/chart: etcd-9.1.0 + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 spec: affinity: nodeAffinity: null @@ -36,10 +38,12 @@ spec: - podAffinityTerm: labelSelector: matchLabels: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/name: etcd topologyKey: kubernetes.io/hostname weight: 1 + automountServiceAccountToken: false containers: - env: - name: BITNAMI_DEBUG @@ -99,10 +103,11 @@ spec: image: docker.io/bitnami/etcd:3.5.16-debian-12-r2 imagePullPolicy: IfNotPresent livenessProbe: - exec: - command: - - /opt/bitnami/scripts/etcd/healthcheck.sh failureThreshold: 5 + httpGet: + path: /livez + port: 2379 + scheme: HTTPS initialDelaySeconds: 60 periodSeconds: 30 successThreshold: 1 @@ -125,13 +130,34 @@ spec: successThreshold: 1 timeoutSeconds: 5 resources: - limits: {} - requests: {} + limits: + cpu: 375m + ephemeral-storage: 2Gi + memory: 384Mi + requests: + cpu: 250m + ephemeral-storage: 50Mi + memory: 256Mi securityContext: allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault volumeMounts: + - mountPath: /opt/bitnami/etcd/conf/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir - mountPath: /bitnami/etcd name: data - mountPath: /opt/bitnami/etcd/certs/token/ @@ -145,8 +171,13 @@ spec: readOnly: true securityContext: fsGroup: 1001 - serviceAccountName: default + fsGroupChangePolicy: Always + supplementalGroups: [] + sysctls: [] + serviceAccountName: etcd volumes: + - emptyDir: {} + name: empty-dir - name: etcd-jwt-token secret: defaultMode: 256 diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc-headless.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc-headless.yaml index 60c3838..0b763b9 100644 --- a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc-headless.yaml +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc-headless.yaml @@ -4,10 +4,12 @@ metadata: annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: 'true' labels: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: etcd - helm.sh/chart: etcd-9.1.0 + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 name: etcd-headless namespace: syn-etcd spec: @@ -21,6 +23,7 @@ spec: targetPort: peer publishNotReadyAddresses: true selector: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/name: etcd type: ClusterIP diff --git a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc.yaml b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc.yaml index 82830a4..9698e8e 100644 --- a/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc.yaml +++ b/tests/golden/defaults/etcd/etcd/10_chart/etcd/templates/svc.yaml @@ -1,12 +1,13 @@ apiVersion: v1 kind: Service metadata: - annotations: null labels: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: etcd - helm.sh/chart: etcd-9.1.0 + app.kubernetes.io/version: 3.5.16 + helm.sh/chart: etcd-10.4.1 name: etcd namespace: syn-etcd spec: @@ -20,6 +21,7 @@ spec: port: 2380 targetPort: peer selector: + app.kubernetes.io/component: etcd app.kubernetes.io/instance: etcd app.kubernetes.io/name: etcd sessionAffinity: None