Skip to content

Commit

Permalink
fix phpmyadmin chart
Browse files Browse the repository at this point in the history 
Signed-off-by: TasdidurRahman <[email protected]>
  • Loading branch information
@TasdidurRahman
TasdidurRahman committed Sep 4, 2024
1 parent e35e82b commit bd80020
Show file tree
Hide file tree
Showing 5 changed files with 17 additions and 4 deletions.
5 changes: 5 additions & 0 deletions apis/ui/v1alpha1/types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ type ReplicaRange struct {
type AppRef struct {
Service ObjectRef `json:"service"`
AuthSecret LocalObjectRef `json:"authSecret"`
TLS TLS `json:"tls"`
}

type AuthzproxySpec struct {
Expand All @@ -96,3 +97,7 @@ type AuthzproxyParams struct {
PlatformURL string `json:"platformURL"`
PlatformCABundle string `json:"platformCABundle"`
}

type TLS struct {
Enabled bool `json:"enabled"`
}
3 changes: 2 additions & 1 deletion charts/dbgate/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,12 +88,13 @@ The following table lists the configurable parameters of the `dbgate` chart and
| app.service.name | | <code>""</code> |
| app.service.namespace | | <code>""</code> |
| app.authSecret.name | | <code>""</code> |
| app.tls.enabled | | <code>false</code> |
| bind.name | | <code>""</code> |
| bind.namespace | | <code>""</code> |
| authzproxy.enabled | | <code>false</code> |
| authzproxy.repository | KubeDB operator container image | <code>appscode/kube-authz-proxy</code> |
| authzproxy.tag | KubeDB operator container image tag | <code>"v0.0.1"</code> |
| authzproxy.securityContext | Security options this container should run with | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"runAsUser":65534,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
| authzproxy.securityContext | Security options this container should run with | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true,"runAsUser":1000,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
| authzproxy.resources | Compute Resources required by this container | <code>{}</code> |
| authzproxy.params.listen | | <code>8000</code> |
| authzproxy.params.metricsAddr | | <code>8080</code> |
Expand Down
3 changes: 2 additions & 1 deletion charts/phpmyadmin/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ The following table lists the configurable parameters of the `phpmyadmin` chart
| serviceAccount.name | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | <code>""</code> |
| podAnnotations | | <code>{}</code> |
| podSecurityContext | | <code>{}</code> |
| securityContext | | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"runAsUser":65534,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
| securityContext | | <code>{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true,"runAsUser":1000,"seccompProfile":{"type":"RuntimeDefault"}}</code> |
| service.type | | <code>ClusterIP</code> |
| service.port | | <code>80</code> |
| resources | | <code>{}</code> |
Expand All @@ -87,6 +87,7 @@ The following table lists the configurable parameters of the `phpmyadmin` chart
| app.service.name | | <code>""</code> |
| app.service.namespace | | <code>""</code> |
| app.authSecret.name | | <code>""</code> |
| app.tls.enabled | | <code>false</code> |
| bind.name | | <code>""</code> |
| bind.namespace | | <code>""</code> |
| authzproxy.enabled | | <code>false</code> |
Expand Down
4 changes: 4 additions & 0 deletions charts/phpmyadmin/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,10 @@ spec:
secretKeyRef:
name: {{ .Values.app.authSecret.name }}
key: password
{{- if .Values.app.tls.enabled }}
- name: PMA_SSL
value: "1"
{{- end }}
ports:
- name: http
containerPort: 8080
Expand Down
6 changes: 4 additions & 2 deletions charts/phpmyadmin/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,9 @@ securityContext: # +doc-gen:break
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
readOnlyRootFilesystem: true
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 65534
runAsUser: 1000
seccompProfile:
type: RuntimeDefault

Expand Down Expand Up @@ -126,6 +126,8 @@ app:
namespace: ""
authSecret:
name: ""
tls:
enabled: false
bind:
name: ""
namespace: ""
Expand Down

0 comments on commit bd80020

Please sign in to comment.