-
Notifications
You must be signed in to change notification settings - Fork 137
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SecurityContext added to ActiveGate container #597
Conversation
0157a8b
to
79f0af3
Compare
8177166
to
48b51a5
Compare
src/controllers/activegate/reconciler/statefulset/statefulset.go
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't be merged for now as it would break older Activegate versions
321fe2d
to
1e45651
Compare
If you are brave and want to dive into the depts of We do it like this for a deployment, different annotations, same check |
Feature flags were added to make problematic changes opt-in
60dbb46
to
73f47b8
Compare
73f47b8
to
98d142b
Compare
config/helm/chart/default/templates/Common/customresource-dynakube.yaml
Outdated
Show resolved
Hide resolved
src/controllers/activegate/reconciler/statefulset/statefulset.go
Outdated
Show resolved
Hide resolved
@@ -475,3 +569,19 @@ func buildTestInstance() *dynatracev1beta1.DynaKube { | |||
}, | |||
} | |||
} | |||
|
|||
func buildActiveGateVolumeDirectories(readOnly bool) []string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
does this logic also exist for the implementation? It seems there we always add every volume
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, the logic no longer exist
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Eventually logic is needed. Volumes created if needed (depend on StatsD and RO fs)
e7d7a9f
to
956d763
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to add an SCC so these changes work on Openshift (openshift will complain if you have SecurityContext for a pod but no SCC for it)
956d763
to
a74105a
Compare
a74105a
to
ca6fc54
Compare
ca6fc54
to
f6de289
Compare
All changes related to ActiveGate container: