diff --git a/.rhdh/docker/Dockerfile b/.rhdh/docker/Dockerfile index 1fb442ed..eafa09ef 100644 --- a/.rhdh/docker/Dockerfile +++ b/.rhdh/docker/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. #@follow_tag(registry.redhat.io/rhel9/go-toolset:latest) -FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 as builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 AS builder # hadolint ignore=DL3002 USER 0 ENV GOPATH=/go/ diff --git a/config/manager/default-config/db-statefulset.yaml b/config/manager/default-config/db-statefulset.yaml index f8abbafd..6b283994 100644 --- a/config/manager/default-config/db-statefulset.yaml +++ b/config/manager/default-config/db-statefulset.yaml @@ -15,9 +15,13 @@ spec: janus-idp.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' name: backstage-db-cr1 # placeholder for 'backstage-psql-' spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain + automountServiceAccountToken: false + ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ + ## The optional .spec.persistentVolumeClaimRetentionPolicy field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + ## You must enable the StatefulSetAutoDeletePVC feature gate on the API server and the controller manager to use this field. +# persistentVolumeClaimRetentionPolicy: +# whenDeleted: Retain +# whenScaled: Retain containers: - env: - name: POSTGRESQL_PORT_NUMBER @@ -73,7 +77,9 @@ spec: cpu: 250m memory: 256Mi limits: + cpu: 250m memory: 1024Mi + ephemeral-storage: 20Mi volumeMounts: - mountPath: /dev/shm name: dshm diff --git a/config/manager/default-config/deployment.yaml b/config/manager/default-config/deployment.yaml index 24c0debc..c6b9d23a 100644 --- a/config/manager/default-config/deployment.yaml +++ b/config/manager/default-config/deployment.yaml @@ -12,7 +12,7 @@ spec: labels: janus-idp.io/app: # placeholder for 'backstage-' spec: - # serviceAccountName: default + automountServiceAccountToken: false volumes: - ephemeral: volumeClaimTemplate: @@ -47,7 +47,11 @@ spec: readOnly: true subPath: .npmrc workingDir: /opt/app-root/src - + resources: + limits: + cpu: 1000m + memory: 2.5Gi + ephemeral-storage: 5Gi containers: - name: backstage-backend image: # will be replaced with the actual image quay.io/janus-idp/backstage-showcase:next @@ -88,4 +92,9 @@ spec: # name: backstage-secrets volumeMounts: - mountPath: /opt/app-root/src/dynamic-plugins-root - name: dynamic-plugins-root \ No newline at end of file + name: dynamic-plugins-root + resources: + limits: + cpu: 1000m + memory: 2.5Gi + ephemeral-storage: 5Gi \ No newline at end of file diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index a667532e..914f0aa8 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -36,6 +36,8 @@ spec: labels: control-plane: controller-manager spec: + # Required because the operator does not work without a Service Account Token + automountServiceAccountToken: true # NOSONAR # TODO(user): Uncomment the following code to configure the nodeAffinity expression # according to the platforms which are supported by your solution. # It is considered best practice to support multiple architectures. You can @@ -100,6 +102,7 @@ spec: limits: cpu: 500m memory: 128Mi + ephemeral-storage: 20Mi requests: cpu: 10m memory: 64Mi diff --git a/docker/Dockerfile b/docker/Dockerfile index 63e2f6d3..c07a813d 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. #@follow_tag(registry.redhat.io/rhel9/go-toolset:latest) -FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 as builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 AS builder # hadolint ignore=DL3002 USER 0 ENV GOPATH=/go/