From d68ddc223ddf311c0c3c49d55ee7c0701e59e791 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Sun, 4 Feb 2024 12:33:20 +0200 Subject: [PATCH 1/3] fix sonarlint issues (initial) --- .rhdh/docker/Dockerfile | 2 +- config/manager/default-config/db-statefulset.yaml | 12 +++++++++--- config/manager/default-config/deployment.yaml | 15 ++++++++++++--- config/manager/manager.yaml | 2 ++ docker/Dockerfile | 2 +- 5 files changed, 25 insertions(+), 8 deletions(-) diff --git a/.rhdh/docker/Dockerfile b/.rhdh/docker/Dockerfile index 1fb442ed..eafa09ef 100644 --- a/.rhdh/docker/Dockerfile +++ b/.rhdh/docker/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. #@follow_tag(registry.redhat.io/rhel9/go-toolset:latest) -FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 as builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 AS builder # hadolint ignore=DL3002 USER 0 ENV GOPATH=/go/ diff --git a/config/manager/default-config/db-statefulset.yaml b/config/manager/default-config/db-statefulset.yaml index f8abbafd..6b283994 100644 --- a/config/manager/default-config/db-statefulset.yaml +++ b/config/manager/default-config/db-statefulset.yaml @@ -15,9 +15,13 @@ spec: janus-idp.io/app: backstage-psql-cr1 # placeholder for 'backstage-psql-' name: backstage-db-cr1 # placeholder for 'backstage-psql-' spec: - persistentVolumeClaimRetentionPolicy: - whenDeleted: Retain - whenScaled: Retain + automountServiceAccountToken: false + ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ + ## The optional .spec.persistentVolumeClaimRetentionPolicy field controls if and how PVCs are deleted during the lifecycle of a StatefulSet. + ## You must enable the StatefulSetAutoDeletePVC feature gate on the API server and the controller manager to use this field. +# persistentVolumeClaimRetentionPolicy: +# whenDeleted: Retain +# whenScaled: Retain containers: - env: - name: POSTGRESQL_PORT_NUMBER @@ -73,7 +77,9 @@ spec: cpu: 250m memory: 256Mi limits: + cpu: 250m memory: 1024Mi + ephemeral-storage: 20Mi volumeMounts: - mountPath: /dev/shm name: dshm diff --git a/config/manager/default-config/deployment.yaml b/config/manager/default-config/deployment.yaml index 24c0debc..07e1f4f1 100644 --- a/config/manager/default-config/deployment.yaml +++ b/config/manager/default-config/deployment.yaml @@ -12,7 +12,7 @@ spec: labels: janus-idp.io/app: # placeholder for 'backstage-' spec: - # serviceAccountName: default + automountServiceAccountToken: false volumes: - ephemeral: volumeClaimTemplate: @@ -47,7 +47,11 @@ spec: readOnly: true subPath: .npmrc workingDir: /opt/app-root/src - + resources: + limits: + cpu: 400m + memory: 1Gi + ephemeral-storage: 3Gi containers: - name: backstage-backend image: # will be replaced with the actual image quay.io/janus-idp/backstage-showcase:next @@ -88,4 +92,9 @@ spec: # name: backstage-secrets volumeMounts: - mountPath: /opt/app-root/src/dynamic-plugins-root - name: dynamic-plugins-root \ No newline at end of file + name: dynamic-plugins-root + resources: + limits: + cpu: 400m + memory: 1Gi + ephemeral-storage: 3Gi \ No newline at end of file diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index a667532e..0a0bf0c7 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -36,6 +36,7 @@ spec: labels: control-plane: controller-manager spec: + automountServiceAccountToken: true # TODO(user): Uncomment the following code to configure the nodeAffinity expression # according to the platforms which are supported by your solution. # It is considered best practice to support multiple architectures. You can @@ -100,6 +101,7 @@ spec: limits: cpu: 500m memory: 128Mi + ephemeral-storage: 20Mi requests: cpu: 10m memory: 64Mi diff --git a/docker/Dockerfile b/docker/Dockerfile index 63e2f6d3..c07a813d 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -13,7 +13,7 @@ # limitations under the License. #@follow_tag(registry.redhat.io/rhel9/go-toolset:latest) -FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 as builder +FROM registry.access.redhat.com/ubi9/go-toolset:1.20.10-6 AS builder # hadolint ignore=DL3002 USER 0 ENV GOPATH=/go/ From e242215098dce5b1dcb5195018d718ea9d34bf00 Mon Sep 17 00:00:00 2001 From: gazarenkov Date: Fri, 9 Feb 2024 15:21:59 +0200 Subject: [PATCH 2/3] increase limits --- config/manager/default-config/deployment.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/config/manager/default-config/deployment.yaml b/config/manager/default-config/deployment.yaml index 07e1f4f1..c6b9d23a 100644 --- a/config/manager/default-config/deployment.yaml +++ b/config/manager/default-config/deployment.yaml @@ -49,9 +49,9 @@ spec: workingDir: /opt/app-root/src resources: limits: - cpu: 400m - memory: 1Gi - ephemeral-storage: 3Gi + cpu: 1000m + memory: 2.5Gi + ephemeral-storage: 5Gi containers: - name: backstage-backend image: # will be replaced with the actual image quay.io/janus-idp/backstage-showcase:next @@ -95,6 +95,6 @@ spec: name: dynamic-plugins-root resources: limits: - cpu: 400m - memory: 1Gi - ephemeral-storage: 3Gi \ No newline at end of file + cpu: 1000m + memory: 2.5Gi + ephemeral-storage: 5Gi \ No newline at end of file From 0b3c66ca5f12cad755989bd7a853df47b5869de5 Mon Sep 17 00:00:00 2001 From: Armel Soro Date: Mon, 12 Feb 2024 14:44:48 +0100 Subject: [PATCH 3/3] Update config/manager/manager.yaml --- config/manager/manager.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 0a0bf0c7..914f0aa8 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -36,7 +36,8 @@ spec: labels: control-plane: controller-manager spec: - automountServiceAccountToken: true + # Required because the operator does not work without a Service Account Token + automountServiceAccountToken: true # NOSONAR # TODO(user): Uncomment the following code to configure the nodeAffinity expression # according to the platforms which are supported by your solution. # It is considered best practice to support multiple architectures. You can