feat(argocd-image-updater): update deployment as following upstream
Signed-off-by: yu-croco <yu.croco@gmail.com>
This commit is contained in:
yu-croco
parent
29f505abdd
commit
aded3c2923
3 changed files with 15 additions and 10 deletions
|
|
@ -114,7 +114,7 @@ The `config.registries` value can be used exactly as it looks in the documentati
|
||||||
| rbac.enabled | bool | `true` | Enable RBAC creation |
|
| rbac.enabled | bool | `true` | Enable RBAC creation |
|
||||||
| replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. |
|
| replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. |
|
||||||
| resources | object | `{}` | Pod memory and cpu resource settings for the deployment |
|
| resources | object | `{}` | Pod memory and cpu resource settings for the deployment |
|
||||||
| securityContext | object | `{}` | Security context settings for the deployment |
|
| securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"seccompProfile":{"type":"RuntimeDefault"}}` | Security context settings for the deployment |
|
||||||
| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
|
| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
|
||||||
| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||||
| serviceAccount.labels | object | `{}` | Labels to add to the service account |
|
| serviceAccount.labels | object | `{}` | Labels to add to the service account |
|
||||||
|
|
|
||||||
|
|
@ -34,8 +34,7 @@ spec:
|
||||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{ .Chart.Name }}
|
- name: {{ .Chart.Name }}
|
||||||
command:
|
args:
|
||||||
- /usr/local/bin/argocd-image-updater
|
|
||||||
- run
|
- run
|
||||||
{{- with .Values.extraArgs }}
|
{{- with .Values.extraArgs }}
|
||||||
{{- toYaml . | nindent 12 }}
|
{{- toYaml . | nindent 12 }}
|
||||||
|
|
@ -142,6 +141,8 @@ spec:
|
||||||
name: ssh-known-hosts
|
name: ssh-known-hosts
|
||||||
- mountPath: /app/.ssh
|
- mountPath: /app/.ssh
|
||||||
name: ssh-config
|
name: ssh-config
|
||||||
|
- mountPath: /tmp
|
||||||
|
name: tmp
|
||||||
{{- if .Values.authScripts.enabled }}
|
{{- if .Values.authScripts.enabled }}
|
||||||
- mountPath: /scripts
|
- mountPath: /scripts
|
||||||
name: authscripts
|
name: authscripts
|
||||||
|
|
@ -175,6 +176,8 @@ spec:
|
||||||
name: argocd-image-updater-ssh-config
|
name: argocd-image-updater-ssh-config
|
||||||
optional: true
|
optional: true
|
||||||
name: ssh-config
|
name: ssh-config
|
||||||
|
- emptyDir: {}
|
||||||
|
name: tmp
|
||||||
{{- with .Values.volumes }}
|
{{- with .Values.volumes }}
|
||||||
{{- toYaml . | nindent 6}}
|
{{- toYaml . | nindent 6}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
||||||
|
|
@ -205,13 +205,15 @@ podSecurityContext: {}
|
||||||
# fsGroup: 2000
|
# fsGroup: 2000
|
||||||
|
|
||||||
# -- Security context settings for the deployment
|
# -- Security context settings for the deployment
|
||||||
securityContext: {}
|
securityContext:
|
||||||
# capabilities:
|
allowPrivilegeEscalation: false
|
||||||
# drop:
|
capabilities:
|
||||||
# - ALL
|
drop:
|
||||||
# readOnlyRootFilesystem: true
|
- ALL
|
||||||
# runAsNonRoot: true
|
readOnlyRootFilesystem: true
|
||||||
# runAsUser: 1000
|
runAsNonRoot: true
|
||||||
|
seccompProfile:
|
||||||
|
type: RuntimeDefault
|
||||||
|
|
||||||
rbac:
|
rbac:
|
||||||
# -- Enable RBAC creation
|
# -- Enable RBAC creation
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue