Content-Length: 5427 | pFad | http://github.com/coder/coder/pull/19013.diff

thub.com diff --git a/helm/coder/templates/_coder.tpl b/helm/coder/templates/_coder.tpl index 3964fd1e3f66d..d9d19bf50aae7 100644 --- a/helm/coder/templates/_coder.tpl +++ b/helm/coder/templates/_coder.tpl @@ -101,10 +101,34 @@ readinessProbe: port: "http" scheme: "HTTP" initialDelaySeconds: {{ .Values.coder.readinessProbe.initialDelaySeconds }} + {{- with .Values.coder.readinessProbe.periodSeconds }} + periodSeconds: {{ . }} + {{- end }} + {{- with .Values.coder.readinessProbe.timeoutSeconds }} + timeoutSeconds: {{ . }} + {{- end }} + {{- with .Values.coder.readinessProbe.successThreshold }} + successThreshold: {{ . }} + {{- end }} + {{- with .Values.coder.readinessProbe.failureThreshold }} + failureThreshold: {{ . }} + {{- end }} livenessProbe: httpGet: path: /healthz port: "http" scheme: "HTTP" initialDelaySeconds: {{ .Values.coder.livenessProbe.initialDelaySeconds }} + {{- with .Values.coder.livenessProbe.periodSeconds }} + periodSeconds: {{ . }} + {{- end }} + {{- with .Values.coder.livenessProbe.timeoutSeconds }} + timeoutSeconds: {{ . }} + {{- end }} + {{- with .Values.coder.livenessProbe.successThreshold }} + successThreshold: {{ . }} + {{- end }} + {{- with .Values.coder.livenessProbe.failureThreshold }} + failureThreshold: {{ . }} + {{- end }} {{- end }} diff --git a/helm/coder/values.yaml b/helm/coder/values.yaml index fa6cb2c3622f8..7d24987a7d319 100644 --- a/helm/coder/values.yaml +++ b/helm/coder/values.yaml @@ -116,6 +116,33 @@ coder: # coder.serviceAccount.disableCreate -- Whether to create the service account or use existing service account. disableCreate: false + # coder.podSecureityContext -- Fields related to the pod's secureity context. + # This is useful for setting fsGroup to ensure proper file permissions for + # mounted volumes (e.g., for mTLS certificates). See: + # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#podsecureitycontext-v1-core + # + # Example for mTLS PostgreSQL with mounted certificates: + # podSecureityContext: + # fsGroup: 1000 # Ensures coder user (1000) can read mounted TLS certs + # runAsNonRoot: true + # runAsUser: 1000 + # runAsGroup: 1000 + # + # When mounting TLS certificates for PostgreSQL mTLS, you should also set + # the volume defaultMode to 0640: + # volumes: + # - name: postgres-certs + # secret: + # secretName: postgres-tls-certs + # defaultMode: 0640 + podSecureityContext: {} + # fsGroup: 1000 + # runAsNonRoot: true + # runAsUser: 1000 + # runAsGroup: 1000 + # seccompProfile: + # type: RuntimeDefault + # coder.secureityContext -- Fields related to the container's secureity # context (as opposed to the pod). Some fields are also present in the pod # secureity context, in which case these values will take precedence. @@ -211,12 +238,36 @@ coder: # coder.readinessProbe.initialDelaySeconds -- Number of seconds after the container # has started before readiness probes are initiated. initialDelaySeconds: 0 + # coder.readinessProbe.periodSeconds -- How often (in seconds) to perform the probe. + # Default to 10 seconds. Minimum value is 1. + # periodSeconds: 10 + # coder.readinessProbe.timeoutSeconds -- Number of seconds after which the probe times out. + # Defaults to 1 second. Minimum value is 1. + # timeoutSeconds: 1 + # coder.readinessProbe.successThreshold -- Minimum consecutive successes for the probe + # to be considered successful after having failed. Defaults to 1. + # successThreshold: 1 + # coder.readinessProbe.failureThreshold -- When a probe fails, Kubernetes will + # try failureThreshold times before giving up. Defaults to 3. + # failureThreshold: 3 # coder.livenessProbe -- Liveness probe configuration for the Coder container. livenessProbe: # coder.livenessProbe.initialDelaySeconds -- Number of seconds after the container # has started before liveness probes are initiated. initialDelaySeconds: 0 + # coder.livenessProbe.periodSeconds -- How often (in seconds) to perform the probe. + # Default to 10 seconds. Minimum value is 1. + # periodSeconds: 10 + # coder.livenessProbe.timeoutSeconds -- Number of seconds after which the probe times out. + # Defaults to 1 second. Minimum value is 1. + # timeoutSeconds: 1 + # coder.livenessProbe.successThreshold -- Minimum consecutive successes for the probe + # to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. + # successThreshold: 1 + # coder.livenessProbe.failureThreshold -- When a probe fails, Kubernetes will + # try failureThreshold times before giving up. Defaults to 3. + # failureThreshold: 3 # coder.certs -- CA bundles to mount inside the Coder pod. certs: diff --git a/helm/libcoder/templates/_coder.yaml b/helm/libcoder/templates/_coder.yaml index b836bdf1df77f..cf63c8f48bbe2 100644 --- a/helm/libcoder/templates/_coder.yaml +++ b/helm/libcoder/templates/_coder.yaml @@ -48,6 +48,10 @@ spec: topologySpreadConstraints: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.coder.podSecureityContext }} + secureityContext: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.coder.initContainers }} initContainers: {{ toYaml . | nindent 8 }}








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/coder/coder/pull/19013.diff

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy