openstack/openstack-helm-infra
Code Issues Proposed changes

Merge "mariadb security best practice fixes"

Browse Source
This commit is contained in:
Zuul 2020-09-30 16:26:00 +00:00 committed by Gerrit Code Review
commit 724fa773ff
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mariadb/Chart.yaml
View File

@ -15,7 +15,7 @@ apiVersion: v1
appVersion: v10.2.31 appVersion: v10.2.31
description: OpenStack-Helm MariaDB description: OpenStack-Helm MariaDB
name: mariadb name: mariadb
version: 0.1.1 version: 0.1.2
home: https://mariadb.com/kb/en/ home: https://mariadb.com/kb/en/
icon: http://badges.mariadb.org/mariadb-badge-180x60.png icon: http://badges.mariadb.org/mariadb-badge-180x60.png
sources: sources:

10
mariadb/values.yaml
View File

@ -365,6 +365,16 @@ conf:
max_connections=8192 max_connections=8192
max-connect-errors=1000000 max-connect-errors=1000000
# General security settings
# Reference: https://dev.mysql.com/doc/mysql-security-excerpt/8.0/en/general-security-issues.html
# secure_file_priv is set to '/home' because it is read-only, which will
# disable this feature completely.
secure_file_priv=/home
local_infile=0
symbolic_links=0
sql_mode="STRICT_ALL_TABLES,STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
## Generally, it is unwise to set the query cache to be larger than 64-128M ## Generally, it is unwise to set the query cache to be larger than 64-128M
## as the costs associated with maintaining the cache outweigh the performance ## as the costs associated with maintaining the cache outweigh the performance
## gains. ## gains.