openstack/openstack-helm-infra
Code Issues Proposed changes
Repository for OpenStack Helm infrastructure-related code
2,348 Commits 1 Branch 0 Tags 66 MiB
Smarty 86.1%
Shell 12%
Python 1.4%
Jinja 0.3%
Makefile 0.2%
798303eb88
Go to file
Ahmad Mahmoudi 798303eb88 Added podsecuritypolicy for serviceaccounts 
Added capability in the podsecuritypolicy template to bind individual
serviceaccounts to clusterroles to enable enforcing psp at
serviceaccount level.

The idea is that the default psp can be tuned to be restrictive for all
serviceaccounts; and new psp, clusterroles, and clusterrolebindings are
defined to bind specific serviceaccounts or namespaces to permissive
podsecuritypolicies, based on the security requirements of a deployment.

Change-Id: I1b13c0e324b9a756a07d36b6e53786303f4a9f89
2020-05-27 15:49:04 +00:00
calico Apparmor: Update to use the runtime default profile 2020-01-13 13:04:35 -06:00
ceph-client Enable Apparmor to ceph client bootstrap Pods 2020-04-29 14:43:50 +00:00
ceph-mon Enable Apparmor to ceph client bootstrap Pods 2020-04-29 14:43:50 +00:00
ceph-osd [ceph-osd] Use lvm commands instead of ceph-volume to get OSD properties 2020-04-30 16:21:13 +00:00
ceph-provisioners Enable cephfs tests 2020-04-21 22:25:52 +00:00
ceph-rgw Enable cephfs tests 2020-04-21 22:25:52 +00:00
daemonjob-controller [FIX] Add whitelisting of fields of various types to configMap. 2020-03-27 19:47:06 +05:30
doc Add Project Specific Contributor and PTL Docs 2020-04-24 20:59:44 +02:00
elastic-apm-server Update apiVersion 2020-01-09 08:59:48 +00:00
elastic-filebeat Merge "Update Elastic Beats versions to 7.1.0" 2020-01-14 00:09:44 +00:00
elastic-metricbeat Merge "Update Elastic Beats versions to 7.1.0" 2020-01-14 00:09:44 +00:00
elastic-packetbeat Merge "Update Elastic Beats versions to 7.1.0" 2020-01-14 00:09:44 +00:00
elasticsearch Settings for Remote Elasticsearch Clusters 2020-05-08 13:07:54 -05:00
etcd Update kubernetes-entrypoint image reference 2019-10-18 18:20:11 +00:00
falco Update apiVersion 2020-01-09 08:59:48 +00:00
flannel Update apiVersion 2020-01-09 08:59:48 +00:00
fluentbit Revert "Enable Apparmor for fluentd" 2020-03-24 19:46:19 +00:00
fluentd Fluentd: Switch to Native Metrics Plugin 2020-03-30 00:44:58 -05:00
gnocchi gnocchi: Add metadata labels to CronJob 2020-03-16 18:24:46 -07:00
grafana Enable Apparmor to Grafana Completed pods 2020-05-05 15:59:22 +00:00
helm-toolkit [Ceph] Add msgr1 port for ceph-provisioners 2020-03-27 08:28:58 -07:00
ingress Ingress: Add apparmor profile to ingress init container 2020-05-07 13:51:29 +00:00
kafka Update apiVersion 2020-01-09 08:59:48 +00:00
kibana Enable Apparmor to Kibana 2020-03-14 04:37:32 +00:00
kube-dns Update kubernetes-entrypoint image reference 2019-10-18 18:20:11 +00:00
kubernetes-keystone-webhook Fxing lint errors for Helm 2.16 2019-11-12 11:28:22 -06:00
ldap [LDAP] Remove duplicate manifests: keys 2020-01-23 16:32:03 +00:00
libvirt [FIX] Fixes libvirt apparmor and gate jobs 2020-04-03 18:17:58 +00:00
local-storage Support for local storage 2020-01-09 10:24:31 -06:00
lockdown Add network policy toolkit function 2018-10-15 13:50:50 +00:00
mariadb Fix ipv6 address cannot be parsed in mariadb-ingress pod 2020-05-06 01:53:36 +00:00
memcached Memcached: Add apparmor profile to memcached init containers 2020-05-04 16:37:58 +00:00
metacontroller Add more fields to daemonjob crd spec. 2020-03-20 04:03:13 +00:00
mongodb Update kubernetes-entrypoint image reference 2019-10-18 18:20:11 +00:00
nagios Merge "Add ability to set the domain name in the Nagios chart" 2020-03-17 17:52:47 +00:00
namespace-config Add namespace configuration chart 2020-02-21 13:51:56 -06:00
nfs-provisioner Update apiVersion 2020-01-09 08:59:48 +00:00
openvswitch Set ctl socket ownership 2020-04-27 15:06:01 +00:00
playbooks Add bandit check to osh-infra 2019-12-31 18:29:01 +00:00
podsecuritypolicy Added podsecuritypolicy for serviceaccounts 2020-05-27 15:49:04 +00:00
postgresql Enable Apparmor to postgresql init containers 2020-05-06 01:55:12 +00:00
powerdns Update kubernetes-entrypoint image reference 2019-10-18 18:20:11 +00:00
prometheus Enable Apparmor to Prometheus-init-containers 2020-05-08 17:24:54 +00:00
prometheus-alertmanager Enable Docker default Apparmor for all Prometheus init Containers 2020-05-06 17:18:16 +00:00
prometheus-kube-state-metrics Enable Docker default Apparmor for all Prometheus init Containers 2020-05-06 17:18:16 +00:00
prometheus-node-exporter Enable Docker default Apparmor for all Prometheus init Containers 2020-05-06 17:18:16 +00:00
prometheus-openstack-exporter Enable Docker default Apparmor for all Prometheus init Containers 2020-05-06 17:18:16 +00:00
prometheus-process-exporter Enable Docker default Apparmor for all Prometheus init Containers 2020-05-06 17:18:16 +00:00
rabbitmq Enabling Apparmor fo rabbimq Init conatiners 2020-05-04 17:10:25 +00:00
redis Address bandit gate failures 2020-02-04 15:33:17 -06:00
registry Fxing lint errors for Helm 2.16 2019-11-12 11:28:22 -06:00
releasenotes/notes Aligning OVS and Neutron configuration for DPDK 2019-08-28 14:29:04 +00:00
roles Fluentd: Switch to Native Metrics Plugin 2020-03-30 00:44:58 -05:00
tiller Update kubernetes-entrypoint image reference 2019-10-18 18:20:11 +00:00
tools Enable cephfs tests 2020-04-21 22:25:52 +00:00
zookeeper Update apiVersion 2020-01-09 08:59:48 +00:00
zuul.d Reduce osh-infra check jobs 2020-04-08 08:57:36 -05:00
.gitignore HTK: update .gitignore to exclude htk development files 2019-01-28 10:56:35 -06:00
.gitreview OpenDev Migration Patch 2019-04-19 19:34:11 +00:00
CONTRIBUTING.rst Add Project Specific Contributor and PTL Docs 2020-04-24 20:59:44 +02:00
Makefile Use supplied HELM variable for dep up in Makefile 2018-10-23 11:26:16 -05:00
README.rst Add Project Specific Contributor and PTL Docs 2020-04-24 20:59:44 +02:00
setup.cfg Cleanup py27 support and docs 2020-04-11 15:26:50 +02:00
setup.py Add docs to openstack-helm-infra 2018-05-15 13:04:28 -05:00
tox.ini Fixing docs build for osh-infra 2020-04-21 20:05:39 +00:00

README.rst

Openstack-Helm-Infra

Mission

The goal of OpenStack-Helm-Infra is to provide charts for services or integration of third-party solutions that are required to run OpenStack-Helm.

For more information, please refer to the OpenStack-Helm repository.

Communication

  • Join us on IRC: #openstack-helm on freenode
  • Community IRC Meetings: [Every Tuesday @ 3PM UTC], #openstack-meeting-alt on freenode
  • Meeting Agenda Items: Agenda
  • Join us on Slack
    • #openstack-helm

Contributing

We welcome contributions. Check out this document if you would like to get involved.