Add Application Armor to cinder-Job

Change-Id: Icab982b9168381a7795719a6348a5d1c85b71453
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
This commit is contained in:
diwakar thyagaraj 2020-08-04 17:13:35 +00:00
parent b6365afc93
commit a892707f41
3 changed files with 10 additions and 0 deletions

View File

@ -44,6 +44,8 @@ spec:
metadata: metadata:
labels: labels:
{{ tuple $envAll "cinder" "volume-usage-audit" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }} {{ tuple $envAll "cinder" "volume-usage-audit" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
annotations:
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec: spec:
{{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }} {{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
serviceAccountName: {{ $serviceAccountName }} serviceAccountName: {{ $serviceAccountName }}

View File

@ -33,6 +33,8 @@ spec:
metadata: metadata:
labels: labels:
{{ tuple $envAll $serviceName "create-internal-tenant" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} {{ tuple $envAll $serviceName "create-internal-tenant" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "create-internal-tenant" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec: spec:
{{ dict "envAll" $envAll "application" "create_internal_tenant" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} {{ dict "envAll" $envAll "application" "create_internal_tenant" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName | quote }} serviceAccountName: {{ $serviceAccountName | quote }}

View File

@ -26,4 +26,10 @@ pod:
init: runtime/default init: runtime/default
cinder-test: runtime/default cinder-test: runtime/default
cinder-test-ks-user: runtime/default cinder-test-ks-user: runtime/default
cinder-create-internal-tenant:
init: runtime/default
create-internal-tenant: runtime/default
cinder-volume-usage-audit:
cinder-volume-usage-audit: runtime/default
init: runtime/default
... ...