From a8a300adc917de19981e2ec9cc8d6f33de92cb18 Mon Sep 17 00:00:00 2001 From: Ben Lodge Date: Thu, 12 Dec 2024 17:06:29 +0000 Subject: [PATCH] CLM-32923 Bumped the bitnami fluentd chart to 7.0.3 --- chart/Chart.lock | 6 +++--- chart/Chart.yaml | 4 ++-- chart/tests/iq-server-deployment_test.yaml | 4 ++-- chart/values.yaml | 24 +++------------------- 4 files changed, 10 insertions(+), 28 deletions(-) diff --git a/chart/Chart.lock b/chart/Chart.lock index 5a76041..6e6c2e6 100644 --- a/chart/Chart.lock +++ b/chart/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 4.4.2 - name: fluentd repository: https://charts.bitnami.com/bitnami - version: 5.5.12 -digest: sha256:3001c4faf25aa8e74482a992d2e85b72bb0b4a6f0d9b6c6cce2c6f7f3874ac51 -generated: "2023-01-17T15:12:14.6881484Z" + version: 7.0.3 +digest: sha256:d601322ce9754462b0defe7e96c86765b5e1c56ff3225569ab2cf97751025f30 +generated: "2024-12-12T13:12:09.665889Z" diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 262e9c6..8e95b81 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nexus-iq-server-ha -version: 185.1.0 +version: 185.2.0 appVersion: 1.185.0 description: A cluster of Sonatype Nexus IQ Servers to continuously monitor your entire software supply chain type: application @@ -23,5 +23,5 @@ dependencies: condition: ingress-nginx.enabled - name: fluentd repository: https://charts.bitnami.com/bitnami - version: 5.5.12 + version: 7.0.3 condition: fluentd.enabled diff --git a/chart/tests/iq-server-deployment_test.yaml b/chart/tests/iq-server-deployment_test.yaml index aa88b29..642bea3 100644 --- a/chart/tests/iq-server-deployment_test.yaml +++ b/chart/tests/iq-server-deployment_test.yaml @@ -115,7 +115,7 @@ tests: - env: - name: FLUENTD_CONF value: fluentd.yaml - image: bitnami/fluentd:1.15.3-debian-11-r20 + image: bitnami/fluentd:1.18.0-debian-12-r0 imagePullPolicy: IfNotPresent name: RELEASE-NAME-fluentd-container resources: @@ -391,7 +391,7 @@ tests: - env: - name: FLUENTD_CONF value: fluentd.yaml - image: bitnami/fluentd:1.15.3-debian-11-r20 + image: bitnami/fluentd:1.18.0-debian-12-r0 imagePullPolicy: IfNotPresent name: RELEASE-NAME-fluentd-container securityContext: diff --git a/chart/values.yaml b/chart/values.yaml index e9bcddf..e423f8b 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -667,32 +667,14 @@ fluentd: name: cloudwatch key: logStreamName optional: true - podSecurityContext: - enabled: true - runAsUser: 1000 - runAsGroup: 0 - fsGroup: 0 - containerSecurityContext: - enabled: true - allowPrivilegeEscalation: true - readOnlyRootFilesystem: false - privileged: true initContainers: - name: "{{ .Release.Name }}-set-fluentd-persistence-ownership" image: "{{ tpl (include \"nexus-iq-server-ha.busyboxImage\" .) $}}" - command: [ "sh", "-c", "chown -R 1000:1000 /opt/bitnami/fluentd/logs/nexus-iq-server" ] + command: [ "sh", "-c", "chown -R 1001:1001 /opt/bitnami/fluentd/logs/nexus-iq-server" ] volumeMounts: - mountPath: "/opt/bitnami/fluentd/logs/nexus-iq-server" name: "iq-server-pod-volume" subPath: log - initScripts: + extraGems: # Plugin which can be configured to send logs to CloudWatch - plugins.sh: "fluent-gem install fluent-plugin-cloudwatch-logs" - - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + - fluent-plugin-cloudwatch-logs