Skip to content
This repository was archived by the owner on May 28, 2021. It is now read-only.

Add support for defining securityContext in cluster spec #218

Merged
merged 1 commit into from
Sep 17, 2018
Merged

Add support for defining securityContext in cluster spec #218

merged 1 commit into from
Sep 17, 2018

Conversation

KashifSaadat
Copy link

Support adding a securityContext to the Cluster Spec, for example:

apiVersion: mysql.oracle.com/v1alpha1
kind: Cluster
metadata:
  name: test-mysql-db
spec:
  multiMaster: true
  members: 3
  securityContext:
    runAsNonRoot: true
    runAsUser: 27
    fsGroup: 27
  ...

@KashifSaadat
Add support for defining securityContext in cluster spec
1e0ce93 
Signed-off-by: Kashif Saadat <kashifsaadat@gmail.com>
@KashifSaadat
Copy link
Author

I've signed and emailed over the OCA earlier today.

@owainlewis
Copy link
Member

Thanks @KashifSaadat we will chase up the OCA today and review the PR this week. 👍

@KashifSaadat
Copy link
Author

Great, thank you! :)

@owainlewis owainlewis added the oracle-cla: yes Contributor has signed the Oracle Contributor Licence Agreement label Sep 17, 2018
@owainlewis
Copy link
Member

OCA approved. Ready for review.

@prydie prydie self-requested a review September 17, 2018 12:55
prydie
prydie approved these changes Sep 17, 2018
View reviewed changes
Copy link

@prydie prydie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change LGTM 👍 .

We may, however, want to consider two things going forward:

  • This won't (as it stands) be applied to existing clusters. For that to be the case we'd need to be reconciling the entire StatefulSet or to add specific code to reconcile the PSP in the cluster controller.
  • Its becoming clear that people want to be able to modify many similar fields. Grouping them under a .spec.[Pod?]Template field (following the same pattern as StatefulSets / Deployments etc.) probably makes sense. This would be a breaking change we'd want to introduce when moving to v1beta1.

@prydie prydie merged commit 8f46c93 into oracle:master Sep 17, 2018
@prydie prydie added this to the 0.4.0 milestone Sep 17, 2018
@prydie prydie mentioned this pull request Sep 17, 2018
Closed
@KashifSaadat
Copy link
Author

That's great, thanks for the review and info! Yes that makes sense to have some form of PodTemplateSpec where all those common attributes could be defined and grouped under.

@KashifSaadat KashifSaadat deleted the support-securityContext branch September 17, 2018 13:09
This was referenced Sep 17, 2018
Merged
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@prydie prydie prydie approved these changes

Assignees
No one assigned
Labels
enhancement feature oracle-cla: yes Contributor has signed the Oracle Contributor Licence Agreement
Projects
None yet
Milestone
0.4.0
Development

Successfully merging this pull request may close these issues.
3 participants
@KashifSaadat @owainlewis @prydie