github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/pkg/scanners/helm/test/testdata/expected/mysql/templates/primary/statefulset.yaml (about) 1 # Source: mysql/templates/primary/statefulset.yaml 2 apiVersion: apps/v1 3 kind: StatefulSet 4 metadata: 5 name: mysql 6 namespace: 7 labels: 8 app.kubernetes.io/name: mysql 9 helm.sh/chart: mysql-8.8.26 10 app.kubernetes.io/instance: mysql 11 app.kubernetes.io/managed-by: Helm 12 app.kubernetes.io/component: primary 13 spec: 14 replicas: 1 15 selector: 16 matchLabels: 17 app.kubernetes.io/name: mysql 18 app.kubernetes.io/instance: mysql 19 app.kubernetes.io/component: primary 20 serviceName: mysql 21 updateStrategy: 22 type: RollingUpdate 23 template: 24 metadata: 25 annotations: 26 checksum/configuration: 6adfba795651cd736dfa943a87e0853ce417b9fb842b57535e3b1b4e762a33fd 27 labels: 28 app.kubernetes.io/name: mysql 29 helm.sh/chart: mysql-8.8.26 30 app.kubernetes.io/instance: mysql 31 app.kubernetes.io/managed-by: Helm 32 app.kubernetes.io/component: primary 33 spec: 34 35 serviceAccountName: mysql 36 affinity: 37 podAffinity: 38 39 podAntiAffinity: 40 preferredDuringSchedulingIgnoredDuringExecution: 41 - podAffinityTerm: 42 labelSelector: 43 matchLabels: 44 app.kubernetes.io/name: mysql 45 app.kubernetes.io/instance: mysql 46 app.kubernetes.io/component: primary 47 namespaces: 48 - "" 49 topologyKey: kubernetes.io/hostname 50 weight: 1 51 nodeAffinity: 52 53 securityContext: 54 fsGroup: 1001 55 containers: 56 - name: mysql 57 image: docker.io/bitnami/mysql:8.0.28-debian-10-r23 58 imagePullPolicy: "IfNotPresent" 59 securityContext: 60 runAsUser: 1001 61 env: 62 - name: BITNAMI_DEBUG 63 value: "false" 64 - name: MYSQL_ROOT_PASSWORD 65 valueFrom: 66 secretKeyRef: 67 name: mysql 68 key: mysql-root-password 69 - name: MYSQL_DATABASE 70 value: "my_database" 71 ports: 72 - name: mysql 73 containerPort: 3306 74 livenessProbe: 75 failureThreshold: 3 76 initialDelaySeconds: 5 77 periodSeconds: 10 78 successThreshold: 1 79 timeoutSeconds: 1 80 exec: 81 command: 82 - /bin/bash 83 - -ec 84 - | 85 password_aux="${MYSQL_ROOT_PASSWORD:-}" 86 if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then 87 password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") 88 fi 89 mysqladmin status -uroot -p"${password_aux}" 90 readinessProbe: 91 failureThreshold: 3 92 initialDelaySeconds: 5 93 periodSeconds: 10 94 successThreshold: 1 95 timeoutSeconds: 1 96 exec: 97 command: 98 - /bin/bash 99 - -ec 100 - | 101 password_aux="${MYSQL_ROOT_PASSWORD:-}" 102 if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then 103 password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") 104 fi 105 mysqladmin status -uroot -p"${password_aux}" 106 startupProbe: 107 failureThreshold: 10 108 initialDelaySeconds: 15 109 periodSeconds: 10 110 successThreshold: 1 111 timeoutSeconds: 1 112 exec: 113 command: 114 - /bin/bash 115 - -ec 116 - | 117 password_aux="${MYSQL_ROOT_PASSWORD:-}" 118 if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then 119 password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE") 120 fi 121 mysqladmin status -uroot -p"${password_aux}" 122 resources: 123 limits: {} 124 requests: {} 125 volumeMounts: 126 - name: data 127 mountPath: /bitnami/mysql 128 - name: config 129 mountPath: /opt/bitnami/mysql/conf/my.cnf 130 subPath: my.cnf 131 volumes: 132 - name: config 133 configMap: 134 name: mysql 135 volumeClaimTemplates: 136 - metadata: 137 name: data 138 labels: 139 app.kubernetes.io/name: mysql 140 app.kubernetes.io/instance: mysql 141 app.kubernetes.io/component: primary 142 spec: 143 accessModes: 144 - "ReadWriteOnce" 145 resources: 146 requests: 147 storage: "8Gi"