github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/conf/sec-context-changes.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/conf/sec-context-changes.yml (about)

     1  apiVersion: pxc.percona.com/v1-6-0
     2  kind: PerconaXtraDBCluster
     3  metadata:
     4    name: sec-context
     5    finalizers:
     6      - delete-pxc-pods-in-order
     7  spec:
     8    secretsName: my-cluster-secrets
     9    sslSecretName: some-name-ssl
    10    sslInternalSecretName: some-name-ssl-internal
    11    pxc:
    12      annotations:
    13        openshift.io/scc: privileged
    14      containerSecurityContext:
    15        privileged: true
    16      podSecurityContext:
    17        runAsUser: 1001
    18        fsGroup: 1001
    19        supplementalGroups: [1001]
    20      topologySpreadConstraints:
    21        - whenUnsatisfiable: ScheduleAnyway
    22          maxSkew: 0
    23          topologyKey: ""
    24      size: 3
    25      image: -pxc
    26      serviceAccountName: percona-xtradb-cluster-operator-workload
    27      resources:
    28        requests:
    29          memory: 0.1G
    30          cpu: 100m
    31        limits:
    32          memory: "1G"
    33          cpu: "1"
    34      volumeSpec:
    35        persistentVolumeClaim:
    36          resources:
    37            requests:
    38              storage: 2Gi
    39      affinity:
    40        antiAffinityTopologyKey: "kubernetes.io/hostname"
    41    proxysql:
    42      topologySpreadConstraints:
    43        - whenUnsatisfiable: ScheduleAnyway
    44          maxSkew: 0
    45          topologyKey: ""
    46      enabled: true
    47      containerSecurityContext:
    48        privileged: true
    49      podSecurityContext:
    50        runAsUser: 1001
    51        runAsGroup: 1001
    52        supplementalGroups: [1001]
    53      size: 1
    54      image: -proxysql
    55      serviceAccountName: percona-xtradb-cluster-operator-workload
    56      resources:
    57        requests:
    58          memory: 0.1G
    59          cpu: 100m
    60      volumeSpec:
    61        persistentVolumeClaim:
    62          resources:
    63            requests:
    64              storage: 6Gi
    65      affinity:
    66        antiAffinityTopologyKey: none
    67    backup:
    68      image: -backup
    69      serviceAccountName: percona-xtradb-cluster-operator-workload
    70      storages:
    71        pvc:
    72          annotations:
    73            openshift.io/scc: privileged
    74          containerSecurityContext:
    75            privileged: true
    76          podSecurityContext:
    77            fsGroup: 1001
    78            supplementalGroups: [1001, 1002, 1003]
    79          type: filesystem
    80          volume:
    81            persistentVolumeClaim:
    82              accessModes: [ "ReadWriteOnce" ]
    83              resources:
    84                requests:
    85                  storage: 1Gi
    86        minio:
    87          annotations:
    88            openshift.io/scc: privileged
    89          containerSecurityContext:
    90            privileged: true
    91          podSecurityContext:
    92            fsGroup: 1001
    93            supplementalGroups: [1001, 1002, 1003]
    94          topologySpreadConstraints:
    95            - whenUnsatisfiable: ScheduleAnyway
    96              maxSkew: 0
    97              topologyKey: ""
    98          type: s3
    99          s3:
   100            credentialsSecret: minio-secret
   101            region: us-east-1
   102            bucket: operator-testing
   103            endpointUrl: http://minio-service.#namespace:9000/
   104      schedule:
   105        - name: each-hour-pvc
   106          schedule: "0 */1 * * *"
   107          keep: 30
   108          storageName: pvc