vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2024-05-29 12:56:08 +02:00
parent 3febdf5b21
commit 32880c9ca5
2 changed files with 40 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
apps/taiga/taiga_Job.tf
View File

@@ -12,11 +12,26 @@ resource "kubectl_manifest" "Job_taiga-createinitialtemplates" {
template:
spec:
restartPolicy: Never
initContainers:
- name: wait-for-svc
image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}"
imagePullPolicy: ${var.images.back.pull_policy}
command: ["/bin/bash", "-c"]
args: ["set -o pipefail;for i in {1..200};do (echo > /dev/tcp/${module.service.name}/80) && exit 0; sleep 2;done; exit 1"]
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
runAsGroup: 0
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
containers:
- name: postconfig
image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}"
imagePullPolicy: ${var.images.back.pull_policy}
command: ["/scripts/postconfig.py"]
command: ["/scripts/postconfig.sh"]
env:
- name: POSTGRES_PASSWORD
valueFrom:
@@ -31,6 +46,15 @@ resource "kubectl_manifest" "Job_taiga-createinitialtemplates" {
volumeMounts:
- name: scripts
mountPath: /scripts
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
runAsGroup: 0
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
volumes:
- name: scripts
configMap: