From bdc7e7a15b8c7eb418ee4e7d30429059568e6b22 Mon Sep 17 00:00:00 2001 From: TwiN Date: Mon, 1 Jul 2024 18:31:58 -0400 Subject: [PATCH] fix: Add security_context and bump default gatus version to v5.11.0 --- README.md | 32 ++++++++++++++++---------------- gatus.tf | 6 ++++++ variables.tf | 2 +- 3 files changed, 23 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index f2bce19..0b51f41 100644 --- a/README.md +++ b/README.md @@ -7,23 +7,23 @@ For documentation on Gatus, see [TwiN/gatus](https://github.com/TwiN/gatus). ```hcl module "gatus" { source = "TwiN/gatus/kubernetes" - version = "2.0.0" + version = "2.0.1" configuration_file_content = file("${path.module}/files/gatus.yaml") } ``` -| Variable | Description | Default value | -|:-------------------------- |:---------------------------------------- |:----------------------------- | -| name | Name to use for resources | `gatus` | -| namespace | Namespace in which Gatus will be running | `kube-system` | -| image | Image to use for the container | `twinproduction/gatus:v4.2.0` | -| configuration_file_content | Gatus configuration. See [TwiN/gatus](https://github.com/TwiN/gatus). | `""` Required | -| ingress_host | Ingress host through which Gatus will be exposed. Not created if blank. | `""` | -| ingress_annotations | Ingress annotations. | `{}` | -| ingress_tls_secret_name | Secret name to use for TLS | `""` | -| memory_request | Memory request | `40M` | -| memory_limit | Memory limit | `100M` | -| cpu_request | CPU request | `30m` | -| cpu_limit | CPU limit | `250m` | -| node_selector | Node selectors to use for pods. | `{}` | -| environment_variables | Extra environment variables to pass to the container in which Gatus is running. Used for configuration purposes. | `{}` | +| Variable | Description | Default value | +|:---------------------------|:-----------------------------------------------------------------------------------------------------------------|:------------------------------| +| name | Name to use for resources | `gatus` | +| namespace | Namespace in which Gatus will be running | `kube-system` | +| image | Image to use for the container | `twinproduction/gatus:v4.2.0` | +| configuration_file_content | Gatus configuration. See [TwiN/gatus](https://github.com/TwiN/gatus). | `""` Required | +| ingress_host | Ingress host through which Gatus will be exposed. Not created if blank. | `""` | +| ingress_annotations | Ingress annotations. | `{}` | +| ingress_tls_secret_name | Secret name to use for TLS | `""` | +| memory_request | Memory request | `40M` | +| memory_limit | Memory limit | `100M` | +| cpu_request | CPU request | `30m` | +| cpu_limit | CPU limit | `250m` | +| node_selector | Node selectors to use for pods. | `{}` | +| environment_variables | Extra environment variables to pass to the container in which Gatus is running. Used for configuration purposes. | `{}` | diff --git a/gatus.tf b/gatus.tf index 63069bb..4f02b8b 100644 --- a/gatus.tf +++ b/gatus.tf @@ -94,6 +94,12 @@ resource "kubernetes_deployment_v1" "gatus" { name = kubernetes_config_map_v1.gatus.metadata[0].name } } + security_context { + sysctl { # Needed for ICMP to work without root privileges + name = "net.ipv4.ping_group_range" + value = "0 65536" + } + } node_selector = var.node_selector } } diff --git a/variables.tf b/variables.tf index 4a26462..53d2e17 100644 --- a/variables.tf +++ b/variables.tf @@ -10,7 +10,7 @@ variable "namespace" { variable "image" { type = string - default = "twinproduction/gatus:v4.2.0" + default = "twinproduction/gatus:v5.11.0" } variable "configuration_file_content" {