[bitnami/mariadb] feat!: 🔒 💥 Enable networkPolicy #23054
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
javsalgar
changed the title
rafariossaa
reviewed
Feb 5, 2024
Comment on lines
34
to
38
| - ports: | ||
| - port: {{ .Values.primary.containerPorts.mysql }} | ||
| - port: {{ .Values.secondary.containerPorts.mysql }} | ||
| - port: {{ .Values.primary.service.ports.mysql }} | ||
| - port: {{ .Values.secondary.service.ports.mysql }} |
There was a problem hiding this comment.
Just to double check because, right now, I have not in the top of my mind all the connections involved.
I am not sure if for example connections to secondary.service.ports.mysql would be made by the cluster, or if it would be only to the secondary nodes.
There was a problem hiding this comment.
The secondary nodes would need to connect to the primary for joining the cluster, and the primary may need to connect to the secondary for operations like synchronous commits.
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
joancafom
pushed a commit
to dalbani/charts
that referenced
this pull request
Feb 22, 2024
* [bitnami/mariadb-galera] feat!: 🔒 💥 Enable networkPolicy Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * docs: 📝 Improve upgrading notes Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * fix: 🐛 Remove unnecessary ports Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> --------- Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com>
This was referenced Mar 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BREAKING CHANGE
Signed-off-by: Javier Salmeron Garcia jsalmeron@vmware.com
Description of the change
This PR normalizes the use of NetworkPolicy in the chart. Adds all Bitnami standards for NetworkPolicies as well as enabling it by default, in order to comply with security checklists.
Benefits
More security in the chart
Possible drawbacks
Applicable issues
Additional information
Checklist
Chart.yamlaccording to semver. This is not necessary when the changes only affect README.md files.README.mdusing readme-generator-for-helm