From 08b3ca0aa6f7aa79f08d2068f98634c60b1cefdd Mon Sep 17 00:00:00 2001 From: Arthur Date: Sun, 11 Feb 2024 14:51:42 -0500 Subject: [PATCH] fix: Stackrox DB Net Policy Fix --- kubernetes/quay/base/postgres/clair/network-policy.yaml | 4 ++-- kubernetes/quay/base/postgres/clair/postgres.yaml | 4 ++-- kubernetes/quay/base/postgres/quay/network-policy.yaml | 4 ++-- .../stackrox-central/base/postgres/network-policy.yaml | 2 +- kubernetes/stackrox-central/base/postgres/postgres.yaml | 6 +++--- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/kubernetes/quay/base/postgres/clair/network-policy.yaml b/kubernetes/quay/base/postgres/clair/network-policy.yaml index d7cc61dea..818364b9a 100644 --- a/kubernetes/quay/base/postgres/clair/network-policy.yaml +++ b/kubernetes/quay/base/postgres/clair/network-policy.yaml @@ -45,7 +45,7 @@ spec: - from: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: postgres + kubernetes.io/metadata.name: quay podSelector: matchLabels: postgres-operator.crunchydata.com/cluster: clair @@ -53,7 +53,7 @@ spec: - to: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: postgres + kubernetes.io/metadata.name: quay podSelector: matchLabels: postgres-operator.crunchydata.com/cluster: clair diff --git a/kubernetes/quay/base/postgres/clair/postgres.yaml b/kubernetes/quay/base/postgres/clair/postgres.yaml index 7bff60f29..f72884c9e 100644 --- a/kubernetes/quay/base/postgres/clair/postgres.yaml +++ b/kubernetes/quay/base/postgres/clair/postgres.yaml @@ -55,7 +55,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 25Gi instances: - dataVolumeClaimSpec: storageClassName: longhorn @@ -63,7 +63,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 50Gi + storage: 5Gi name: "" replicas: 2 resources: diff --git a/kubernetes/quay/base/postgres/quay/network-policy.yaml b/kubernetes/quay/base/postgres/quay/network-policy.yaml index 30e5b106d..252cf1d91 100644 --- a/kubernetes/quay/base/postgres/quay/network-policy.yaml +++ b/kubernetes/quay/base/postgres/quay/network-policy.yaml @@ -57,7 +57,7 @@ spec: - from: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: postgres + kubernetes.io/metadata.name: quay podSelector: matchLabels: postgres-operator.crunchydata.com/cluster: quay @@ -65,7 +65,7 @@ spec: - to: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: postgres + kubernetes.io/metadata.name: quay podSelector: matchLabels: postgres-operator.crunchydata.com/cluster: quay diff --git a/kubernetes/stackrox-central/base/postgres/network-policy.yaml b/kubernetes/stackrox-central/base/postgres/network-policy.yaml index f83286319..177db3cf0 100644 --- a/kubernetes/stackrox-central/base/postgres/network-policy.yaml +++ b/kubernetes/stackrox-central/base/postgres/network-policy.yaml @@ -44,7 +44,7 @@ spec: - from: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: postgres + kubernetes.io/metadata.name: stackrox podSelector: matchLabels: postgres-operator.crunchydata.com/cluster: stackrox diff --git a/kubernetes/stackrox-central/base/postgres/postgres.yaml b/kubernetes/stackrox-central/base/postgres/postgres.yaml index 258b59773..631833ea0 100644 --- a/kubernetes/stackrox-central/base/postgres/postgres.yaml +++ b/kubernetes/stackrox-central/base/postgres/postgres.yaml @@ -1,6 +1,6 @@ # StackroxDB Tweak # alter user stackrox createdb; -# alter user stackrox superuser +# alter user stackrox superuser; # PSQL 15 Public Scheme Tweak # \c stackrox # GRANT CREATE ON SCHEMA public TO stackrox; @@ -57,7 +57,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 25Gi + storage: 50Gi instances: - dataVolumeClaimSpec: storageClassName: longhorn @@ -65,7 +65,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 15Gi + storage: 30Gi name: "" replicas: 2 resources: