fix: Stackrox DB Net Policy Fix

kubernetes/nextcloud/base/cronjob.yaml

@@ -51,7 +51,7 @@ spec:
                 claimName: nextcloud-data
           containers:
             - name: nextcloud-cron
-              image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+              image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
               command:
                 - /bin/sh
                 - "-c"

kubernetes/nextcloud/base/preview-cronjob.yaml

@@ -52,7 +52,7 @@ spec:
             runAsUser: 33
           containers:
             - name: nextcloud-preview
-              image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+              image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
               command:
                 - /bin/sh
                 - -c

kubernetes/nextcloud/base/statefulset.yaml

@@ -43,7 +43,7 @@ spec:
         runAsUser: 33
       containers:
         - name: nextcloud
-          image: nextcloud:28.0.1-apache@sha256:3d17745d388ac65fe0572ff3f1e45a868ad6c8e74ea98e03762feda9f0603fff
+          image: nextcloud:28.0.2-apache@sha256:0d231d59967d997141be8016c41df5e05f03137abbf741a8f0be2c0a8af80cf6
           securityContext:
             runAsGroup: 33
             runAsUser: 33

kubernetes/quay/base/postgres/clair/network-policy.yaml

@@ -45,15 +45,15 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: clair
   egress:
     - to:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: clair

kubernetes/quay/base/postgres/quay/network-policy.yaml

@@ -57,15 +57,15 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: quay
   egress:
     - to:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: quay
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: quay

kubernetes/stackrox-central/base/postgres/network-policy.yaml

@@ -44,7 +44,7 @@ spec:
     - from:
         - namespaceSelector:
             matchLabels:
-              kubernetes.io/metadata.name: postgres
+              kubernetes.io/metadata.name: stackrox
           podSelector:
             matchLabels:
               postgres-operator.crunchydata.com/cluster: stackrox

kubernetes/stackrox-central/base/postgres/postgres.yaml

@@ -1,6 +1,6 @@
 # StackroxDB Tweak
 # alter user stackrox createdb;
-# alter user stackrox superuser
+# alter user stackrox superuser;
 # PSQL 15 Public Scheme Tweak
 # \c stackrox
 # GRANT CREATE ON SCHEMA public TO stackrox;
@@ -65,7 +65,7 @@ spec:
           - ReadWriteOnce
         resources:
           requests:
-            storage: 15Gi
+            storage: 5Gi
       name: ""
       replicas: 2
       resources: