Skip to content

feat: Ensure env-vars changes are always immediately applied #399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
aki-ks wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: Ensure env-vars changes are always immediately applied #399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions mailu/templates/admin/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,11 @@ spec:
{{- if .Values.admin.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.admin.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.admin.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.admin.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.admin.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.admin.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.admin.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/clamav/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,79 +30,81 @@
{{- if .Values.clamav.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.clamav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.clamav.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.clamav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.clamav.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.clamav.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.priorityClassName }}
priorityClassName: {{ .Values.clamav.priorityClassName | quote }}
{{- end }}
{{- if .Values.clamav.schedulerName }}
schedulerName: {{ .Values.clamav.schedulerName | quote }}
{{- end }}
{{- if .Values.clamav.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.clamav.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.clamav.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.podSecurityContext.enabled }}
securityContext: {{- omit .Values.clamav.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: clamav
image: {{ .Values.clamav.image.registry }}/{{ .Values.clamav.image.repository }}:{{ .Values.clamav.image.tag }}
imagePullPolicy: {{ .Values.clamav.image.pullPolicy }}
{{- if .Values.clamav.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.clamav.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: clamav
mountPath: /var/lib/clamav
{{- if .Values.clamav.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.clamav.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.clamav.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.clamav.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.clamav.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: clamav
containerPort: 3310
protocol: TCP

Check warning

Code scanning / Trivy

Can elevate its own privileges Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV001
Severity: MEDIUM
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should set 'securityContext.allowPrivilegeEscalation' to false
Link: KSV001

Check notice

Code scanning / Trivy

Default capabilities: some containers do not drop all Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV003
Severity: LOW
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should add 'ALL' to 'securityContext.capabilities.drop'
Link: KSV003

Check warning

Code scanning / Trivy

Runs as root user Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV012
Severity: MEDIUM
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should set 'securityContext.runAsNonRoot' to true
Link: KSV012

Check failure

Code scanning / Trivy

Root file system is not read-only High

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV014
Severity: HIGH
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should set 'securityContext.readOnlyRootFilesystem' to true
Link: KSV014

Check notice

Code scanning / Trivy

Runs with UID <= 10000 Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV020
Severity: LOW
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should set 'securityContext.runAsUser' > 10000
Link: KSV020

Check notice

Code scanning / Trivy

Runs with GID <= 10000 Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV021
Severity: LOW
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should set 'securityContext.runAsGroup' > 10000
Link: KSV021

Check notice

Code scanning / Trivy

Runtime/Default Seccomp profile not set Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV030
Severity: LOW
Message: Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Link: KSV030

Check notice

Code scanning / Trivy

Container capabilities must only include NET_BIND_SERVICE Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV106
Severity: LOW
Message: container should drop all
Link: KSV106
{{- if .Values.clamav.resources }}
resources: {{- toYaml .Values.clamav.resources | nindent 12 }}

Check notice

Code scanning / Trivy

Default capabilities: some containers do not drop any Low

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV004
Severity: LOW
Message: Container 'clamav' of 'statefulset' 'mailu-clamav' in '' namespace should set securityContext.capabilities.drop
Link: KSV004

Check warning

Code scanning / Trivy

All container images must start with the *.azurecr.io domain Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV032
Severity: MEDIUM
Message: container clamav of statefulset mailu-clamav in namespace should restrict container image to your specific registry domain. For Azure any domain ending in 'azurecr.io'
Link: KSV032

Check warning

Code scanning / Trivy

All container images must start with a GCR domain Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV033
Severity: MEDIUM
Message: container clamav of statefulset mailu-clamav in namespace should restrict container image to your specific registry domain. See the full GCR list here: https://cloud.google.com/container-registry/docs/overview#registries
Link: KSV033

Check warning

Code scanning / Trivy

Container images from public registries used Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV034
Severity: MEDIUM
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should restrict container image to use private registries
Link: KSV034

Check warning

Code scanning / Trivy

All container images must start with an ECR domain Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV035
Severity: MEDIUM
Message: Container 'clamav' of StatefulSet 'mailu-clamav' should restrict images to own ECR repository. See the full ECR list here: https://docs.aws.amazon.com/general/latest/gr/ecr.html
Link: KSV035

Check warning

Code scanning / Trivy

Seccomp policies disabled Medium

Artifact: mailu/templates/clamav/statefulset.yaml
Type: helm
Vulnerability KSV104
Severity: MEDIUM
Message: container "clamav" of statefulset "mailu-clamav" in "" namespace should specify a seccomp profile
Link: KSV104
{{- end }}
{{- if .Values.clamav.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.clamav.startupProbe "enabled") "context" $) | nindent 12 }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/dovecot/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.dovecot.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.dovecot.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.dovecot.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.dovecot.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.dovecot.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.dovecot.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.dovecot.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/fetchmail/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.fetchmail.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.fetchmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.fetchmail.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.fetchmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.fetchmail.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.fetchmail.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/front/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,116 +33,118 @@
{{- if .Values.front.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.front.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.front.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.front.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.front.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.front.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.front.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.front.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.front.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.front.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.priorityClassName }}
priorityClassName: {{ .Values.front.priorityClassName | quote }}
{{- end }}
{{- if .Values.front.schedulerName }}
schedulerName: {{ .Values.front.schedulerName | quote }}
{{- end }}
{{- if .Values.front.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.front.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.front.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.front.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.front.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.podSecurityContext.enabled }}
securityContext: {{- omit .Values.front.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: front
image: {{ .Values.imageRegistry }}/{{ .Values.front.image.repository }}:{{ default (include "mailu.version" .) .Values.front.image.tag }}
imagePullPolicy: {{ .Values.front.image.pullPolicy }}
{{- if .Values.front.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.front.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: certs
mountPath: /certs
{{- if .Values.front.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.front.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.front.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.front.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.front.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: pop3
protocol: TCP
containerPort: 110
{{- if .Values.front.hostPort.enabled }}
hostPort: 110
{{- end}}
- name: pop3s
protocol: TCP
containerPort: 995
{{- if .Values.front.hostPort.enabled }}
hostPort: 995
{{- end}}
- name: imap
protocol: TCP
containerPort: 143
{{- if .Values.front.hostPort.enabled }}
hostPort: 143
{{- end}}
- name: imaps
protocol: TCP
containerPort: 993
{{- if .Values.front.hostPort.enabled }}
hostPort: 993
{{- end}}
- name: smtp
protocol: TCP
containerPort: 25
{{- if .Values.front.hostPort.enabled }}
hostPort: 25
{{- end}}
- name: smtps
protocol: TCP
containerPort: 465
{{- if .Values.front.hostPort.enabled }}
hostPort: 465
{{- end}}
- name: smtp-auth
protocol: TCP
containerPort: 10025
- name: imap-auth
protocol: TCP
containerPort: 10143
- name: smtpd

Check warning

Code scanning / Trivy

Can elevate its own privileges Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV001
Severity: MEDIUM
Message: Container 'front' of Deployment 'mailu-front' should set 'securityContext.allowPrivilegeEscalation' to false
Link: KSV001

Check notice

Code scanning / Trivy

Default capabilities: some containers do not drop all Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV003
Severity: LOW
Message: Container 'front' of Deployment 'mailu-front' should add 'ALL' to 'securityContext.capabilities.drop'
Link: KSV003

Check notice

Code scanning / Trivy

Default capabilities: some containers do not drop any Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV004
Severity: LOW
Message: Container 'front' of 'deployment' 'mailu-front' in '' namespace should set securityContext.capabilities.drop
Link: KSV004

Check warning

Code scanning / Trivy

Runs as root user Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV012
Severity: MEDIUM
Message: Container 'front' of Deployment 'mailu-front' should set 'securityContext.runAsNonRoot' to true
Link: KSV012

Check failure

Code scanning / Trivy

Root file system is not read-only High

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV014
Severity: HIGH
Message: Container 'front' of Deployment 'mailu-front' should set 'securityContext.readOnlyRootFilesystem' to true
Link: KSV014

Check notice

Code scanning / Trivy

Runs with UID <= 10000 Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV020
Severity: LOW
Message: Container 'front' of Deployment 'mailu-front' should set 'securityContext.runAsUser' > 10000
Link: KSV020

Check notice

Code scanning / Trivy

Runs with GID <= 10000 Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV021
Severity: LOW
Message: Container 'front' of Deployment 'mailu-front' should set 'securityContext.runAsGroup' > 10000
Link: KSV021

Check failure

Code scanning / Trivy

Access to host ports High

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV024
Severity: HIGH
Message: Container 'front' of Deployment 'mailu-front' should not set host ports, 'ports[*].hostPort'
Link: KSV024

Check notice

Code scanning / Trivy

Runtime/Default Seccomp profile not set Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV030
Severity: LOW
Message: Either Pod or Container should set 'securityContext.seccompProfile.type' to 'RuntimeDefault'
Link: KSV030

Check warning

Code scanning / Trivy

All container images must start with the *.azurecr.io domain Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV032
Severity: MEDIUM
Message: container front of deployment mailu-front in namespace should restrict container image to your specific registry domain. For Azure any domain ending in 'azurecr.io'
Link: KSV032

Check warning

Code scanning / Trivy

All container images must start with a GCR domain Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV033
Severity: MEDIUM
Message: container front of deployment mailu-front in namespace should restrict container image to your specific registry domain. See the full GCR list here: https://cloud.google.com/container-registry/docs/overview#registries
Link: KSV033

Check warning

Code scanning / Trivy

Container images from public registries used Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV034
Severity: MEDIUM
Message: Container 'front' of Deployment 'mailu-front' should restrict container image to use private registries
Link: KSV034

Check warning

Code scanning / Trivy

All container images must start with an ECR domain Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV035
Severity: MEDIUM
Message: Container 'front' of Deployment 'mailu-front' should restrict images to own ECR repository. See the full ECR list here: https://docs.aws.amazon.com/general/latest/gr/ecr.html
Link: KSV035

Check warning

Code scanning / Trivy

Seccomp policies disabled Medium

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV104
Severity: MEDIUM
Message: container "front" of deployment "mailu-front" in "" namespace should specify a seccomp profile
Link: KSV104

Check notice

Code scanning / Trivy

Container capabilities must only include NET_BIND_SERVICE Low

Artifact: mailu/templates/front/deployment.yaml
Type: helm
Vulnerability KSV106
Severity: LOW
Message: container should drop all
Link: KSV106
protocol: TCP
containerPort: 587
{{- if .Values.front.hostPort.enabled }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/oletools/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.oletools.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.oletools.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.oletools.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.oletools.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.oletools.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.oletools.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.oletools.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/postfix/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,11 @@ spec:
{{- if .Values.postfix.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.postfix.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.postfix.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.postfix.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.postfix.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.postfix.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.postfix.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/rspamd/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.rspamd.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.rspamd.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.rspamd.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.rspamd.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.rspamd.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.rspamd.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.rspamd.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/tika/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.tika.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.tika.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.tika.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.tika.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.tika.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.tika.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.tika.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/webdav/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.webdav.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.webdav.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webdav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.webdav.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.webdav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.webdav.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.webdav.hostAliases }}
Expand Down
8 changes: 5 additions & 3 deletions mailu/templates/webmail/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,11 @@ spec:
{{- if .Values.webmail.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.webmail.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
annotations:
checksum/envvars-configmap.yaml: {{ include (print .Template.BasePath "/envvars-configmap.yaml") . | sha256sum }}
{{- if .Values.webmail.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.webmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.webmail.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.webmail.hostAliases }}
Expand Down
Loading