BC-8876 - set os filed for POD Templates from Deployments, CronJobs a…

…nd Jobs (#1100)
hpi-schul-cloud · Jan 31, 2025 · 10469c0 · 10469c0
1 parent 704abf6
commit 10469c0
Show file tree

Hide file tree

Showing 26 changed files with 65 additions and 2 deletions.
diff --git a/ansible/roles/clamav/templates/deployment.yml.j2 b/ansible/roles/clamav/templates/deployment.yml.j2
@@ -36,6 +36,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: clamav
         image: {{ CLAMAV_IMAGE_NAME }}:{{ CLAMAV_IMAGE_TAG }}

diff --git a/ansible/roles/clammit/templates/deployment.yml.j2 b/ansible/roles/clammit/templates/deployment.yml.j2
@@ -34,6 +34,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: clammit
         image: {{ CLAMMIT_IMAGE_NAME }}:{{ CLAMMIT_IMAGE_TAG }}

diff --git a/ansible/roles/dof_etherpad/templates/deployment.yml.j2 b/ansible/roles/dof_etherpad/templates/deployment.yml.j2
@@ -49,6 +49,8 @@ spec:
         runAsGroup: 5001
         fsGroup: 5001
         runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: etherpad
         image: {{ ETHERPAD_IMAGE_NAME }}:{{ ETHERPAD_IMAGE_TAG }}

diff --git a/ansible/roles/dof_etherpad/templates/nginx-deployment.yml.j2 b/ansible/roles/dof_etherpad/templates/nginx-deployment.yml.j2
@@ -46,6 +46,8 @@ spec:
         #runAsGroup: 1000
         #fsGroup: 1000
         #runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: etherpad-nginx
         image: {{ ETHERPAD_NGINX_IMAGE_NAME }}:{{ ETHERPAD_NGINX_IMAGE_TAG }}

diff --git a/ansible/roles/dof_mailcatcher/templates/deployment.yml.j2 b/ansible/roles/dof_mailcatcher/templates/deployment.yml.j2
@@ -40,6 +40,8 @@ spec:
       securityContext:
         #readOnlyRootFilesystem: true
         #runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: mailcatcher
         image: {{ MAILCATCHER_IMAGE_NAME }}:{{ MAILCATCHER_IMAGE_TAG }}

diff --git a/ansible/roles/dof_mongo/templates/deployment.yml.j2 b/ansible/roles/dof_mongo/templates/deployment.yml.j2
@@ -46,6 +46,8 @@ spec:
         runAsGroup: 1000
         fsGroup: 1000
         runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: mongo
         image: {{ MONGO_IMAGE_NAME }}:{{ MONGO_IMAGE_TAG }}

diff --git a/ansible/roles/dof_postgresql/templates/deployment.yml.j2 b/ansible/roles/dof_postgresql/templates/deployment.yml.j2
@@ -36,6 +36,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: postgres
         image: {{ POSTGRES_IMAGE_NAME }}:{{ POSTGRES_IMAGE_TAG }}

diff --git a/ansible/roles/dof_postgresql_management/tasks/main.yml b/ansible/roles/dof_postgresql_management/tasks/main.yml
@@ -17,12 +17,25 @@
   tags:
     - configmap
 
+- name: Test if Job for database deletion exit
+  kubernetes.core.k8s_info:
+    kubeconfig: ~/.kube/config
+    namespace: "{{ NAMESPACE }}"
+    api_version: batch/v1
+    kind: Job
+    name: pg-deletion-job
+  register: pg_deletion_job_present
+  tags:
+      - job
+
 - name: Create suspended Job for database deletion
   kubernetes.core.k8s:
     kubeconfig: ~/.kube/config
     namespace: "{{ NAMESPACE }}"
     template: job-database-deletion.yml.j2
     apply: yes
-  when: WITH_BRANCH_POSTGRES_DB_MANAGEMENT
+  when: 
+  - WITH_BRANCH_POSTGRES_DB_MANAGEMENT
+  - pg_deletion_job_present.resources|length == 0
   tags:
-    - job
+    - job
diff --git a/ansible/roles/dof_postgresql_management/templates/job-database-deletion.yml.j2 b/ansible/roles/dof_postgresql_management/templates/job-database-deletion.yml.j2
@@ -23,6 +23,8 @@ spec:
             name: pg-configmap-deletion
             # 711 in decimal is 457
             defaultMode: 457
+      os:
+        name: linux
       containers:
         - name:  psql-config
           image: {{ POSTGRES_MANAGEMENT_JOB_IMAGE }}

diff --git a/ansible/roles/dof_rabbitmq/templates/rabbitmq.yaml.j2 b/ansible/roles/dof_rabbitmq/templates/rabbitmq.yaml.j2
@@ -22,6 +22,8 @@ spec:
       spec:
         template:
           spec:
+            os:
+              name: linux
             containers:
             - name: rabbitmq
               volumeMounts:

diff --git a/ansible/roles/dof_redis/templates/deployment.yml.j2 b/ansible/roles/dof_redis/templates/deployment.yml.j2
@@ -40,6 +40,8 @@ spec:
       securityContext:
         #readOnlyRootFilesystem: true
         #runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: redis
         image: {{ REDIS_IMAGE_NAME }}:{{ REDIS_IMAGE_TAG }}

diff --git a/ansible/roles/erwin-idm/templates/deployment.yml.j2 b/ansible/roles/erwin-idm/templates/deployment.yml.j2
@@ -49,6 +49,8 @@ spec:
         runAsGroup: 1000
         fsGroup: 1000
         runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: erwinidm
         image: {{ ERWINIDM_IMAGE_NAME }}:{{ ERWINIDM_IMAGE_TAG }}

diff --git a/ansible/roles/erwin-idm/templates/init_job.yml.j2 b/ansible/roles/erwin-idm/templates/init_job.yml.j2
@@ -10,6 +10,8 @@ spec:
       labels:
         app: erwinidm-init
     spec:
+      os:
+        name: linux
       containers:
       - name: erwinidm-init
         image: quay.io/schulcloudverbund/infra-tools:latest

diff --git a/ansible/roles/erwin-idm/templates/job-database-init.yml.j2 b/ansible/roles/erwin-idm/templates/job-database-init.yml.j2
@@ -29,6 +29,8 @@ spec:
             name: pg-erwinidm-configmap-init
             # 711 in decimal is 457
             defaultMode: 457
+      os:
+        name: linux
       containers:
         - name:  psql-erwinidm-config
           image: {{ POSTGRES_MANAGEMENT_JOB_IMAGE }}

diff --git a/ansible/roles/h5p-proxy/templates/api-h5p-proxy-deployment.yml.j2 b/ansible/roles/h5p-proxy/templates/api-h5p-proxy-deployment.yml.j2
@@ -40,6 +40,8 @@ spec:
         git.branch: {{ DOF_APP_DEPLOY_BRANCH_NAME }}
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: h5p-proxy-nginx
         image: {{ H5P_PROXY_IMAGE_NAME }}:{{ H5P_PROXY_IMAGE_TAG }}

diff --git a/ansible/roles/hydra/templates/deployment.yml.j2 b/ansible/roles/hydra/templates/deployment.yml.j2
@@ -39,6 +39,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: hydra
         image: {{ HYDRA_IMAGE_NAME }}:{{ HYDRA_IMAGE_TAG }}

diff --git a/ansible/roles/hydra/templates/job-database-init.yml.j2 b/ansible/roles/hydra/templates/job-database-init.yml.j2
@@ -29,6 +29,8 @@ spec:
             name: pg-hydra-configmap-init
             # 711 in decimal is 457
             defaultMode: 457
+      os:
+        name: linux
       containers:
         - name:  psql-hydra-config
           image: {{ POSTGRES_MANAGEMENT_JOB_IMAGE }}

diff --git a/ansible/roles/hydra/templates/job.yml.j2 b/ansible/roles/hydra/templates/job.yml.j2
@@ -11,6 +11,8 @@ spec:
       labels:
         app: hydra-migrate-db-job
     spec:
+      os:
+        name: linux
       containers:
       - name: hydra-migrate
         image: {{ HYDRA_IMAGE_NAME }}:{{ HYDRA_IMAGE_TAG }}

diff --git a/ansible/roles/ingress/templates/default-backend-404-deployment.yml.j2 b/ansible/roles/ingress/templates/default-backend-404-deployment.yml.j2
@@ -34,6 +34,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: default-backend-404
         image: nginx:1.27-alpine

diff --git a/ansible/roles/libreoffice/templates/deployment.yml.j2 b/ansible/roles/libreoffice/templates/deployment.yml.j2
@@ -41,6 +41,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: libreoffice
         image: {{ LIBREOFFICE_IMAGE_NAME }}:{{ LIBREOFFICE_IMAGE_TAG }}

diff --git a/ansible/roles/maildrop/templates/deployment.yml.j2 b/ansible/roles/maildrop/templates/deployment.yml.j2
@@ -37,6 +37,8 @@ spec:
         app.kubernetes.io/managed-by: ansible
         git.repo: {{ DOF_APP_DEPLOY_REPO_NAME }}
     spec:
+      os:
+        name: linux
       containers:
       - name: maildrop
         image: {{ MAILDROP_IMAGE_NAME }}:{{ MAILDROP_IMAGE_TAG }}

diff --git a/ansible/roles/oidcmock/templates/deployment.yml.j2 b/ansible/roles/oidcmock/templates/deployment.yml.j2
@@ -39,6 +39,8 @@ spec:
       annotations:
         configmapHash: ""
     spec:
+      os:
+        name: linux
       initContainers:
       - name: oidcmock-initcontainers
         image: quay.io/schulcloudverbund/infra-tools:latest

diff --git a/ansible/roles/pre_deployment/templates/job.yml.j2 b/ansible/roles/pre_deployment/templates/job.yml.j2
@@ -5,6 +5,8 @@ metadata:
 spec:
   template:
     spec:
+      os:
+        name: linux
       containers:
       - name: deployment-metrics-marker
         image: quay.io/schulcloudverbund/infra-tools:latest

diff --git a/ansible/roles/rocketchat/templates/deployment.yml.j2 b/ansible/roles/rocketchat/templates/deployment.yml.j2
@@ -39,6 +39,8 @@ spec:
         runAsGroup: 99999
         fsGroup: 99999
         runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: rocketchat
         image: {{ ROCKETCHAT_IMAGE_NAME }}:{{ ROCKETCHAT_IMAGE_TAG }}

diff --git a/ansible/roles/rocketchat/templates/fixup-job.yml.j2 b/ansible/roles/rocketchat/templates/fixup-job.yml.j2
@@ -19,6 +19,8 @@ spec:
       activeDeadlineSeconds: 300
       template:
         spec:
+          os:
+            name: linux
           containers:
           - name: fixup-rocketchat-job
             image: quay.io/schulcloudverbund/infra-tools:latest

diff --git a/ansible/roles/storage/templates/deployment.yml.j2 b/ansible/roles/storage/templates/deployment.yml.j2
@@ -44,6 +44,8 @@ spec:
         runAsGroup: 1000
         fsGroup: 1000
         runAsNonRoot: true
+      os:
+        name: linux
       containers:
       - name: storage
         image: {{ STORAGE_IMAGE_NAME }}