Skip to content

Commit f316695

Browse files
hughcapethughcapet
committed
Enable postgresql owning-application annotation check in prod
1 parent 842bad4 commit f316695

File tree

3 files changed

+4
-1
lines changed

3 files changed

+4
-1
lines changed

cluster/config-defaults.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -605,6 +605,7 @@ teapot_admission_controller_validate_pod_template_resources: "true"
605605
teapot_admission_controller_preemption_enabled: "true"
606606
teapot_admission_controller_postgresql_delete_protection_enabled: "true"
607607
teapot_admission_controller_namespace_delete_protection_enabled: "true"
608+
teapot_admission_controller_postgresql_owning_application_check_enabled: "true"
608609
{{else if eq .Cluster.Environment "e2e"}}
609610
teapot_admission_controller_validate_application_label: "false"
610611
teapot_admission_controller_validate_base_images: "false"
@@ -627,6 +628,7 @@ teapot_admission_controller_validate_pod_template_resources: "true"
627628
teapot_admission_controller_preemption_enabled: "false"
628629
teapot_admission_controller_postgresql_delete_protection_enabled: "false"
629630
teapot_admission_controller_namespace_delete_protection_enabled: "false"
631+
teapot_admission_controller_postgresql_owning_application_check_enabled: "false"
630632
{{end}}
631633

632634
# Enable automatic replacement of vanity images with ECR images

cluster/manifests/01-admission-control/config.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -173,6 +173,7 @@ data:
173173
priorityclass.preemption.enable: "{{ .Cluster.ConfigItems.teapot_admission_controller_preemption_enabled }}"
174174

175175
postgresql.delete-protection.enable: "{{ .Cluster.ConfigItems.teapot_admission_controller_postgresql_delete_protection_enabled }}"
176+
postgresql.owning-application-check.enable: "{{ .Cluster.ConfigItems.teapot_admission_controller_postgresql_owning_application_check_enabled }}"
176177

177178
namespace.delete-protection.enable: "{{ .Cluster.ConfigItems.teapot_admission_controller_namespace_delete_protection_enabled }}"
178179

cluster/manifests/01-admission-control/teapot.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ webhooks:
222222
sideEffects: "NoneOnDryRun"
223223
matchPolicy: Equivalent
224224
rules:
225-
- operations: [ "CREATE", "DELETE" ]
225+
- operations: [ "CREATE", "DELETE", "UPDATE" ]
226226
apiGroups: ["acid.zalan.do"]
227227
apiVersions: ["v1"]
228228
resources: ["postgresqls"]

0 commit comments

Comments
 (0)