- Added support for configuring read only replicas via values.yaml
- Added support for read only replica environment variables in
deployment.yaml and cron-vulnprocessing.yaml
Closes#29710
- Added label `component: fleet-server` to deployment.yaml under labels
and matchLabels
- Added label `component: fleet-server` to service.yaml under selector
- Resolves#28776
- Includes example in values.yaml
- Added to deployment, migration, and cronjob for vulnprocessing
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Manual QA for all new/changed functionality
---------
Co-authored-by: Robert Fairburn <8029478+rfairburn@users.noreply.github.com>
The existing helm chart is designed to run vulnerability processing on
every container, which requires 4Gi/container.
However, the default for the helm chart is for each container to have a
maximum of 1Gi.
This change switches the default so that vulnerability processing is
disabled in the deployment, and moves vulnerability processing to a
dedicated cronjob that runs 1/day at 1am. (I didn't make that
configurable...)
A few items I think are important to call out:
1. I have commented out alot of environment variables in the cronjob
that existed in the migration and deployment because I don't think
they're required, but I wanted one of you to review and actually say
that they're not necessary.
2. I did not include anything related to osquery or exposing the server
to clients in this since it's not meant to handle clients, just
vulnerability processing.
3. I believe I did everything to make sure cloudSQL will work, but it
should be tested.
# Checklist for submitter
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Added/updated automated tests
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- created new template fleet.servicename
- reference in all locations that contain service name
Resolves#20830.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
