diff --git a/stable/linkace/2.0.15/CHANGELOG.md b/stable/linkace/2.0.16/CHANGELOG.md
similarity index 90%
rename from stable/linkace/2.0.15/CHANGELOG.md
rename to stable/linkace/2.0.16/CHANGELOG.md
index 71a9bf9533..637195a156 100644
--- a/stable/linkace/2.0.15/CHANGELOG.md
+++ b/stable/linkace/2.0.16/CHANGELOG.md
@@ -1,6 +1,15 @@
# Changelog
+
+### [linkace-2.0.16](https://github.com/truecharts/apps/compare/linkace-2.0.15...linkace-2.0.16) (2022-04-09)
+
+#### Fix
+
+* Remove init containers, upstream made some changes to simplify ([#2462](https://github.com/truecharts/apps/issues/2462))
+
+
+
### [linkace-2.0.15](https://github.com/truecharts/apps/compare/linkace-2.0.14...linkace-2.0.15) (2022-04-09)
@@ -88,12 +97,3 @@
### [linkace-2.0.2](https://github.com/truecharts/apps/compare/linkace-2.0.1...linkace-2.0.2) (2022-03-07)
#### Chore
-
-* update helm general non-major helm releases ([#2111](https://github.com/truecharts/apps/issues/2111))
-
-
-
-
-### [linkace-2.0.1](https://github.com/truecharts/apps/compare/linkace-2.0.0...linkace-2.0.1) (2022-03-06)
-
-#### Chore
diff --git a/stable/linkace/2.0.15/CONFIG.md b/stable/linkace/2.0.16/CONFIG.md
similarity index 100%
rename from stable/linkace/2.0.15/CONFIG.md
rename to stable/linkace/2.0.16/CONFIG.md
diff --git a/stable/linkace/2.0.15/Chart.lock b/stable/linkace/2.0.16/Chart.lock
similarity index 88%
rename from stable/linkace/2.0.15/Chart.lock
rename to stable/linkace/2.0.16/Chart.lock
index 383625ed26..3bb427f903 100644
--- a/stable/linkace/2.0.15/Chart.lock
+++ b/stable/linkace/2.0.16/Chart.lock
@@ -9,4 +9,4 @@ dependencies:
repository: https://charts.truecharts.org
version: 2.0.31
digest: sha256:b94e2f4b55ceb9709eea195fa8c85e2844c8aa537b41526f7de847ccefe27428
-generated: "2022-04-09T08:37:39.630385891Z"
+generated: "2022-04-09T10:26:28.643384252Z"
diff --git a/stable/linkace/2.0.15/Chart.yaml b/stable/linkace/2.0.16/Chart.yaml
similarity index 98%
rename from stable/linkace/2.0.15/Chart.yaml
rename to stable/linkace/2.0.16/Chart.yaml
index 34dd0e32f4..a67ca0cf2d 100644
--- a/stable/linkace/2.0.15/Chart.yaml
+++ b/stable/linkace/2.0.16/Chart.yaml
@@ -27,7 +27,7 @@ sources:
- https://www.linkace.org/docs/
- https://github.com/linkace/linkace
- https://hub.docker.com/r/linkace/linkace
-version: 2.0.15
+version: 2.0.16
annotations:
truecharts.org/catagories: |
- media
diff --git a/stable/linkace/2.0.15/README.md b/stable/linkace/2.0.16/README.md
similarity index 100%
rename from stable/linkace/2.0.15/README.md
rename to stable/linkace/2.0.16/README.md
diff --git a/stable/linkace/2.0.15/app-readme.md b/stable/linkace/2.0.16/app-readme.md
similarity index 100%
rename from stable/linkace/2.0.15/app-readme.md
rename to stable/linkace/2.0.16/app-readme.md
diff --git a/stable/linkace/2.0.15/charts/common-9.2.7.tgz b/stable/linkace/2.0.16/charts/common-9.2.7.tgz
similarity index 100%
rename from stable/linkace/2.0.15/charts/common-9.2.7.tgz
rename to stable/linkace/2.0.16/charts/common-9.2.7.tgz
diff --git a/stable/linkace/2.0.15/charts/mariadb-2.0.32.tgz b/stable/linkace/2.0.16/charts/mariadb-2.0.32.tgz
similarity index 100%
rename from stable/linkace/2.0.15/charts/mariadb-2.0.32.tgz
rename to stable/linkace/2.0.16/charts/mariadb-2.0.32.tgz
diff --git a/stable/linkace/2.0.15/charts/redis-2.0.31.tgz b/stable/linkace/2.0.16/charts/redis-2.0.31.tgz
similarity index 100%
rename from stable/linkace/2.0.15/charts/redis-2.0.31.tgz
rename to stable/linkace/2.0.16/charts/redis-2.0.31.tgz
diff --git a/stable/linkace/2.0.15/helm-values.md b/stable/linkace/2.0.16/helm-values.md
similarity index 100%
rename from stable/linkace/2.0.15/helm-values.md
rename to stable/linkace/2.0.16/helm-values.md
diff --git a/stable/linkace/2.0.15/ix_values.yaml b/stable/linkace/2.0.16/ix_values.yaml
similarity index 53%
rename from stable/linkace/2.0.15/ix_values.yaml
rename to stable/linkace/2.0.16/ix_values.yaml
index 9e5860cd86..e67a5edf58 100644
--- a/stable/linkace/2.0.15/ix_values.yaml
+++ b/stable/linkace/2.0.16/ix_values.yaml
@@ -53,56 +53,6 @@ envValueFrom:
name: linkace-secrets
key: APP_KEY
-initContainers:
-# Copy app to a temp folder as we gonna need it, so we can create the ".env" file in there.
- 1-copy-app:
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- volumeMounts:
- - name: app
- mountPath: "/tmp"
- command: ["/bin/sh", "-c"]
- args:
- - >
- echo "Copying app...";
- cp -R /app/* /tmp/;
-# App checks ".env" for "SETUP_COMPELTED" status, to determine if it needs to run initial setup or not.
-# We create this file and set it to false if it doesn't exists.
-# If it exists, we let the app decide it's value (true|false) and how to proceed.
- 2-create-env-file:
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- volumeMounts:
- - name: app
- mountPath: "/app"
- command: ["/bin/sh", "-c"]
- args:
- - >
- if [ ! -f "/app/.env" ];
- then
- echo "Preparing for initial installation";
- echo "SETUP_COMPLETED=false" > /app/.env;
- echo "File .env created.";
- else
- echo "Initial installation has already completed.";
- fi;
-# App does not like 775 perms on dirs.. So we have to set 777
- 3-chmod:
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- volumeMounts:
- - name: app
- mountPath: "/app"
- - name: logs
- mountPath: "/app/storage/logs"
- - name: backups
- mountPath: "/app/storage/app/backups"
- command: ["/bin/sh", "-c"]
- args:
- - >
- echo "CHMOD-ing files...";
- chmod -R 777 /app;
- chmod -R 777 /app/storage/logs;
- chmod -R 777 /app/storage/app/backups;
- echo "CHMOD Complete";
-
# Set cron every 15 min, official docs says every minute, but seems excesive.
# It just checks for dead links and sends a request to WayBack Machine to archive.
cronjob:
diff --git a/stable/linkace/2.0.15/questions.yaml b/stable/linkace/2.0.16/questions.yaml
similarity index 100%
rename from stable/linkace/2.0.15/questions.yaml
rename to stable/linkace/2.0.16/questions.yaml
diff --git a/stable/linkace/2.0.15/security.md b/stable/linkace/2.0.16/security.md
similarity index 97%
rename from stable/linkace/2.0.15/security.md
rename to stable/linkace/2.0.16/security.md
index a5e0f8e76a..6053bf8685 100644
--- a/stable/linkace/2.0.15/security.md
+++ b/stable/linkace/2.0.16/security.md
@@ -67,57 +67,27 @@ hide:
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
-| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.allowPrivilegeEscalation' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
|
-| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.allowPrivilegeEscalation' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
|
-| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.allowPrivilegeEscalation' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.allowPrivilegeEscalation' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | Expand...
A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node.
Container 'mariadb-init' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.allowPrivilegeEscalation' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv001
|
-| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should add 'ALL' to 'securityContext.capabilities.drop' | Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
|
-| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should add 'ALL' to 'securityContext.capabilities.drop' | Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
|
-| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should add 'ALL' to 'securityContext.capabilities.drop' | Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
|
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container 'RELEASE-NAME-linkace' of Deployment 'RELEASE-NAME-linkace' should add 'ALL' to 'securityContext.capabilities.drop' | Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
|
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | Expand...
The container should drop all default capabilities and add only those that are needed for its execution.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should add 'ALL' to 'securityContext.capabilities.drop' | Expand...
https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
|
-| Kubernetes Security Check | KSV011 | CPU not limited | LOW | Expand...
Enforcing CPU limits prevents DoS via resource exhaustion.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
|
-| Kubernetes Security Check | KSV011 | CPU not limited | LOW | Expand...
Enforcing CPU limits prevents DoS via resource exhaustion.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
|
-| Kubernetes Security Check | KSV011 | CPU not limited | LOW | Expand...
Enforcing CPU limits prevents DoS via resource exhaustion.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
|
| Kubernetes Security Check | KSV011 | CPU not limited | LOW | Expand...
Enforcing CPU limits prevents DoS via resource exhaustion.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv011
|
-| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
-| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
-| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'RELEASE-NAME-linkace' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'autopermissions' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | Expand...
'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.
Container 'mariadb-init' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsNonRoot' to true | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
|
-| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
-| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
-| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'RELEASE-NAME-linkace' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'autopermissions' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | Expand...
An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.
Container 'mariadb-init' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.readOnlyRootFilesystem' to true | Expand...
https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
|
-| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | Expand...
When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
|
-| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | Expand...
When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
|
-| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | Expand...
When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
|
| Kubernetes Security Check | KSV015 | CPU requests not specified | LOW | Expand...
When containers have resource requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.cpu' | Expand...
https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-resource-requests-and-limits
https://avd.aquasec.com/appshield/ksv015
|
-| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | Expand...
When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
|
-| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | Expand...
When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
|
-| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | Expand...
When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
|
| Kubernetes Security Check | KSV016 | Memory requests not specified | LOW | Expand...
When containers have memory requests specified, the scheduler can make better decisions about which nodes to place pods on, and how to deal with resource contention.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'resources.requests.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv016
|
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | Expand...
Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.privileged' to false | Expand...
https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
https://avd.aquasec.com/appshield/ksv017
|
-| Kubernetes Security Check | KSV018 | Memory not limited | LOW | Expand...
Enforcing memory limits prevents DoS via resource exhaustion.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
|
-| Kubernetes Security Check | KSV018 | Memory not limited | LOW | Expand...
Enforcing memory limits prevents DoS via resource exhaustion.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
|
-| Kubernetes Security Check | KSV018 | Memory not limited | LOW | Expand...
Enforcing memory limits prevents DoS via resource exhaustion.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
|
| Kubernetes Security Check | KSV018 | Memory not limited | LOW | Expand...
Enforcing memory limits prevents DoS via resource exhaustion.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'resources.limits.memory' | Expand...
https://kubesec.io/basics/containers-resources-limits-memory/
https://avd.aquasec.com/appshield/ksv018
|
-| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
-| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
-| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'RELEASE-NAME-linkace' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'autopermissions' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
| Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM | Expand...
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Container 'mariadb-init' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsUser' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
|
-| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container '1-copy-app' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
-| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container '2-create-env-file' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
-| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container '3-chmod' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'RELEASE-NAME-linkace' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'autopermissions' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
| Kubernetes Security Check | KSV021 | Runs with low group ID | MEDIUM | Expand...
Force the container to run with group ID > 10000 to avoid conflicts with the host’s user table.
Container 'hostpatch' of Deployment 'RELEASE-NAME-linkace' should set 'securityContext.runAsGroup' > 10000 | Expand...
https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
|
@@ -132,9 +102,6 @@ hide:
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/mariadb:v10.7.3@sha256:c96257d3c83779482ffd039f5c586f605724ba52904b546b7ad6954032e09294
- 'tccr.io/truecharts/linkace:v1.10.0@sha256:d5d913a785f883eb4835e7eefc12aa2fae8722c175490c75822612ea4545ab91'
- 'tccr.io/truecharts/linkace:v1.10.0@sha256:d5d913a785f883eb4835e7eefc12aa2fae8722c175490c75822612ea4545ab91'
- 'tccr.io/truecharts/linkace:v1.10.0@sha256:d5d913a785f883eb4835e7eefc12aa2fae8722c175490c75822612ea4545ab91'
tccr.io/truecharts/linkace:v1.10.0@sha256:d5d913a785f883eb4835e7eefc12aa2fae8722c175490c75822612ea4545ab91
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
tccr.io/truecharts/alpine:v3.15.2@sha256:29ed3480a0ee43f7af681fed5d4fc215516abf1c41eade6938b26d8c9c2c7583
@@ -360,12 +327,6 @@ hide:
-
-
-
-
-
-
#### Container: tccr.io/truecharts/linkace:v1.10.0@sha256:d5d913a785f883eb4835e7eefc12aa2fae8722c175490c75822612ea4545ab91 (alpine 3.15.0)
diff --git a/stable/linkace/2.0.15/templates/_cronjob.tpl b/stable/linkace/2.0.16/templates/_cronjob.tpl
similarity index 100%
rename from stable/linkace/2.0.15/templates/_cronjob.tpl
rename to stable/linkace/2.0.16/templates/_cronjob.tpl
diff --git a/stable/linkace/2.0.15/templates/_secrets.tpl b/stable/linkace/2.0.16/templates/_secrets.tpl
similarity index 100%
rename from stable/linkace/2.0.15/templates/_secrets.tpl
rename to stable/linkace/2.0.16/templates/_secrets.tpl
diff --git a/stable/linkace/2.0.15/templates/common.yaml b/stable/linkace/2.0.16/templates/common.yaml
similarity index 100%
rename from stable/linkace/2.0.15/templates/common.yaml
rename to stable/linkace/2.0.16/templates/common.yaml
diff --git a/stable/linkace/2.0.15/values.yaml b/stable/linkace/2.0.16/values.yaml
similarity index 100%
rename from stable/linkace/2.0.15/values.yaml
rename to stable/linkace/2.0.16/values.yaml