feat(container)!: Update image redis ( 24.0.8 ➔ 27.0.13 )#334
Open
parsec-renovate[bot] wants to merge 1 commit into
Open
feat(container)!: Update image redis ( 24.0.8 ➔ 27.0.13 )#334parsec-renovate[bot] wants to merge 1 commit into
parsec-renovate[bot] wants to merge 1 commit into
Conversation
--- kubernetes/apps/database/redis/app Kustomization: flux-system/redis HelmRelease: database/redis
+++ kubernetes/apps/database/redis/app Kustomization: flux-system/redis HelmRelease: database/redis
@@ -13,13 +13,13 @@
spec:
chart: redis
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 24.0.8
+ version: 27.0.13
install:
remediation:
retries: 3
interval: 30m
timeout: 15m
uninstall: |
--- HelmRelease: database/redis ConfigMap: database/redis-configuration
+++ HelmRelease: database/redis ConfigMap: database/redis-configuration
@@ -28,13 +28,12 @@
replica.conf: |-
dir /data
# User-supplied replica configuration:
rename-command FLUSHDB ""
rename-command FLUSHALL ""
# End of replica configuration
- users.acl: ''
sentinel.conf: |-
dir "/tmp"
port 26379
sentinel monitor redis-master redis-node-0.redis-headless.database.svc.cluster.local 6379 2
sentinel down-after-milliseconds redis-master 60000
sentinel failover-timeout redis-master 180000
--- HelmRelease: database/redis ConfigMap: database/redis-health
+++ HelmRelease: database/redis ConfigMap: database/redis-health
@@ -9,21 +9,21 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
data:
ping_readiness_local.sh: |-
#!/bin/bash
+ timeout=$1
+ run_redis_command() {
+ local args=("-p" "$REDIS_PORT")
+ timeout -s 15 $timeout redis-cli "${args[@]}" "$@"
+ }
+
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
- response=$(
- timeout -s 15 $1 \
- redis-cli \
- -h localhost \
- -p $REDIS_PORT \
- ping
- )
+ response=$(run_redis_command ping)
if [ "$?" -eq "124" ]; then
echo "Timed out"
exit 1
fi
if [ "$response" != "PONG" ]; then
echo "$response"
@@ -79,60 +79,7 @@
PORT=$1;
FOUND_PORT=0;
} else if (FOUND_RUNID==1) {
printf "\nsentinel known-sentinel redis-master %s %s %s", IP, PORT, $0; FOUND_RUNID=0;
}
}
- ping_readiness_master.sh: |-
- #!/bin/bash
- [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
- [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
- response=$(
- timeout -s 15 $1 \
- redis-cli \
- -h $REDIS_MASTER_HOST \
- -p $REDIS_MASTER_PORT_NUMBER \
- ping
- )
- if [ "$?" -eq "124" ]; then
- echo "Timed out"
- exit 1
- fi
- if [ "$response" != "PONG" ]; then
- echo "$response"
- exit 1
- fi
- ping_liveness_master.sh: |-
- #!/bin/bash
-
- [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
- [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
- response=$(
- timeout -s 15 $1 \
- redis-cli \
- -h $REDIS_MASTER_HOST \
- -p $REDIS_MASTER_PORT_NUMBER \
- ping
- )
- if [ "$?" -eq "124" ]; then
- echo "Timed out"
- exit 1
- fi
- responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}')
- if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then
- echo "$response"
- exit 1
- fi
- ping_readiness_local_and_master.sh: |-
- script_dir="$(dirname "$0")"
- exit_status=0
- "$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
- "$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
- exit $exit_status
- ping_liveness_local_and_master.sh: |-
- script_dir="$(dirname "$0")"
- exit_status=0
- "$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
- "$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
- exit $exit_status
-
--- HelmRelease: database/redis ConfigMap: database/redis-scripts
+++ HelmRelease: database/redis ConfigMap: database/redis-scripts
@@ -37,24 +37,14 @@
fi
}
get_full_hostname() {
hostname="$1"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
- echo "${full_hostname}"
- }
-
- REDISPORT=$(get_port "$HOSTNAME" "REDIS")
-
- if [ -n "$REDIS_EXTERNAL_MASTER_HOST" ]; then
- REDIS_SERVICE="$REDIS_EXTERNAL_MASTER_HOST"
- else
- REDIS_SERVICE="redis.database.svc.cluster.local"
- fi
-
- SENTINEL_SERVICE_PORT=$(get_port "redis" "SENTINEL")
+ echo "$full_hostname"
+ }
redis_cli_command() {
local timeout="${1:-0}"
local args=("-h" "$REDIS_SERVICE" "-p" "$SENTINEL_SERVICE_PORT")
local command="redis-cli"
@@ -83,12 +73,19 @@
get_sentinel_master_info() {
sentinel_info_command="$(redis_cli_command 10) sentinel get-master-addr-by-name redis-master"
info "about to run the command: $sentinel_info_command"
retry_while "eval $sentinel_info_command" 2 5
}
+
+ REDISPORT=$(get_port "$HOSTNAME" "REDIS")
+ REDIS_SERVICE="redis.database.svc.cluster.local"
+ if [ -n "$REDIS_EXTERNAL_MASTER_HOST" ]; then
+ REDIS_SERVICE="$REDIS_EXTERNAL_MASTER_HOST"
+ fi
+ SENTINEL_SERVICE_PORT=$(get_port "redis" "SENTINEL")
HEADLESS_SERVICE="redis-headless.database.svc.cluster.local"
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
# check if there is a master
@@ -320,13 +317,12 @@
#!/bin/bash
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libos.sh
HEADLESS_SERVICE="redis-headless.database.svc.cluster.local"
-
get_full_hostname() {
hostname="$1"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
echo "${full_hostname}"
}
@@ -354,13 +350,13 @@
if ! sentinel_failover_finished; then
echo "I am the master pod and you are stopping me. Starting sentinel failover"
if retry_while "sentinel_failover_finished" "20" 1; then
- echo "Master has been successfuly failed over to a different pod."
+ echo "Master has been successfully failed over to a different pod."
exit 0
else
echo "Master failover failed"
exit 1
fi
else
@@ -368,12 +364,13 @@
fi
prestop-redis.sh: |
#!/bin/bash
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libos.sh
+ HEADLESS_SERVICE="redis-headless.database.svc.cluster.local"
run_redis_command() {
local args=("-h" "127.0.0.1")
if is_boolean_yes "$REDIS_TLS_ENABLED"; then
args+=("-p" "$REDIS_TLS_PORT" "--tls" "--cert" "$REDIS_TLS_CERT_FILE" "--key" "$REDIS_TLS_KEY_FILE")
[ -n "$REDIS_TLS_CA_FILE" ] && args+=("--cacert" "$REDIS_TLS_CA_FILE")
@@ -384,14 +381,12 @@
}
is_master() {
REDIS_ROLE=$(run_redis_command role | head -1)
echo "REDIS_ROLE: $REDIS_ROLE"
[[ "$REDIS_ROLE" == "master" ]]
}
- HEADLESS_SERVICE="redis-headless.database.svc.cluster.local"
-
get_full_hostname() {
hostname="$1"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
echo "${full_hostname}"
}
@@ -419,13 +414,12 @@
}
# redis-cli automatically consumes credentials from the REDISCLI_AUTH variable
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
[[ -f "$REDIS_PASSWORD_FILE" ]] && export REDISCLI_AUTH="$(< "${REDIS_PASSWORD_FILE}")"
-
if is_master && ! sentinel_failover_finished; then
echo "I am the master pod and you are stopping me. Pausing client connections."
# Pausing client write connections to avoid data loss
run_redis_command CLIENT PAUSE "22000" WRITE
echo "Issuing failover"
--- HelmRelease: database/redis StatefulSet: database/redis-node
+++ HelmRelease: database/redis StatefulSet: database/redis-node
@@ -25,16 +25,15 @@
labels:
app.kubernetes.io/instance: redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: node
annotations:
- checksum/configmap: 6ad039f2cafa77bc43c6906b3e078fceb424cd230fc183695a6048c1dec8d633
- checksum/health: 07a9e9f1ff08347b0d2cd65e962feb94d6390f5b64a77ed1346867af2559df4a
- checksum/scripts: 8ce5a08c98f049bb842dfb41b910f2d8bd9524cf6fdf3149f7068acb723173a8
- checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
+ checksum/configmap: 3d9806445d424fc508fdb86d8e1abb34d98e35e3062ac6678b56d0006feb3ff8
+ checksum/health: 6a3889b5cbf021e322d618543391c1ef0cccf0c6828842a913e11fe6a2fec715
+ checksum/scripts: 1e5e7c03a8ef0d558b93e6474204867739f72f24efc924a22f2a6c0554af11f4
prometheus.io/port: '9121'
prometheus.io/scrape: 'true'
spec:
automountServiceAccountToken: false
securityContext:
fsGroup: 1001
@@ -296,13 +295,13 @@
value: redis
- name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS
value: :9121
- name: OPENSSL_FIPS
value: 'yes'
- name: GODEBUG
- value: fips140=only
+ value: fips140=only,tlsmlkem=0
ports:
- name: metrics
containerPort: 9121
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 10 |
a8ed3a5 to
62e7ace
Compare
790b4d7 to
9c10aa9
Compare
0649d9b to
75ab0e7
Compare
e0dcdda to
532aca3
Compare
27e778b to
010f196
Compare
dbfc568 to
de01721
Compare
de01721 to
2c3cd58
Compare
6b0b4d9 to
5f8fce5
Compare
4e5695b to
ac3f3aa
Compare
ac3f3aa to
47a6811
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
24.0.8→27.0.13Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Configuration
📅 Schedule: (in timezone America/New_York)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.