tls_secret_name: Optional[str]
mysql_uri: Optional[str]
image_pull_policy: str
+ security_context: bool
@validator("site_url")
def validate_site_url(cls, v):
self._check_missing_dependencies(config)
data_source = (
- config.mysql_uri.replace("mysql://", "").split("/")[0]
+ f'{config.mysql_uri.replace("mysql://", "").replace("@", "@(").split("/")[0]})/'
if config.mysql_uri
- else f"root:{self.mysql_client.root_password}@{self.mysql_client.host}:{self.mysql_client.port}"
+ else f"root:{self.mysql_client.root_password}@({self.mysql_client.host}:{self.mysql_client.port})/"
)
# Create Builder for the PodSpec
- pod_spec_builder = PodSpecV3Builder()
+ pod_spec_builder = PodSpecV3Builder(
+ enable_security_context=config.security_context
+ )
# Add secrets to the pod
mysql_secret_name = f"{self.app.name}-mysql-secret"
# Build container
container_builder = ContainerV3Builder(
- self.app.name, image_info, config.image_pull_policy
+ self.app.name,
+ image_info,
+ config.image_pull_policy,
+ run_as_non_root=config.security_context,
)
container_builder.add_port(name=self.app.name, port=PORT)
container_builder.add_http_readiness_probe(