Closed ericwyles closed 1 month ago
Started a conversation here: https://community.sonarsource.com/t/helm-chart-probes-issue-with-hardened-container-images-no-wget/114377
No answer on the conversation so submitted a PR: https://github.com/SonarSource/helm-chart-sonarqube/pull/481
If that goes through we can override the probes like this in registry1-values.yaml which is equal behavior to what the repo1 chart does now:
livenessProbe:
exec: null
httpGet:
path: /
scheme: HTTP
port: 9000
readinessProbe:
exec: null
httpGet:
path: /api/system/status
scheme: HTTP
port: 9000
Added a new issue to track migration to the upstream chart now that my change is merged. https://github.com/defenseunicorns/uds-package-sonarqube/issues/82
Describe what should be investigated or refactored
This package is currently using the registry1 chart because the upstream chart depends on 'hostname' and 'wget' to be available in the images for liveness/readiness, but registry1 images do not include those tools.
We need to investigate making a PR to upstream sonarqube to allow us to do liveness/readiness without needing those tools so we can use upstream chart.
Links to any relevant code
https://github.com/SonarSource/helm-chart-sonarqube/blob/215917e05bef37fbb930e9201bcbb6649a49399e/charts/sonarqube/templates/deployment.yaml#L296
Additional context
When trying to use registry1 images with upstream chart, liveness probe failes with this message
Message: Liveness probe failed: sh: line 1: hostname: command not found