Commit 2fd91cff authored by Jarka Košanová's avatar Jarka Košanová

Merge branch '37127-switch-from-startupProbe-to-livenessProbe-in-waf' into 'master'

Switch from startupProbe to livenessProbe in Modsecurity

See merge request gitlab-org/gitlab!28942
parents 07a5a002 e8e53f28
......@@ -30,7 +30,6 @@ module Clusters
enum modsecurity_mode: { logging: 0, blocking: 1 }
FETCH_IP_ADDRESS_DELAY = 30.seconds
MODSEC_SIDECAR_INITIAL_DELAY_SECONDS = 10
state_machine :status do
after_transition any => [:installed] do |application|
......@@ -108,11 +107,13 @@ module Clusters
"readOnly" => true
}
],
"startupProbe" => {
"livenessProbe" => {
"exec" => {
"command" => ["ls", "/var/log/modsec"]
},
"initialDelaySeconds" => MODSEC_SIDECAR_INITIAL_DELAY_SECONDS
"command" => [
"ls",
"/var/log/modsec/audit.log"
]
}
}
}
],
......
......@@ -219,6 +219,12 @@ describe Clusters::Applications::Ingress do
expect(subject.values).to include('extraContainers')
end
it 'includes livenessProbe for modsecurity sidecar container' do
probe_config = YAML.safe_load(subject.values).dig('controller', 'extraContainers', 0, 'livenessProbe')
expect(probe_config).to eq('exec' => { 'command' => ['ls', '/var/log/modsec/audit.log'] })
end
end
context 'when modsecurity_enabled is disabled' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment