dano-nx opened a new issue, #58531: URL: https://github.com/apache/airflow/issues/58531
### Description ### Official Helm chart version 1.18.0 ### Apache Airflow version 3.0.6 ### k8s Git-Sync version 4.5.0 ### Kubernetes version 1.33.5 ### Kyverno version 1.16.0 ### Description I'm using the git-sync sidecar container for syncing my DAGs. (`dags.gitSync.enabled=true`) This ends up in sidecar containers in the pods for the Airflow triggerer and scheduler. Unfortunately, these containers have no health check. I have Kyverno and the policy [Validate Probes](https://kyverno.io/policies/other/ensure-probes-different/ensure-probes-different/) in place that makes the deployment of these pods now failing. The k8s git-sync image itself provides an option to enable an HTTP endpoint as health check. See option `--http-bin` in https://github.com/kubernetes/git-sync/blob/v4.5.0/README.md#manual I added the env variable `GITSYNC_HTTP_BIND` to the Helm values `dags.gitSync.env` but there is no way to provide health checks for the git-sync containers. They are missing in https://github.com/apache/airflow/blob/helm-chart/1.18.0/chart/templates/_helpers.yaml#L226-L347 ### Use case/motivation I want to configure health checks (liveness and readyness probes) to the git-sync sidecar containers when using the Airflow Helm chart. This is needed when you have strict Kubernetes policies (like when using Kyverno) that requires those probes for all containers. ### Related issues _No response_ ### Are you willing to submit a PR? - [x] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
