[I] adding automountServiceAccountToken [solr-operator]

Wed, 24 Apr 2024 07:36:08 -0700 


jojay opened a new issue, #701:
URL: https://github.com/apache/solr-operator/issues/701

   Hi, is there an option to set in kind: SolrCloud somehow
   `automountServiceAccountToken = false` ? 
   This will solve a security recommendation in AKS.
   So in STS (below the SolrCloud installed with solr-operator 8.0.0 but 
enriched post install with mentioned attribute. The same I would like to 
accomplish for zookeeper too. I would like to avoid some post processing with 
kustomize or forking the helm charts by myself) 
   you would finally have:
   Excerpt:
   ```
   apiVersion: apps/v1
   kind: StatefulSet
   metadata:
     annotations:
       solr.apache.org/zkConnectionString: 
test-platformdev-solrcloud-zookeeper-0.test-platformdev-solrcloud-zookeeper-headless.test-platformdev.svc.cluster.local:2181,test-platformdev-solrcloud-zookeeper-1.test-platformdev-solrcloud-zookeeper-headless.test-platformdev.svc.cluster.local:2181,test-platformdev-solrcloud-zookeeper-2.test-platformdev-solrcloud-zookeeper-headless.test-platformdev.svc.cluster.local:2181/test-platformdev
     creationTimestamp: "2024-04-12T12:36:20Z"
     generation: 3
     labels:
       solr-cloud: test-platformdev
       technology: solr-cloud
     name: test-platformdev-solrcloud
     namespace: test-platformdev
     ownerReferences:
     - apiVersion: solr.apache.org/v1beta1
       blockOwnerDeletion: true
       controller: true
       kind: SolrCloud
       name: test-platformdev
       uid: 9ef08181-2d5e-401a-904d-6c6cd8f6e87b
     resourceVersion: "666711970"
     uid: 8f9393c1-0692-40dd-816a-8292ce2e63db
   spec:
     persistentVolumeClaimRetentionPolicy:
       whenDeleted: Retain
       whenScaled: Retain
     podManagementPolicy: Parallel
     replicas: 2
     revisionHistoryLimit: 10
     selector:
       matchLabels:
         solr-cloud: test-platformdev
         technology: solr-cloud
     serviceName: test-platformdev-solrcloud-headless
     template:
       metadata:
         annotations:
           solr.apache.org/solrXmlMd5: 843652bc6b529b66f46bcdae6764ab4e
         creationTimestamp: null
         labels:
           solr-cloud: test-platformdev
           technology: solr-cloud
       spec:
         affinity:
           nodeAffinity:
             requiredDuringSchedulingIgnoredDuringExecution:
               nodeSelectorTerms:
               - matchExpressions:
                 - key: agentpool
                   operator: In
                   values:
                   - agentpool
         **automountServiceAccountToken: false**
         containers:
         - env:
           - name: SOLR_JAVA_MEM
      ```
   
   Thank you very much in advance!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to