public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: improve security context comparison logic in compareContainers

This commit is contained in:
Benjamin Desrousseaux 2025-09-14 12:35:02 +02:00
parent dde68cfb34
commit 7568e5ca41
No known key found for this signature in database
GPG Key ID: 07241F570BDAB363
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/cluster/cluster.go
View File

@ -628,7 +628,8 @@ func (c *Cluster) compareContainers(description string, setA, setB []v1.Containe
newCheck("new %s's %s (index %d) environment sources do not match the current one",
func(a, b v1.Container) bool { return !reflect.DeepEqual(a.EnvFrom, b.EnvFrom) }),
newCheck("new %s's %s (index %d) security context does not match the current one",
func(a, b v1.Container) bool { return !reflect.DeepEqual(a.SecurityContext, b.SecurityContext) }),
//func(a, b v1.Container) bool { return !reflect.DeepEqual(a.SecurityContext, b.SecurityContext) }),
func(a, b v1.Container) bool { return !compareSecurityContexts(a.SecurityContext, b.SecurityContext) }),
newCheck("new %s's %s (index %d) volume mounts do not match the current one",
func(a, b v1.Container) bool { return !compareVolumeMounts(a.VolumeMounts, b.VolumeMounts) }),
}
@ -651,6 +652,14 @@ func (c *Cluster) compareContainers(description string, setA, setB []v1.Containe
return needsRollUpdate, reasons
}
func compareSecurityContexts(a *v1.SecurityContext, b *v1.SecurityContext) bool {
if b == nil || reflect.ValueOf(b.Capabilities).IsNil() {
return true
} else {
return reflect.DeepEqual(a, b)
}
}
func compareResources(a *v1.ResourceRequirements, b *v1.ResourceRequirements) bool {
equal := true
if a != nil {