Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(container)!: Update image redis to v20 #282

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(container)!: Update image redis to v20 #282

wants to merge 1 commit into from
+6 −6

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 10, 2024
edited
Loading

This PR contains the following updates:

Package Update Change
redis (source) major 19.1.0 -> 20.6.3
redis (source) major 18.2.0 -> 20.6.3
redis (source) major 18.9.0 -> 20.6.3

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

bitnami/charts (redis)

v20.6.3

  • [bitnami/redis] fix: update JSON schema to allow string values for values passed to tpl (#​30526)

v20.6.2

v20.6.1

v20.6.0

v20.5.0

v20.4.1

v20.4.0

v20.3.0

v20.2.2

v20.2.1

v20.2.0

v20.1.7

v20.1.6

v20.1.5

v20.1.4

v20.1.3

v20.1.2

v20.1.1

v20.1.0

v20.0.5

v20.0.4

v20.0.3

v20.0.2

v20.0.1

v20.0.0

v19.6.4

v19.6.3

v19.6.2

v19.6.1

v19.6.0

v19.5.5

v19.5.4

v19.5.3

v19.5.2

v19.5.1

v19.5.0

v19.4.0

v19.3.4

v19.3.3

v19.3.2

v19.3.1

v19.3.0

v19.2.0

v19.1.5

v19.1.3

v19.1.2

v19.1.1

Configuration

📅 Schedule: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 10, 2024
edited
Loading 

--- kubernetes/apps/business/comabase/redis Kustomization: flux-system/cluster-apps-business-comabase-redis HelmRelease: comabase/comabase-redis

+++ kubernetes/apps/business/comabase/redis Kustomization: flux-system/cluster-apps-business-comabase-redis HelmRelease: comabase/comabase-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 18.2.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/omnivore/app Kustomization: flux-system/cluster-apps-business-omnivore-app HelmRelease: business/omnivore-app-redis

+++ kubernetes/apps/business/omnivore/app Kustomization: flux-system/cluster-apps-business-omnivore-app HelmRelease: business/omnivore-app-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-cache

+++ kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-cache

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-queue

+++ kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-queue

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/ai/dify/app Kustomization: flux-system/cluster-apps-ai-dify-app HelmRelease: ai-apps/dify-app-redis

+++ kubernetes/apps/ai/dify/app Kustomization: flux-system/cluster-apps-ai-dify-app HelmRelease: ai-apps/dify-app-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/database/redis/app Kustomization: flux-system/cluster-apps-redis HelmRelease: database/redis

+++ kubernetes/apps/database/redis/app Kustomization: flux-system/cluster-apps-redis HelmRelease: database/redis

@@ -12,13 +12,13 @@

     spec:
       chart: redis
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 18.9.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 30m
   maxHistory: 2
   timeout: 15m
--- kubernetes/apps/database/staging-redis/app Kustomization: flux-system/cluster-apps-staging-redis HelmRelease: database/staging-redis

+++ kubernetes/apps/database/staging-redis/app Kustomization: flux-system/cluster-apps-staging-redis HelmRelease: database/staging-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 18.2.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/aitbase-admin/aitbotsync/prod/app Kustomization: flux-system/cluster-apps-business-aitbotsync-prod-app HelmRelease: business/aitbotsync-prod-redis

+++ kubernetes/apps/business/aitbase-admin/aitbotsync/prod/app Kustomization: flux-system/cluster-apps-business-aitbotsync-prod-app HelmRelease: business/aitbotsync-prod-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/aitbase-admin/aitbotsync/staging/app Kustomization: flux-system/cluster-apps-business-aitbotsync-staging-app HelmRelease: business/aitbotsync-staging-redis

+++ kubernetes/apps/business/aitbase-admin/aitbotsync/staging/app Kustomization: flux-system/cluster-apps-business-aitbotsync-staging-app HelmRelease: business/aitbotsync-staging-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/chatwoot/aitbase/staging/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-staging HelmRelease: business/chatwoot-aitbase-staging-redis

+++ kubernetes/apps/business/chatwoot/aitbase/staging/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-staging HelmRelease: business/chatwoot-aitbase-staging-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/chatwoot/aitbase/prod/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-prod HelmRelease: business/chatwoot-aitbase-prod-redis

+++ kubernetes/apps/business/chatwoot/aitbase/prod/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-prod HelmRelease: business/chatwoot-aitbase-prod-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/aitbase-admin/locatepin/prod/app Kustomization: flux-system/cluster-apps-business-locatepin-prod-app HelmRelease: business/locatepin-prod-redis

+++ kubernetes/apps/business/aitbase-admin/locatepin/prod/app Kustomization: flux-system/cluster-apps-business-locatepin-prod-app HelmRelease: business/locatepin-prod-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:
--- kubernetes/apps/business/plane/app Kustomization: flux-system/cluster-apps-business-plane-app HelmRelease: plane/plane-app-redis

+++ kubernetes/apps/business/plane/app Kustomization: flux-system/cluster-apps-business-plane-app HelmRelease: plane/plane-app-redis

@@ -13,13 +13,13 @@

       chart: redis
       interval: 15m
       sourceRef:
         kind: HelmRepository
         name: bitnami
         namespace: flux-system
-      version: 19.1.0
+      version: 20.6.3
   install:
     remediation:
       retries: 3
   interval: 15m
   maxHistory: 2
   uninstall:

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 10, 2024
edited
Loading 

--- HelmRelease: business/aitbotsync-prod-redis StatefulSet: business/aitbotsync-prod-redis-master

+++ HelmRelease: business/aitbotsync-prod-redis StatefulSet: business/aitbotsync-prod-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: aitbotsync-prod-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: aitbotsync-prod-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: aitbotsync-prod-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/aitbotsync-prod-redis PodDisruptionBudget: business/aitbotsync-prod-redis-master

+++ HelmRelease: business/aitbotsync-prod-redis PodDisruptionBudget: business/aitbotsync-prod-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: aitbotsync-prod-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: aitbotsync-prod-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: aitbotsync-prod-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/chatwoot-aitbase-staging-redis StatefulSet: business/chatwoot-aitbase-staging-redis-master

+++ HelmRelease: business/chatwoot-aitbase-staging-redis StatefulSet: business/chatwoot-aitbase-staging-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: chatwoot-aitbase-staging-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/chatwoot-aitbase-staging-redis PodDisruptionBudget: business/chatwoot-aitbase-staging-redis-master

+++ HelmRelease: business/chatwoot-aitbase-staging-redis PodDisruptionBudget: business/chatwoot-aitbase-staging-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: chatwoot-aitbase-staging-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/aitbotsync-staging-redis StatefulSet: business/aitbotsync-staging-redis-master

+++ HelmRelease: business/aitbotsync-staging-redis StatefulSet: business/aitbotsync-staging-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: aitbotsync-staging-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: aitbotsync-staging-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: aitbotsync-staging-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/aitbotsync-staging-redis PodDisruptionBudget: business/aitbotsync-staging-redis-master

+++ HelmRelease: business/aitbotsync-staging-redis PodDisruptionBudget: business/aitbotsync-staging-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: aitbotsync-staging-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: aitbotsync-staging-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: aitbotsync-staging-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/chatwoot-aitbase-prod-redis StatefulSet: business/chatwoot-aitbase-prod-redis-master

+++ HelmRelease: business/chatwoot-aitbase-prod-redis StatefulSet: business/chatwoot-aitbase-prod-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: chatwoot-aitbase-prod-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/chatwoot-aitbase-prod-redis PodDisruptionBudget: business/chatwoot-aitbase-prod-redis-master

+++ HelmRelease: business/chatwoot-aitbase-prod-redis PodDisruptionBudget: business/chatwoot-aitbase-prod-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: chatwoot-aitbase-prod-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/locatepin-prod-redis StatefulSet: business/locatepin-prod-redis-master

+++ HelmRelease: business/locatepin-prod-redis StatefulSet: business/locatepin-prod-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: locatepin-prod-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: locatepin-prod-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: locatepin-prod-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/locatepin-prod-redis PodDisruptionBudget: business/locatepin-prod-redis-master

+++ HelmRelease: business/locatepin-prod-redis PodDisruptionBudget: business/locatepin-prod-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: locatepin-prod-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: locatepin-prod-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: locatepin-prod-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: ai-apps/dify-app-redis StatefulSet: ai-apps/dify-app-redis-master

+++ HelmRelease: ai-apps/dify-app-redis StatefulSet: ai-apps/dify-app-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: dify-app-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: dify-app-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: dify-app-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: ai-apps/dify-app-redis PodDisruptionBudget: ai-apps/dify-app-redis-master

+++ HelmRelease: ai-apps/dify-app-redis PodDisruptionBudget: ai-apps/dify-app-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: dify-app-redis-master
+  namespace: ai-apps
+  labels:
+    app.kubernetes.io/instance: dify-app-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: dify-app-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: plane/plane-app-redis StatefulSet: plane/plane-app-redis-master

+++ HelmRelease: plane/plane-app-redis StatefulSet: plane/plane-app-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: plane-app-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: plane-app-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: plane-app-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: plane/plane-app-redis PodDisruptionBudget: plane/plane-app-redis-master

+++ HelmRelease: plane/plane-app-redis PodDisruptionBudget: plane/plane-app-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: plane-app-redis-master
+  namespace: plane
+  labels:
+    app.kubernetes.io/instance: plane-app-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: plane-app-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/erpnext-app-redis-cache StatefulSet: business/erpnext-app-redis-cache-master

+++ HelmRelease: business/erpnext-app-redis-cache StatefulSet: business/erpnext-app-redis-cache-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: erpnext-app-redis-cache
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: erpnext-app-redis-cache
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: erpnext-app-redis-cache-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/erpnext-app-redis-cache PodDisruptionBudget: business/erpnext-app-redis-cache-master

+++ HelmRelease: business/erpnext-app-redis-cache PodDisruptionBudget: business/erpnext-app-redis-cache-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: erpnext-app-redis-cache-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: erpnext-app-redis-cache
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: erpnext-app-redis-cache
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: database/staging-redis ServiceAccount: database/staging-redis-master

+++ HelmRelease: database/staging-redis ServiceAccount: database/staging-redis-master

@@ -1,10 +1,10 @@

 ---
 apiVersion: v1
 kind: ServiceAccount
-automountServiceAccountToken: true
+automountServiceAccountToken: false
 metadata:
   name: staging-redis-master
   namespace: database
   labels:
     app.kubernetes.io/instance: staging-redis
     app.kubernetes.io/managed-by: Helm
--- HelmRelease: database/staging-redis StatefulSet: database/staging-redis-master

+++ HelmRelease: database/staging-redis StatefulSet: database/staging-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: staging-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: staging-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: staging-redis-headless
@@ -31,14 +32,17 @@

         checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9
         checksum/scripts: 43cdf68c28f3abe25ce017a82f74dbf2437d1900fd69df51a55a3edf6193d141
         checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
     spec:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
       serviceAccountName: staging-redis-master
-      automountServiceAccountToken: true
+      automountServiceAccountToken: false
       affinity:
         podAffinity: null
         podAntiAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
           - podAffinityTerm:
               labelSelector:
@@ -50,22 +54,24 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.2-debian-11-r0
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
-          runAsGroup: 0
+          readOnlyRootFilesystem: true
+          runAsGroup: 1001
           runAsNonRoot: true
           runAsUser: 1001
+          seLinuxOptions: {}
           seccompProfile:
             type: RuntimeDefault
         command:
         - /bin/bash
         args:
         - -c
@@ -104,40 +110,46 @@

           exec:
             command:
             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
-          limits: {}
-          requests: {}
+          limits:
+            cpu: 150m
+            ephemeral-storage: 2Gi
+            memory: 192Mi
+          requests:
+            cpu: 100m
+            ephemeral-storage: 50Mi
+            memory: 128Mi
         volumeMounts:
         - name: start-scripts
           mountPath: /opt/bitnami/scripts/start-scripts
         - name: health
           mountPath: /health
         - name: redis-data
           mountPath: /data
         - name: config
           mountPath: /opt/bitnami/redis/mounted-etc
-        - name: redis-tmp-conf
+        - name: empty-dir
           mountPath: /opt/bitnami/redis/etc/
-        - name: tmp
+          subPath: app-conf-dir
+        - name: empty-dir
           mountPath: /tmp
+          subPath: tmp-dir
       volumes:
       - name: start-scripts
         configMap:
           name: staging-redis-scripts
           defaultMode: 493
       - name: health
         configMap:
           name: staging-redis-health
           defaultMode: 493
       - name: config
         configMap:
           name: staging-redis-configuration
-      - name: redis-tmp-conf
-        emptyDir: {}
-      - name: tmp
+      - name: empty-dir
         emptyDir: {}
       - name: redis-data
         emptyDir: {}
 
--- HelmRelease: database/staging-redis NetworkPolicy: database/staging-redis

+++ HelmRelease: database/staging-redis NetworkPolicy: database/staging-redis

@@ -0,0 +1,24 @@

+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: staging-redis
+  namespace: database
+  labels:
+    app.kubernetes.io/instance: staging-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: staging-redis
+      app.kubernetes.io/name: redis
+  policyTypes:
+  - Ingress
+  - Egress
+  egress:
+  - {}
+  ingress:
+  - ports:
+    - port: 6379
+
--- HelmRelease: database/staging-redis PodDisruptionBudget: database/staging-redis-master

+++ HelmRelease: database/staging-redis PodDisruptionBudget: database/staging-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: staging-redis-master
+  namespace: database
+  labels:
+    app.kubernetes.io/instance: staging-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: staging-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/erpnext-app-redis-queue StatefulSet: business/erpnext-app-redis-queue-master

+++ HelmRelease: business/erpnext-app-redis-queue StatefulSet: business/erpnext-app-redis-queue-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: erpnext-app-redis-queue
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: erpnext-app-redis-queue
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: erpnext-app-redis-queue-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/erpnext-app-redis-queue PodDisruptionBudget: business/erpnext-app-redis-queue-master

+++ HelmRelease: business/erpnext-app-redis-queue PodDisruptionBudget: business/erpnext-app-redis-queue-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: erpnext-app-redis-queue-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: erpnext-app-redis-queue
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: erpnext-app-redis-queue
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: comabase/comabase-redis ServiceAccount: comabase/comabase-redis-master

+++ HelmRelease: comabase/comabase-redis ServiceAccount: comabase/comabase-redis-master

@@ -1,10 +1,10 @@

 ---
 apiVersion: v1
 kind: ServiceAccount
-automountServiceAccountToken: true
+automountServiceAccountToken: false
 metadata:
   name: comabase-redis-master
   namespace: comabase
   labels:
     app.kubernetes.io/instance: comabase-redis
     app.kubernetes.io/managed-by: Helm
--- HelmRelease: comabase/comabase-redis StatefulSet: comabase/comabase-redis-master

+++ HelmRelease: comabase/comabase-redis StatefulSet: comabase/comabase-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: comabase-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: comabase-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: comabase-redis-headless
@@ -31,14 +32,17 @@

         checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9
         checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5
         checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
     spec:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
       serviceAccountName: comabase-redis-master
-      automountServiceAccountToken: true
+      automountServiceAccountToken: false
       affinity:
         podAffinity: null
         podAntiAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
           - podAffinityTerm:
               labelSelector:
@@ -50,22 +54,24 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.2-debian-11-r0
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
-          runAsGroup: 0
+          readOnlyRootFilesystem: true
+          runAsGroup: 1001
           runAsNonRoot: true
           runAsUser: 1001
+          seLinuxOptions: {}
           seccompProfile:
             type: RuntimeDefault
         command:
         - /bin/bash
         args:
         - -c
@@ -109,40 +115,46 @@

           exec:
             command:
             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
-          limits: {}
-          requests: {}
+          limits:
+            cpu: 150m
+            ephemeral-storage: 2Gi
+            memory: 192Mi
+          requests:
+            cpu: 100m
+            ephemeral-storage: 50Mi
+            memory: 128Mi
         volumeMounts:
         - name: start-scripts
           mountPath: /opt/bitnami/scripts/start-scripts
         - name: health
           mountPath: /health
         - name: redis-data
           mountPath: /data
         - name: config
           mountPath: /opt/bitnami/redis/mounted-etc
-        - name: redis-tmp-conf
+        - name: empty-dir
           mountPath: /opt/bitnami/redis/etc/
-        - name: tmp
+          subPath: app-conf-dir
+        - name: empty-dir
           mountPath: /tmp
+          subPath: tmp-dir
       volumes:
       - name: start-scripts
         configMap:
           name: comabase-redis-scripts
           defaultMode: 493
       - name: health
         configMap:
           name: comabase-redis-health
           defaultMode: 493
       - name: config
         configMap:
           name: comabase-redis-configuration
-      - name: redis-tmp-conf
-        emptyDir: {}
-      - name: tmp
+      - name: empty-dir
         emptyDir: {}
       - name: redis-data
         emptyDir: {}
 
--- HelmRelease: comabase/comabase-redis NetworkPolicy: comabase/comabase-redis

+++ HelmRelease: comabase/comabase-redis NetworkPolicy: comabase/comabase-redis

@@ -0,0 +1,24 @@

+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: comabase-redis
+  namespace: comabase
+  labels:
+    app.kubernetes.io/instance: comabase-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: comabase-redis
+      app.kubernetes.io/name: redis
+  policyTypes:
+  - Ingress
+  - Egress
+  egress:
+  - {}
+  ingress:
+  - ports:
+    - port: 6379
+
--- HelmRelease: comabase/comabase-redis PodDisruptionBudget: comabase/comabase-redis-master

+++ HelmRelease: comabase/comabase-redis PodDisruptionBudget: comabase/comabase-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: comabase-redis-master
+  namespace: comabase
+  labels:
+    app.kubernetes.io/instance: comabase-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: comabase-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: business/omnivore-app-redis StatefulSet: business/omnivore-app-redis-master

+++ HelmRelease: business/omnivore-app-redis StatefulSet: business/omnivore-app-redis-master

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: omnivore-app-redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: master
 spec:
   replicas: 1
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: omnivore-app-redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: master
   serviceName: omnivore-app-redis-headless
@@ -53,13 +54,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
@@ -111,13 +112,13 @@

             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
           limits:
             cpu: 150m
-            ephemeral-storage: 1024Mi
+            ephemeral-storage: 2Gi
             memory: 192Mi
           requests:
             cpu: 100m
             ephemeral-storage: 50Mi
             memory: 128Mi
         volumeMounts:
--- HelmRelease: business/omnivore-app-redis PodDisruptionBudget: business/omnivore-app-redis-master

+++ HelmRelease: business/omnivore-app-redis PodDisruptionBudget: business/omnivore-app-redis-master

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: omnivore-app-redis-master
+  namespace: business
+  labels:
+    app.kubernetes.io/instance: omnivore-app-redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: master
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: omnivore-app-redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: master
+
--- HelmRelease: database/redis ConfigMap: database/redis-scripts

+++ HelmRelease: database/redis ConfigMap: database/redis-scripts

@@ -51,52 +51,62 @@

         REDIS_SERVICE="$REDIS_EXTERNAL_MASTER_HOST"
     else
         REDIS_SERVICE="redis.database.svc.cluster.local"
     fi
 
     SENTINEL_SERVICE_PORT=$(get_port "redis" "SENTINEL")
+
+    redis_cli_command() {
+        local timeout="${1:-0}"
+
+        local args=("-h" "$REDIS_SERVICE" "-p" "$SENTINEL_SERVICE_PORT")
+        local command="redis-cli"
+        if is_boolean_yes "$REDIS_TLS_ENABLED"; then
+            args+=("--tls" "--cert" "$REDIS_TLS_CERT_FILE" "--key" "$REDIS_TLS_KEY_FILE")
+            [ -n "$REDIS_TLS_CA_FILE" ] && args+=("--cacert" "$REDIS_TLS_CA_FILE")
+        fi
+        if [ "$timeout" -gt 0 ]; then
+            command="timeout $timeout $command"
+        fi
+
+        echo " $command ${args[*]}"
+    }
+
     validate_quorum() {
-        if is_boolean_yes "$REDIS_TLS_ENABLED"; then
-            quorum_info_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel master redis-master"
-        else
-            quorum_info_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel master redis-master"
-        fi
+        quorum_info_command="$(redis_cli_command) sentinel master redis-master"
         info "about to run the command: $quorum_info_command"
         eval $quorum_info_command | grep -Fq "s_down"
     }
 
     trigger_manual_failover() {
-        if is_boolean_yes "$REDIS_TLS_ENABLED"; then
-            failover_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel failover redis-master"
-        else
-            failover_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel failover redis-master"
-        fi
-
+        failover_command="$(redis_cli_command) sentinel failover redis-master"
         info "about to run the command: $failover_command"
         eval $failover_command
     }
 
     get_sentinel_master_info() {
-        if is_boolean_yes "$REDIS_TLS_ENABLED"; then
-            sentinel_info_command="timeout 10 redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel get-master-addr-by-name redis-master"
-        else
-            sentinel_info_command="timeout 10 redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel get-master-addr-by-name redis-master"
-        fi
-
+        sentinel_info_command="$(redis_cli_command 10) sentinel get-master-addr-by-name redis-master"
         info "about to run the command: $sentinel_info_command"
         retry_while "eval $sentinel_info_command" 2 5
     }
 
     [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
     [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
 
     # check if there is a master
     master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")"
     master_port_in_persisted_conf="$REDIS_MASTER_PORT_NUMBER"
     master_in_sentinel="$(get_sentinel_master_info)"
     redisRetVal=$?
+
+    if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then
+        master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+        master_port_in_persisted_conf="$(awk '/monitor/ {print $5}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+        info "Found previous master ${master_in_persisted_conf}:${master_port_in_persisted_conf} in /opt/bitnami/redis-sentinel/etc/sentinel.conf"
+        debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)"
+    fi
 
     if [[ $redisRetVal -ne 0 ]]; then
         if [[ "$master_in_persisted_conf" == "$(get_full_hostname "$HOSTNAME")" ]]; then
             # Case 1: No active sentinel and in previous sentinel.conf we were the master --> MASTER
             info "Configuring the node as master"
             export REDIS_REPLICATION_MODE="master"
@@ -198,16 +208,16 @@

         # Sanitize inputs
         value="${value//\\/\\\\}"
         value="${value//&/\\&}"
         value="${value//\?/\\?}"
         [[ "$value" = "" ]] && value="\"$value\""
 
-        replace_in_file "/opt/bitnami/redis-sentinel/etc/sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false
+        replace_in_file "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false
     }
     sentinel_conf_add() {
-        echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/sentinel.conf"
+        echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf"
     }
     host_id() {
         echo "$1" | openssl sha1 | awk '{print $2}'
     }
     get_sentinel_master_info() {
         if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
@@ -219,35 +229,43 @@

         retry_while "eval $sentinel_info_command" 2 5
     }
 
     [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
 
     master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")"
-    if ! get_sentinel_master_info && [[ "$master_in_persisted_conf" == "$(get_full_hostname "$HOSTNAME")" ]]; then
-        # No master found, lets create a master node
-        export REDIS_REPLICATION_MODE="master"
-
-        REDIS_MASTER_HOST=$(get_full_hostname "$HOSTNAME")
-        REDIS_MASTER_PORT_NUMBER="$REDISPORT"
-    else
-        export REDIS_REPLICATION_MODE="replica"
-
-        # Fetches current master's host and port
-        REDIS_SENTINEL_INFO=($(get_sentinel_master_info))
+
+    if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then
+        master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+        info "Found previous master $master_in_persisted_conf in /opt/bitnami/redis-sentinel/etc/sentinel.conf"
+        debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)"
+    fi
+    REDIS_SENTINEL_INFO=($(get_sentinel_master_info))
+    if [ "$?" -eq "0" ]; then
+        # current master's host and port obtained from other Sentinel
         info "printing REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})"
         REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}
         REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]}
+    else
+        REDIS_MASTER_HOST="$master_in_persisted_conf"
+        REDIS_MASTER_PORT_NUMBER="$REDISPORT"
+    fi
+    if [[ "$REDIS_MASTER_HOST" == "$(get_full_hostname "$HOSTNAME")" ]]; then
+        export REDIS_REPLICATION_MODE="master"
+    else
+        export REDIS_REPLICATION_MODE="replica"
     fi
 
     if [[ -n "$REDIS_EXTERNAL_MASTER_HOST" ]]; then
       REDIS_MASTER_HOST="$REDIS_EXTERNAL_MASTER_HOST"
       REDIS_MASTER_PORT_NUMBER="${REDIS_EXTERNAL_MASTER_PORT}"
     fi
 
-    cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
-    printf "\nsentinel myid %s" "$(host_id "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
+    # To prevent incomplete configuration and as the redis container accesses /opt/bitnami/redis-sentinel/etc/sentinel.conf
+    # as well, prepare the new config in `prepare-sentinel.conf` and move it atomically to the ultimate destination when it is complete.
+    cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    printf "\nsentinel myid %s" "$(host_id "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
 
     if [[ -z "$REDIS_MASTER_HOST" ]] || [[ -z "$REDIS_MASTER_PORT_NUMBER" ]]
     then
         # Prevent incorrect configuration to be written to sentinel.conf
         error "Redis master host is configured incorrectly (host: $REDIS_MASTER_HOST, port: $REDIS_MASTER_PORT_NUMBER)"
         exit 1
@@ -277,17 +295,18 @@

         hostname="redis-node-$node"
         ip="$(getent hosts "$hostname.$HEADLESS_SERVICE" | awk '{ print $1 }')"
         add_known_sentinel "$hostname" "$ip"
         add_known_replica "$hostname" "$ip"
     done
 
-    echo "" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
-    echo "sentinel announce-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
-    echo "sentinel resolve-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
-    echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
-    echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
+    echo "" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    echo "sentinel announce-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    echo "sentinel resolve-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+    mv /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
     exec redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf --sentinel
   prestop-sentinel.sh: |
     #!/bin/bash
 
     . /opt/bitnami/scripts/libvalidations.sh
     . /opt/bitnami/scripts/libos.sh
@@ -299,13 +318,13 @@

         full_hostname="${hostname}.${HEADLESS_SERVICE}"
         echo "${full_hostname}"
     }
 
     run_sentinel_command() {
         if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
-            redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@"
[Diff truncated by flux-local]
--- HelmRelease: database/redis StatefulSet: database/redis-node

+++ HelmRelease: database/redis StatefulSet: database/redis-node

@@ -8,12 +8,13 @@

     app.kubernetes.io/instance: redis
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: redis
     app.kubernetes.io/component: node
 spec:
   replicas: 3
+  revisionHistoryLimit: 10
   selector:
     matchLabels:
       app.kubernetes.io/instance: redis
       app.kubernetes.io/name: redis
       app.kubernetes.io/component: node
   serviceName: redis-headless
@@ -26,13 +27,13 @@

         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/name: redis
         app.kubernetes.io/component: node
       annotations:
         checksum/configmap: 44827545caa1794c0c6696c4406beb71e64dd804ef278fe070efe561c4bc71b7
         checksum/health: 07a9e9f1ff08347b0d2cd65e962feb94d6390f5b64a77ed1346867af2559df4a
-        checksum/scripts: 04c034490f9758104676b11f6819c4f159bb0e4956d61091bf6dd68a76b327aa
+        checksum/scripts: 74285d2d9b70df3e6a9f6a9ae9b80d4e333e62932af7806a454807d972d5b461
         checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
         prometheus.io/port: '9121'
         prometheus.io/scrape: 'true'
     spec:
       automountServiceAccountToken: false
       securityContext:
@@ -55,13 +56,13 @@

             weight: 1
         nodeAffinity: null
       enableServiceLinks: true
       terminationGracePeriodSeconds: 30
       containers:
       - name: redis
-        image: docker.io/bitnami/redis:7.2.4-debian-11-r2
+        image: docker.io/bitnami/redis:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
             exec:
               command:
               - /bin/bash
@@ -69,16 +70,17 @@

               - /opt/bitnami/scripts/start-scripts/prestop-redis.sh
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
-          runAsGroup: 0
+          readOnlyRootFilesystem: true
+          runAsGroup: 1001
           runAsNonRoot: true
           runAsUser: 1001
-          seLinuxOptions: null
+          seLinuxOptions: {}
           seccompProfile:
             type: RuntimeDefault
         command:
         - /bin/bash
         args:
         - -c
@@ -134,29 +136,39 @@

           exec:
             command:
             - sh
             - -c
             - /health/ping_readiness_local.sh 1
         resources:
-          limits: {}
-          requests: {}
+          limits:
+            cpu: 150m
+            ephemeral-storage: 2Gi
+            memory: 192Mi
+          requests:
+            cpu: 100m
+            ephemeral-storage: 50Mi
+            memory: 128Mi
         volumeMounts:
         - name: start-scripts
           mountPath: /opt/bitnami/scripts/start-scripts
         - name: health
           mountPath: /health
+        - name: sentinel-data
+          mountPath: /opt/bitnami/redis-sentinel/etc
         - name: redis-data
           mountPath: /data
         - name: config
           mountPath: /opt/bitnami/redis/mounted-etc
-        - name: redis-tmp-conf
+        - name: empty-dir
           mountPath: /opt/bitnami/redis/etc
-        - name: tmp
+          subPath: app-conf-dir
+        - name: empty-dir
           mountPath: /tmp
+          subPath: tmp-dir
       - name: sentinel
-        image: docker.io/bitnami/redis-sentinel:7.2.4-debian-11-r3
+        image: docker.io/bitnami/redis-sentinel:7.4.2-debian-12-r0
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
             exec:
               command:
               - /bin/bash
@@ -164,16 +176,17 @@

               - /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
-          runAsGroup: 0
+          readOnlyRootFilesystem: true
+          runAsGroup: 1001
           runAsNonRoot: true
           runAsUser: 1001
-          seLinuxOptions: null
+          seLinuxOptions: {}
           seccompProfile:
             type: RuntimeDefault
         command:
         - /bin/bash
         args:
         - -c
@@ -221,37 +234,47 @@

           exec:
             command:
             - sh
             - -c
             - /health/ping_sentinel.sh 1
         resources:
-          limits: {}
-          requests: {}
+          limits:
+            cpu: 150m
+            ephemeral-storage: 2Gi
+            memory: 192Mi
+          requests:
+            cpu: 100m
+            ephemeral-storage: 50Mi
+            memory: 128Mi
         volumeMounts:
+        - name: empty-dir
+          mountPath: /tmp
+          subPath: tmp-dir
         - name: start-scripts
           mountPath: /opt/bitnami/scripts/start-scripts
         - name: health
           mountPath: /health
         - name: sentinel-data
           mountPath: /opt/bitnami/redis-sentinel/etc
         - name: redis-data
           mountPath: /data
         - name: config
           mountPath: /opt/bitnami/redis-sentinel/mounted-etc
       - name: metrics
-        image: docker.io/bitnami/redis-exporter:1.56.0-debian-11-r1
+        image: docker.io/bitnami/redis-exporter:1.67.0-debian-12-r0
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
             drop:
             - ALL
-          runAsGroup: 0
+          readOnlyRootFilesystem: true
+          runAsGroup: 1001
           runAsNonRoot: true
           runAsUser: 1001
-          seLinuxOptions: null
+          seLinuxOptions: {}
           seccompProfile:
             type: RuntimeDefault
         command:
         - /bin/bash
         - -c
         - |
@@ -259,12 +282,14 @@

               export REDIS_PASSWORD=$(cat /secrets/redis-password)
           fi
           redis_exporter
         env:
         - name: REDIS_ALIAS
           value: redis
+        - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS
+          value: :9121
         ports:
         - name: metrics
           containerPort: 9121
         livenessProbe:
           failureThreshold: 5
           initialDelaySeconds: 10
@@ -280,15 +305,24 @@

           successThreshold: 1
           timeoutSeconds: 1
           httpGet:
             path: /
             port: metrics
         resources:
-          limits: {}
-          requests: {}
-        volumeMounts: null
+          limits:
+            cpu: 150m
+            ephemeral-storage: 2Gi
+            memory: 192Mi
+          requests:
+            cpu: 100m
+            ephemeral-storage: 50Mi
+            memory: 128Mi
+        volumeMounts:
+        - name: empty-dir
+          mountPath: /tmp
+          subPath: tmp-dir
       volumes:
       - name: start-scripts
         configMap:
           name: redis-scripts
           defaultMode: 493
       - name: health
@@ -297,13 +331,11 @@

           defaultMode: 493
       - name: config
         configMap:
           name: redis-configuration
       - name: sentinel-data
         emptyDir: {}
-      - name: redis-tmp-conf
-        emptyDir: {}
-      - name: tmp
+      - name: empty-dir
         emptyDir: {}
       - name: redis-data
         emptyDir: {}
 
--- HelmRelease: database/redis NetworkPolicy: database/redis

+++ HelmRelease: database/redis NetworkPolicy: database/redis

@@ -0,0 +1,27 @@

+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: redis
+  namespace: database
+  labels:
+    app.kubernetes.io/instance: redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: redis
+      app.kubernetes.io/name: redis
+  policyTypes:
+  - Ingress
+  - Egress
+  egress:
+  - {}
+  ingress:
+  - ports:
+    - port: 6379
+    - port: 26379
+  - ports:
+    - port: 9121
+
--- HelmRelease: database/redis PodDisruptionBudget: database/redis-node

+++ HelmRelease: database/redis PodDisruptionBudget: database/redis-node

@@ -0,0 +1,19 @@

+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: redis-node
+  namespace: database
+  labels:
+    app.kubernetes.io/instance: redis
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: redis
+    app.kubernetes.io/component: node
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/component: node
+

@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 84644fd to 99bdece Compare August 20, 2024 23:29
@renovate renovate bot force-pushed the renovate/redis-20.x branch 3 times, most recently from b431c9e to 07b971b Compare September 9, 2024 13:03
@renovate renovate bot force-pushed the renovate/redis-20.x branch 4 times, most recently from d7fbfc6 to 4cf22cb Compare September 19, 2024 11:40
@renovate renovate bot force-pushed the renovate/redis-20.x branch 4 times, most recently from f0ce10b to fcebfbc Compare October 3, 2024 00:42
@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 9b80fc6 to df45c6e Compare October 15, 2024 17:05
@renovate renovate bot force-pushed the renovate/redis-20.x branch from df45c6e to 0881496 Compare October 31, 2024 04:21
@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 885a90f to 1eff871 Compare November 14, 2024 14:42
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 1eff871 to e9dc6ce Compare December 2, 2024 12:05
@renovate renovate bot force-pushed the renovate/redis-20.x branch 3 times, most recently from 487b6bb to 39acd1d Compare December 16, 2024 18:46
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 39acd1d to ce7e0ee Compare December 22, 2024 00:47
@renovate renovate bot force-pushed the renovate/redis-20.x branch from ce7e0ee to feaa015 Compare January 8, 2025 13:53
@renovate renovate bot force-pushed the renovate/redis-20.x branch from feaa015 to f2fc837 Compare January 15, 2025 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
renovate/container type/major
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants