Merge pull request #60 from pmoscode/fix/helm-user-group

fix: fix helm user and group
eclipse-tractusx · Aug 23, 2023 · c4dffac · c4dffac
2 parents 14c14cd + 3d90ba4
commit c4dffac
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 6 deletions.
diff --git a/charts/managed-identity-wallet/README.md b/charts/managed-identity-wallet/README.md
@@ -111,6 +111,7 @@ See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command document
 | keycloak.postgresql.enabled | bool | `true` | Enable to deploy PostgreSQL |
 | keycloak.postgresql.nameOverride | string | `"keycloak-postgresql"` | Name of the PostgreSQL chart to deploy. Mandatory when the MIW deploys a PostgreSQL chart, too. |
 | miw.authorityWallet.bpn | string | `"BPNL000000000000"` | Authority Wallet BPNL |
+| miw.authorityWallet.name | string | `""` | Authority Wallet Name |
 | miw.database.encryptionKey.secret | string | `""` | Existing secret for database encryption key |
 | miw.database.encryptionKey.secretKey | string | `""` | Existing secret key for database encryption key |
 | miw.database.encryptionKey.value | string | `""` | Database encryption key for confidential data.  Ignored if `secret` is set. If empty a secret with 32 random alphanumeric chars is generated. |
@@ -151,9 +152,9 @@ See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command document
 | secrets | object | `{}` | Parameters for the application (will be stored as secrets - so, for passwords, ...) |
 | securityContext.allowPrivilegeEscalation | bool | `false` | Allow privilege escalation |
 | securityContext.privileged | bool | `false` | Enable privileged container |
-| securityContext.runAsGroup | int | `0` | Group ID used to run the container |
+| securityContext.runAsGroup | int | `11111` | Group ID used to run the container |
 | securityContext.runAsNonRoot | bool | `true` | Enable to run the container as a non-root user |
-| securityContext.runAsUser | int | `1001` | User ID used to run the container |
+| securityContext.runAsUser | int | `11111` | User ID used to run the container |
 | service.port | int | `8080` | Kubernetes Service port |
 | service.type | string | `"ClusterIP"` | Kubernetes Service type |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the ServiceAccount |
@@ -198,6 +199,7 @@ The following two secrets are required to deploy the MIW in a production environ
 
 - Database Password
 - Database Encryption Key
+
 The **Database Password Secret** stores the password associated with the PostgreSQL database user.
 
 Meanwhile, the **Database Encryption Key Secret** holds the encryption key for safeguarding confidential data within the PostgreSQL database. This could include sensitive information such as private keys for wallets.
@@ -232,3 +234,5 @@ when deploying the MIW in a production environment:
 
 <p align="right">(<a href="#readme-top">back to top</a>)</p>
 
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
diff --git a/charts/managed-identity-wallet/tests/default/deployment_test.yaml b/charts/managed-identity-wallet/tests/default/deployment_test.yaml
@@ -89,9 +89,9 @@ tests:
           content:
             allowPrivilegeEscalation: false
             privileged: false
-            runAsGroup: 0
+            runAsGroup: 11111
             runAsNonRoot: true
-            runAsUser: 1001
+            runAsUser: 11111
 
   - it: should have environment variables set
     asserts:

diff --git a/charts/managed-identity-wallet/values.yaml b/charts/managed-identity-wallet/values.yaml
@@ -76,9 +76,9 @@ securityContext:
   # -- Allow privilege escalation
   allowPrivilegeEscalation: false
   # -- User ID used to run the container
-  runAsUser: 1001
+  runAsUser: 11111
   # -- Group ID used to run the container
-  runAsGroup: 0
+  runAsGroup: 11111
   # -- Enable to run the container as a non-root user
   runAsNonRoot: true