From 3668820b83b2004c46a10c76863c6f768d6eb656 Mon Sep 17 00:00:00 2001 From: Tunahan Cicek Date: Wed, 31 Jan 2024 19:28:36 +0100 Subject: [PATCH] Make securityContext (pod and container) configurable --- charts/registry/Chart.yaml | 2 +- charts/registry/templates/registry/registry-deployment.yaml | 5 ++--- charts/registry/values.yaml | 5 +++++ 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/registry/Chart.yaml b/charts/registry/Chart.yaml index 681f4361..6ba81044 100644 --- a/charts/registry/Chart.yaml +++ b/charts/registry/Chart.yaml @@ -26,7 +26,7 @@ sources: - https://github.com/eclipse-tractusx/sldt-digital-twin-registry type: application -version: 0.4.2 +version: 0.4.3 appVersion: 0.3.23 dependencies: diff --git a/charts/registry/templates/registry/registry-deployment.yaml b/charts/registry/templates/registry/registry-deployment.yaml index 6f989067..ee89ba72 100644 --- a/charts/registry/templates/registry/registry-deployment.yaml +++ b/charts/registry/templates/registry/registry-deployment.yaml @@ -35,14 +35,13 @@ spec: {{- include "dtr.selectorLabels" . | nindent 8 }} spec: securityContext: - runAsUser: 100 + {{- toYaml .Values.registry.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} image: {{ .Values.registry.image.registry }}/{{ .Values.registry.image.repository }}:{{ .Values.registry.image.version | default .Chart.AppVersion }} imagePullPolicy: {{ .Values.registry.imagePullPolicy }} securityContext: - runAsUser: 100 - allowPrivilegeEscalation: false + {{- toYaml .Values.registry.securityContext | nindent 12 }} {{- if not .Values.registry.authentication }} args: ["--spring.profiles.active=local"] {{- end }} diff --git a/charts/registry/values.yaml b/charts/registry/values.yaml index cb67916a..b3f3932d 100644 --- a/charts/registry/values.yaml +++ b/charts/registry/values.yaml @@ -89,6 +89,11 @@ registry: requests: cpu: 250m memory: 1024Mi + podSecurityContext: + runAsUser: 100 + securityContext: + runAsUser: 100 + allowPrivilegeEscalation: false postgresql: primary: