Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[kube-prometheus-stack] Expose the container-specific security context for Prometheus Operator #1811

Merged
merged 4 commits into from
Feb 28, 2022
Merged

[kube-prometheus-stack] Expose the container-specific security context for Prometheus Operator #1811

merged 4 commits into from
Feb 28, 2022

Conversation

rdauncey53
Copy link
Contributor

@rdauncey53 rdauncey53 commented Feb 18, 2022
edited
Loading

What this PR does / why we need it:

We want to further configure the Kubernetes container security context for the Prometheus Operator, so we can set other container-specific settings such as capabilities -> drop -> ALL. Therefore we expose the container-specific security context using containerSecurityContext as the input (as used in other prometheus helm-charts e.g. node-exporter).

Special notes for your reviewer:

We understand that some other Prometheus containers such as the node-exporter do not support dropping capabilities (in that case, because it did not have any in the first place) - this pull request assumes that isn't the case for Prometheus Operator, but please do let us know if that is an incorrect assumption.

Checklist

  • DCO signed
  • Chart Version bumped
  • Title of the PR starts with chart name (e.g. [prometheus-couchdb-exporter])

monotek
monotek requested changes Feb 18, 2022
View reviewed changes
charts/kube-prometheus-stack/Chart.yaml Outdated Show resolved Hide resolved
monotek
monotek previously approved these changes Feb 18, 2022
View reviewed changes
@rdauncey53
Copy link
Contributor Author

(28/2/2022 Fixed some merge conflicts)

@monotek monotek merged commit ac52b97 into prometheus-community:main Feb 28, 2022
@monotek monotek mentioned this pull request Feb 28, 2022
Closed
stamzid pushed a commit to Unstructured-IO/prometheus-community-helm-charts that referenced this pull request Mar 3, 2023
@rdauncey53
[kube-prometheus-stack] Expose the container-specific security contex…
15ce2d7 
…t for Prometheus Operator (prometheus-community#1811)

* Expose the container-specific security context settings for Prometheus operator

Signed-off-by: rd5 <[email protected]>

* Bump kube-prometheus-stack chart version to 32.2.2

Signed-off-by: rd5 <[email protected]>

* New feature so raise minor version to 32.3.0

Signed-off-by: rd5 <[email protected]>

Co-authored-by: rd5 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@monotek monotek monotek approved these changes

@andrewgkew andrewgkew Awaiting requested review from andrewgkew andrewgkew is a code owner

@bismarck bismarck Awaiting requested review from bismarck

@desaintmartin desaintmartin Awaiting requested review from desaintmartin

@gianrubio gianrubio Awaiting requested review from gianrubio gianrubio is a code owner

@gkarthiks gkarthiks Awaiting requested review from gkarthiks gkarthiks is a code owner

@scottrigby scottrigby Awaiting requested review from scottrigby scottrigby is a code owner

@Xtigyro Xtigyro Awaiting requested review from Xtigyro Xtigyro is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rdauncey53 @monotek