diff --git a/charts/polymorphic-app/Chart.yaml b/charts/polymorphic-app/Chart.yaml index e69654c..4a21f2c 100644 --- a/charts/polymorphic-app/Chart.yaml +++ b/charts/polymorphic-app/Chart.yaml @@ -4,5 +4,5 @@ description: A Helm chart for deploying any custom applications, specifically po maintainers: - name: improwised type: application -version: 1.2.0 +version: 1.2.1 appVersion: 1.0.0 diff --git a/charts/polymorphic-app/templates/cronjob.yaml b/charts/polymorphic-app/templates/cronjob.yaml index eda81e3..86e22dc 100644 --- a/charts/polymorphic-app/templates/cronjob.yaml +++ b/charts/polymorphic-app/templates/cronjob.yaml @@ -81,6 +81,10 @@ spec: {{- end }} {{- if $.Values.cronJobTemplate.volumeMounts }} {{ toYaml $.Values.cronJobTemplate.volumeMounts | indent 12 }} + {{- end }} + {{- with .securityContext | default $.Values.cronJobTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 12 }} {{- end }} {{- with .affinity | default $.Values.cronJobTemplate.affinity }} affinity: diff --git a/charts/polymorphic-app/templates/job.yaml b/charts/polymorphic-app/templates/job.yaml index bcdcdbf..f9fb6e8 100644 --- a/charts/polymorphic-app/templates/job.yaml +++ b/charts/polymorphic-app/templates/job.yaml @@ -82,6 +82,10 @@ spec: {{- if $.Values.jobTemplate.volumeMounts }} {{ toYaml $.Values.jobTemplate.volumeMounts | indent 10 }} {{- end }} + {{- with .securityContext | default $.Values.jobTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} {{- with .affinity | default $.Values.jobTemplate.affinity }} affinity: {{ toYaml . | indent 8 }} diff --git a/charts/polymorphic-app/templates/service.yaml b/charts/polymorphic-app/templates/service.yaml index 7529cc5..5653b9a 100644 --- a/charts/polymorphic-app/templates/service.yaml +++ b/charts/polymorphic-app/templates/service.yaml @@ -152,6 +152,10 @@ spec: periodSeconds: {{ .healthcheck.periodSeconds | default $.Values.serviceTemplate.healthcheck.periodSeconds | default "20" }} {{- end }} {{- end }} + {{- with .securityContext | default $.Values.serviceTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} volumes: {{- if .volumes }} {{ toYaml .volumes | indent 8 }} diff --git a/charts/polymorphic-app/templates/worker.yaml b/charts/polymorphic-app/templates/worker.yaml index 8ddf4c7..fd52555 100644 --- a/charts/polymorphic-app/templates/worker.yaml +++ b/charts/polymorphic-app/templates/worker.yaml @@ -139,6 +139,10 @@ spec: {{- end }} successThreshold: 1 {{- end }} + {{- with .securityContext | default $.Values.workerTemplate.securityContext }} + securityContext: +{{ toYaml . | indent 8 }} + {{- end }} volumes: {{- if .volumes }} {{ toYaml .volumes | indent 8 }} diff --git a/charts/polymorphic-app/values.yaml b/charts/polymorphic-app/values.yaml index 691849c..d08e184 100644 --- a/charts/polymorphic-app/values.yaml +++ b/charts/polymorphic-app/values.yaml @@ -61,7 +61,10 @@ serviceTemplate: # requests: # cpu: 100m # memory: 128Mi - + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 annotations: {} nodeSelector: {} tolerations: [] @@ -120,7 +123,10 @@ workerTemplate: # requests: # cpu: 100m # memory: 128Mi - + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 nodeSelector: {} tolerations: [] @@ -200,6 +206,10 @@ cronJobTemplate: volumeMounts: [] annotations: {} volumes: [] + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 cronJobs: # - name: update-status @@ -242,7 +252,10 @@ jobTemplate: command: annotations: [] volumeMounts: [] - + securityContext: {} + # fsGroup: 1001 + # runAsGroup: 1001 + # runAsUser: 1001 volumes: [] jobs: