forked from vikunja/helm-chart
update security context to allow frontend pod to start
This commit is contained in:
parent
1e81af0512
commit
29190213e5
GPG Key ID:
B07E2B84F9D2721B
|
|
@ -10,7 +10,7 @@ description: |-
|
||||||
the high alpine areas of the Andes and a relative of the llama.
|
the high alpine areas of the Andes and a relative of the llama.
|
||||||
annotations:
|
annotations:
|
||||||
category: TaskTracker
|
category: TaskTracker
|
||||||
version: 0.1.3
|
version: 0.1.4
|
||||||
appVersion: 0.20.4
|
appVersion: 0.20.4
|
||||||
kubeVersion: ">= 1.19"
|
kubeVersion: ">= 1.19"
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|
|
||||||
|
|
@ -61,7 +61,7 @@ api:
|
||||||
config:
|
config:
|
||||||
database:
|
database:
|
||||||
# Use PostgreSQL database anyway
|
# Use PostgreSQL database anyway
|
||||||
type: postgresql
|
type: postgres
|
||||||
envFrom:
|
envFrom:
|
||||||
# Bind env variables from the secret
|
# Bind env variables from the secret
|
||||||
- name: VIKUNJA_DATABASE_USER
|
- name: VIKUNJA_DATABASE_USER
|
||||||
|
|
|
||||||
|
|
@ -39,12 +39,14 @@ frontend:
|
||||||
# fsGroup: 1000
|
# fsGroup: 1000
|
||||||
|
|
||||||
securityContext:
|
securityContext:
|
||||||
|
allowPrivilegeEscalation: true
|
||||||
|
runAsUser: 101 #nginx
|
||||||
capabilities:
|
capabilities:
|
||||||
drop:
|
drop:
|
||||||
- ALL
|
- ALL
|
||||||
# readOnlyRootFilesystem: true
|
add:
|
||||||
# runAsNonRoot: true
|
- NET_BIND_SERVICE
|
||||||
# runAsUser: 1000
|
|
||||||
|
|
||||||
service:
|
service:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue