Deuxfleurs/garage
44
56
Fork 74
Code Issues 100 Pull requests 14 Releases 30 Wiki Activity

helm chart improvements #425

Merged
maximilien merged 8 commits from patrickjahns/garage:helm-improvements into main 2023-01-27 10:51:05 +00:00
Conversation 3 Commits 8 Files changed 5 +8 -5
2 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit fd03b184b3 - Show all commits

2
script/helm/garage/templates/workload.yaml
View file

@ -41,6 +41,8 @@ spec:
secretKeyRef: secretKeyRef:
name: {{ include "garage.rpcSecretName" . }} name: {{ include "garage.rpcSecretName" . }}
key: rpcSecret key: rpcSecret
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
volumeMounts: volumeMounts:
- name: configmap - name: configmap
mountPath: /mnt/garage.toml mountPath: /mnt/garage.toml

9
script/helm/garage/values.yaml
View file

@ -92,8 +92,11 @@ serviceAccount:
podAnnotations: {} podAnnotations: {}
podSecurityContext: {} podSecurityContext:
# fsGroup: 2000 runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true
securityContext: securityContext:
# The default security context is heavily restricted # The default security context is heavily restricted
@ -102,8 +105,6 @@ securityContext:
drop: drop:
- ALL - ALL
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
service: service:
# You can rely on any service to expose your cluster # You can rely on any service to expose your cluster