feat(charts): cert management security context

Allow security context to be setted in the cert init container. and introduce default configuration to be the as previous values Signed-off-by: Julien Godin <[email protected]>
SwissDataScienceCenter · Jun 28, 2024 · d476ba0 · d476ba0
1 parent 9e5b368
commit d476ba0
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/helm-chart/renku/templates/_certificates-init-container.tpl b/helm-chart/renku/templates/_certificates-init-container.tpl
@@ -3,10 +3,7 @@
 - name: init-certificates
   image: "{{ .Values.global.certificates.image.repository }}:{{ .Values.global.certificates.image.tag }}"
   securityContext:
-    allowPrivilegeEscalation: false
-    runAsUser: 1000
-    runAsGroup: 1000
-    runAsNonRoot: true
+{{ toYaml .Values.global.certificates.securityContext | indent 4 }}
   volumeMounts:
     - name: etc-ssl-certs
       mountPath: /etc/ssl/certs/

diff --git a/helm-chart/renku/values.yaml b/helm-chart/renku/values.yaml
@@ -206,6 +206,11 @@ global:
       tag: "0.0.2"
     customCAs: []
     # - secret:
+    securityContext:
+      allowPrivilegeEscalation: false
+      runAsUser: 1000
+      runAsGroup: 1000
+      runAsNonRoot: true
   ## Database credentials for postgres
   db:
     ## Used by the renku-data-services and potentially other backend services