fix: separate POD and Container security contexts

On-behalf-of: @SAP angel.kafazov@sap.com Signed-off-by: Angel Kafazov <akafazov@cst-bg.net>
openmfp · Dec 20, 2024 · 898338d · 898338d
1 parent bf95905
commit 898338d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml
@@ -4,4 +4,4 @@ description: A Helm chart containing reuse templates
 
 type: library
 
-version: 0.2.2
+version: 0.2.3
diff --git a/charts/common/templates/_deploymentHelpers.tpl b/charts/common/templates/_deploymentHelpers.tpl
@@ -122,10 +122,16 @@ readinessProbe:
   protocol: TCP
 {{- end -}}
 
+
 {{- define "common.container.securityContext" -}}
 securityContext:
-  runAsNonRoot: true
   readOnlyRootFilesystem: true
+{{- end }}
+
+
+{{- define "common.pod.securityContext" -}}
+securityContext:
+  runAsNonRoot: true
   seccompProfile:
     type: RuntimeDefault
 serviceAccountName: {{ include "common.entity.name" }}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,4 +4,4 @@ description: A Helm chart containing reuse templates

		type: library

		version: 0.2.2
		version: 0.2.3