helm: add a default for RPSS_ENABLED

Signed-off-by: Simon L. <[email protected]>
nextcloud · Nov 26, 2024 · 7bc2a1a · 7bc2a1a
1 parent be08b61
commit 7bc2a1a
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
@@ -178,7 +178,7 @@ spec:
               value: "{{ .Values.WHITEBOARD_ENABLED }}"
             - name: WHITEBOARD_SECRET
               value: "{{ .Values.WHITEBOARD_SECRET }}"
-          image: nextcloud/aio-nextcloud:20241125_091756
+          image: nextcloud/aio-nextcloud:20241125_09175
           {{- if eq .Values.RPSS_ENABLED "yes" }} # AIO-config - do not change this comment!
           securityContext:
             # The items below only work in container context

diff --git a/nextcloud-aio-helm-chart/update-helm.sh b/nextcloud-aio-helm-chart/update-helm.sh
@@ -158,7 +158,7 @@ for variable in "${DEPLOYMENTS[@]}"; do
         if echo "$variable" | grep -q "nextcloud-deployment.yaml"; then
             USER=33
             GROUP=33
-            echo '      {{- if eq .Values.RPSS_ENABLED "yes" }} # AIO-config - do not change this comment!' > /tmp/pod.securityContext
+            echo '      {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }} # AIO-config - do not change this comment!' > /tmp/pod.securityContext
         else
             USER="$(grep runAsUser "$variable" | grep -oP '[0-9]+')"
             GROUP="$USER"
@@ -176,7 +176,7 @@ for variable in "${DEPLOYMENTS[@]}"; do
         runAsUser: $USER
         runAsGroup: $GROUP
         runAsNonRoot: true
-        {{- if eq .Values.RPSS_ENABLED "yes" }}
+        {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
         seccompProfile:
           type: RuntimeDefault
         {{- end }}
@@ -446,7 +446,7 @@ cat << EOL > /tmp/security.conf
             # The items below only work in container context
             allowPrivilegeEscalation: false
             capabilities:
-              {{- if eq .Values.RPSS_ENABLED "yes" }}
+              {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
               drop: ["ALL"]
               {{- else }}
               drop: ["NET_RAW"]
@@ -460,7 +460,7 @@ cat << EOL > /tmp/security.conf
             # The items below only work in container context
             allowPrivilegeEscalation: false
             capabilities:
-              {{- if eq .Values.RPSS_ENABLED "yes" }}
+              {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
               drop: ["ALL"]
               {{- else }}
               drop: ["NET_RAW"]
@@ -470,12 +470,12 @@ EOL
 find ./ -name '*imaginary-deployment.yaml*' -exec sed -i "/^          securityContext:$/r /tmp/security.conf" \{} \; 
 
 cat << EOL > /tmp/security.conf
-          {{- if eq .Values.RPSS_ENABLED "yes" }} # AIO-config - do not change this comment!
+          {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }} # AIO-config - do not change this comment!
           securityContext:
             # The items below only work in container context
             allowPrivilegeEscalation: false
             capabilities:
-              {{- if eq .Values.RPSS_ENABLED "yes" }}
+              {{- if eq .Values.RPSS_ENABLED "yes" | default "no" }}
               drop: ["ALL"]
               {{- else }}
               drop: ["NET_RAW"]