From 69210ffbc20b6a5fbb67329cc2c49b2668a7e940 Mon Sep 17 00:00:00 2001 From: Christoph Petrausch Date: Tue, 24 Sep 2024 20:52:51 +0200 Subject: [PATCH] Add containerSecurityContexts to all initContainers --- charts/temporal/templates/server-job.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/charts/temporal/templates/server-job.yaml b/charts/temporal/templates/server-job.yaml index 1893b97e..0db84031 100644 --- a/charts/temporal/templates/server-job.yaml +++ b/charts/temporal/templates/server-job.yaml @@ -21,10 +21,18 @@ spec: - name: check-cassandra-service image: busybox command: ['sh', '-c', 'until nc -z {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }}; do echo waiting for cassandra service; sleep 1; done;'] + {{- with $.Values.schema.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} - name: check-cassandra image: "{{ $.Values.cassandra.image.repo }}:{{ $.Values.cassandra.image.tag }}" imagePullPolicy: {{ $.Values.cassandra.image.pullPolicy }} command: ['sh', '-c', 'until cqlsh {{ include "cassandra.host" $ }} {{ $.Values.cassandra.config.ports.cql }} -e "SHOW VERSION"; do echo waiting for cassandra to start; sleep 1; done;'] + {{- with $.Values.schema.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} {{- if or $.Values.elasticsearch.enabled }} - name: check-elasticsearch @@ -33,6 +41,10 @@ spec: command: ['sh', '-c', 'until curl --silent --fail --user "$ES_USER:$ES_PWD" $ES_SCHEME://$ES_HOST:$ES_PORT 2>&1 > /dev/null; do echo waiting for elasticsearch to start; sleep 1; done;'] env: {{- include "temporal.admintools-env" (list $ "visibility") | nindent 12 }} + {{- with $.Values.schema.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} {{- if $.Values.schema.createDatabase.enabled }} {{- range $store := (list "default" "visibility") }} @@ -53,6 +65,10 @@ spec: volumeMounts: {{- toYaml . | nindent 12 }} {{- end }} + {{- with $.Values.schema.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} {{- end }} {{- end }}