-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add containerSecurityContext
for each container
#289
Conversation
… storage containers
node-red:3.1.x-main-linux-amd64 scan results3 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
node-red:3.0.2-main-linux-amd64 scan results1 files ±0 4 suites ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
node-red:2.2.3-main-linux-amd64 scan results26 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
node-red:3.0.2-main-linux-arm64 scan results1 files ±0 4 suites ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
file-server:main-linux-amd64 scan results1 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
forge-k8s:main-linux-amd64 scan results1 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
node-red:2.2.3-main-linux-arm64 scan results26 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
node-red:3.1.x-main-linux-arm64 scan results3 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
file-server:main-linux-arm64 scan results1 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
forge-k8s:main-linux-arm64 scan results1 tests ±0 0 ✅ ±0 0s ⏱️ ±0s For more details on these failures, see this check. Results for commit 0641700. ± Comparison against base commit e2cc6dc. ♻️ This comment has been updated with latest results. |
Are we missing a entry in the |
securityContext: | ||
allowPrivilegeEscalation: false | ||
readOnlyRootFilesystem: true | ||
securityContext: {{- toYaml .Values.forge.broker.containerSecurityContext | nindent 10 }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is using the broker settings
securityContext: {{- toYaml .Values.forge.broker.containerSecurityContext | nindent 10 }} | |
securityContext: {{- toYaml .Values.forge.fileStore.containerSecurityContext | nindent 10 }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Spotted 2 things
Description
This PR adds the possibility to configure
containerSecurityContext
for each container created by our helm chart.Related Issue(s)
#288
Checklist
flowforge.yml
?FlowFuse/helm
to update ConfigMap TemplateFlowFuse/CloudProject
to update values for Staging/ProductionLabels
backport
labelarea:migration
label