Skip to content

Commit

Permalink
Merge pull request #382 from cthtrifork/feature/podSecurityContext
Browse files Browse the repository at this point in the history 
Added support for podSecurityContext in helm chart
  • Loading branch information
@stefanprodan
stefanprodan authored Nov 14, 2024
2 parents dc5d3d5 + e7928cf commit b99bf8c
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 2 deletions.
5 changes: 3 additions & 2 deletions charts/podinfo/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ The following tables lists the configurable parameters of the podinfo chart and
| `service.grpcService` | `podinfo` | gPRC service name |
| `service.nodePort` | `31198` | NodePort for the HTTP endpoint |
| `h2c.enabled` | `false` | Allow upgrading to h2c (non-TLS version of HTTP/2) |
| `extraEnvs` | `[]` | Extra environment variables for the podinfo container |
| `extraEnvs` | `[]` | Extra environment variables for the podinfo container |
| `config.path` | `""` | config file path |
| `config.name` | `""` | config file name |
| `extraArgs` | `[]` | Additional command line arguments to pass to podinfo container |
Expand All @@ -92,12 +92,13 @@ The following tables lists the configurable parameters of the podinfo chart and
| `serviceAccount.name` | `None` | The name of the service account to use, if not set and create is true, a name is generated using the fullname template |
| `serviceAccount.imagePullSecrets` | `[]` | List of image pull secrets if pulling from private registries. |
| `securityContext` | `{}` | The security context to be set on the podinfo container |
| `podSecurityContext` | `{}` | The security context to be set on the pod |
| `linkerd.profile.enabled` | `false` | Create Linkerd service profile |
| `serviceMonitor.enabled` | `false` | Whether a Prometheus Operator service monitor should be created |
| `serviceMonitor.interval` | `15s` | Prometheus scraping interval |
| `serviceMonitor.additionalLabels` | `{}` | Add additional labels to the service monitor |
| `ingress.enabled` | `false` | Enables Ingress |
| `ingress.className ` | `""` | Use ingressClassName |
| `ingress.className` | `""` | Use ingressClassName |
| `ingress.additionalLabels` | `{}` | Add additional labels to the ingress |
| `ingress.annotations` | `{}` | Ingress annotations |
| `ingress.hosts` | `[]` | Ingress accepted hosts |
Expand Down
4 changes: 4 additions & 0 deletions charts/podinfo/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,10 @@ spec:
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- with .Values.podSecurityContext }}
securityContext:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
Expand Down
3 changes: 3 additions & 0 deletions charts/podinfo/values-prod.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,9 @@ serviceAccount:
# set container security context
securityContext: {}

# set pod security context
podSecurityContext: {}

ingress:
enabled: false
className: ""
Expand Down
3 changes: 3 additions & 0 deletions charts/podinfo/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,9 @@ serviceAccount:
# set container security context
securityContext: {}

# set pod security context
podSecurityContext: {}

ingress:
enabled: false
className: ""
Expand Down

0 comments on commit b99bf8c

Please sign in to comment.