diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml index 7df75155..eefa6aab 100644 --- a/charts/jaeger/Chart.yaml +++ b/charts/jaeger/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v1 appVersion: 1.16.0 description: A Jaeger Helm chart for Kubernetes name: jaeger -version: 0.19.0 +version: 0.19.1 keywords: - jaeger - opentracing diff --git a/charts/jaeger/README.md b/charts/jaeger/README.md index 4cd73d24..6960b724 100644 --- a/charts/jaeger/README.md +++ b/charts/jaeger/README.md @@ -185,6 +185,8 @@ The following table lists the configurable parameters of the Jaeger chart and th | `.nodeSelector` | Node selector | {} | | `.tolerations` | Node tolerations | [] | | `.podSecurityContext` | Pod security context | {} | +| `.securityContext` | Container security context | {} | | `agent.annotations` | Annotations for Agent | `nil` | | `agent.cmdlineParams` |Additional command line parameters| `nil` | | `agent.dnsPolicy` | Configure DNS policy for agents | `ClusterFirst` | diff --git a/charts/jaeger/templates/agent-ds.yaml b/charts/jaeger/templates/agent-ds.yaml index 01138886..615c8735 100644 --- a/charts/jaeger/templates/agent-ds.yaml +++ b/charts/jaeger/templates/agent-ds.yaml @@ -28,6 +28,8 @@ spec: {{ toYaml .Values.agent.podLabels | indent 8 }} {{- end }} spec: + securityContext: +{{ toYaml .Values.agent.podSecurityContext | indent 8 }} {{- if .Values.agent.useHostNetwork }} hostNetwork: true {{- end }} @@ -35,6 +37,8 @@ spec: serviceAccountName: {{ template "jaeger.agent.serviceAccountName" . }} containers: - name: {{ template "jaeger.agent.name" . }} + securityContext: +{{ toYaml .Values.agent.securityContext | indent 10 }} image: {{ .Values.agent.image }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.agent.pullPolicy }} env: diff --git a/charts/jaeger/templates/collector-deploy.yaml b/charts/jaeger/templates/collector-deploy.yaml index 60c21dda..3b72890b 100644 --- a/charts/jaeger/templates/collector-deploy.yaml +++ b/charts/jaeger/templates/collector-deploy.yaml @@ -34,9 +34,13 @@ spec: {{ toYaml .Values.collector.podLabels | indent 8 }} {{- end }} spec: + securityContext: +{{ toYaml .Values.collector.podSecurityContext | indent 8 }} serviceAccountName: {{ template "jaeger.collector.serviceAccountName" . }} containers: - name: {{ template "jaeger.collector.name" . }} + securityContext: +{{ toYaml .Values.collector.securityContext | indent 10 }} image: {{ .Values.collector.image }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.collector.pullPolicy }} env: diff --git a/charts/jaeger/templates/hotrod-deploy.yaml b/charts/jaeger/templates/hotrod-deploy.yaml index c2102b1d..74c3fb39 100644 --- a/charts/jaeger/templates/hotrod-deploy.yaml +++ b/charts/jaeger/templates/hotrod-deploy.yaml @@ -18,9 +18,13 @@ spec: {{- include "jaeger.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: hotrod spec: + securityContext: +{{ toYaml .Values.hotrod.podSecurityContext | indent 8 }} serviceAccountName: {{ template "jaeger.hotrod.serviceAccountName" . }} containers: - name: {{ include "jaeger.fullname" . }}-hotrod + securityContext: +{{ toYaml .Values.hotrod.securityContext | indent 12 }} image: {{ .Values.hotrod.image.repository }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.hotrod.image.pullPolicy }} env: diff --git a/charts/jaeger/templates/ingester-deploy.yaml b/charts/jaeger/templates/ingester-deploy.yaml index fbf3d37a..7ef5b975 100644 --- a/charts/jaeger/templates/ingester-deploy.yaml +++ b/charts/jaeger/templates/ingester-deploy.yaml @@ -33,6 +33,8 @@ spec: {{ toYaml .Values.ingester.podLabels | indent 8 }} {{- end }} spec: + securityContext: +{{ toYaml .Values.ingester.podSecurityContext | indent 8 }} nodeSelector: {{ toYaml .Values.ingester.nodeSelector | indent 8 }} {{- if .Values.ingester.tolerations }} @@ -41,6 +43,8 @@ spec: {{- end }} containers: - name: {{ include "jaeger.fullname" . }}-ingester + securityContext: +{{ toYaml .Values.ingester.securityContext | indent 10 }} image: {{ .Values.ingester.image }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.ingester.pullPolicy }} env: diff --git a/charts/jaeger/templates/query-deploy.yaml b/charts/jaeger/templates/query-deploy.yaml index 04597abd..4d67f44e 100644 --- a/charts/jaeger/templates/query-deploy.yaml +++ b/charts/jaeger/templates/query-deploy.yaml @@ -31,9 +31,13 @@ spec: {{ toYaml .Values.query.podLabels | indent 8 }} {{- end }} spec: + securityContext: +{{ toYaml .Values.query.podSecurityContext | indent 8 }} serviceAccountName: {{ template "jaeger.query.serviceAccountName" . }} containers: - name: {{ template "jaeger.query.name" . }} + securityContext: +{{ toYaml .Values.query.securityContext | indent 10 }} image: {{ .Values.query.image }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.query.pullPolicy }} env: @@ -134,6 +138,8 @@ spec: port: admin {{- if .Values.query.agentSidecar.enabled }} - name: {{ template "jaeger.agent.name" . }}-sidecar + securityContext: +{{ toYaml .Values.query.securityContext | indent 10 }} image: {{ .Values.agent.image }}:{{ .Values.tag }} imagePullPolicy: {{ .Values.agent.pullPolicy }} env: diff --git a/charts/jaeger/values.yaml b/charts/jaeger/values.yaml index 3803d470..d730c77e 100644 --- a/charts/jaeger/values.yaml +++ b/charts/jaeger/values.yaml @@ -100,6 +100,8 @@ elasticsearch: {} ingester: enabled: false + podSecurityContext: {} + securityContext: {} annotations: {} image: jaegertracing/jaeger-ingester pullPolicy: IfNotPresent @@ -138,6 +140,8 @@ ingester: extraConfigmapMounts: [] agent: + podSecurityContext: {} + securityContext: {} enabled: true annotations: {} image: jaegertracing/jaeger-agent @@ -191,6 +195,8 @@ agent: dnsPolicy: ClusterFirst collector: + podSecurityContext: {} + securityContext: {} enabled: true annotations: {} image: jaegertracing/jaeger-collector @@ -279,6 +285,8 @@ collector: query: enabled: true + podSecurityContext: {} + securityContext: {} agentSidecar: enabled: true annotations: {} @@ -360,6 +368,8 @@ spark: hotrod: enabled: false + podSecurityContext: {} + securityContext: {} replicaCount: 1 image: repository: jaegertracing/example-hotrod