allowing consumer to set securityContext on authService (using origin…

…al values as default)
l7mp · Dec 1, 2024 · 7274ea8 · 7274ea8
1 parent 9b1c553
commit 7274ea8
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/helm/stunner-gateway-operator/templates/stunner-auth-service.yaml b/helm/stunner-gateway-operator/templates/stunner-auth-service.yaml
@@ -32,11 +32,9 @@ spec:
           {{- range $.Values.stunnerAuthService.deployment.container.authService.args }}
           -  {{ . }}
           {{- end }}
-          securityContext:
-            allowPrivilegeEscalation: false
-            capabilities:
-              drop:
-                - "ALL"
+          {{- with $.Values.stunnerAuthService.deployment.container.authService.securityContext }}
+          securityContext: {{- toYaml . | nindent 16 }}
+          {{- end }}
           resources: {{- toYaml .deployment.container.authService.resources | nindent 12 }}
       nodeSelector: {{- toYaml .deployment.nodeSelector | nindent 8 }}
       tolerations: {{- toYaml .deployment.tolerations | nindent 8 }}

diff --git a/helm/stunner-gateway-operator/values.yaml b/helm/stunner-gateway-operator/values.yaml
@@ -81,6 +81,11 @@ stunnerAuthService:
 #      - name: docker-registry-secret
     container:
       authService:
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+              - "ALL"
         image:
           name: docker.io/l7mp/stunner-auth-server
           pullPolicy: IfNotPresent