master-group/charts
2
0
Fork 0
mirror of https://github.com/k8s-at-home/charts.git synced 2025-02-02 23:39:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

[cryptpad] add default podSecurityContext (#1340)

Browse Source 
* cryptpad: add default podSecurityContext

As per 72dd7030c1/Dockerfile-nginx (L25), the docker image for Cryptpad will spawn the cryptpad process with a non-root user: 72dd7030c1/supervisord.conf (L26)

Such unprivileged user will not be able to write in persistence volumes, which are mounted as root. To work around this, we set the fsGroup in accordance with what supervisord already does inside the image.

* cryptpad: bump chart version
This commit is contained in:
Roberto Santalla 2021-12-30 22:27:35 +01:00 committed by GitHub
parent 1385ad29fb
commit 837a89dbd5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/incubator/cryptpad/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
appVersion: v4.12.0-nginx
description: cryptpad helm package
name: cryptpad
version: 0.1.0
version: 0.1.1
kubeVersion: ">=1.16.0-0"
keywords:
- cryptpad

3
charts/incubator/cryptpad/values.yaml
View File

@ -76,3 +76,6 @@ persistence:
mountPath: /cryptpad/data
- path: datastore
mountPath: /cryptpad/datastore
podSecurityContext:
fsGroup: 4001 # https://github.com/xwiki-labs/cryptpad-docker/blob/72dd7030c1dc1c70b5ff3f53b8451f5af19a2927/Dockerfile-nginx#L25