diff --git a/console/helm/templates/deployment.yaml b/console/helm/templates/deployment.yaml index 0f7420e5..8ecfc73c 100644 --- a/console/helm/templates/deployment.yaml +++ b/console/helm/templates/deployment.yaml @@ -37,8 +37,12 @@ spec: {{- if .Values.image.pullSecrets }} {{- toYaml .Values.image.pullSecrets | nindent 6 }} {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: polaris-console + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: diff --git a/console/helm/values.yaml b/console/helm/values.yaml index 9bf24e4b..9b1d0c4d 100644 --- a/console/helm/values.yaml +++ b/console/helm/values.yaml @@ -43,6 +43,13 @@ resources: cpu: 250m memory: 256Mi +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + runAsUser: 10000 + runAsGroup: 10001 + ingress: enabled: false className: ""