From e5e81fff935079bd1fc5d53f92354c1d742bc9a4 Mon Sep 17 00:00:00 2001 From: cccs-cat001 Date: Fri, 26 Jun 2026 08:36:45 -0300 Subject: [PATCH 1/2] Added security context to console deployment --- console/helm/templates/deployment.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/console/helm/templates/deployment.yaml b/console/helm/templates/deployment.yaml index 0f7420e5..8ecfc73c 100644 --- a/console/helm/templates/deployment.yaml +++ b/console/helm/templates/deployment.yaml @@ -37,8 +37,12 @@ spec: {{- if .Values.image.pullSecrets }} {{- toYaml .Values.image.pullSecrets | nindent 6 }} {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: polaris-console + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: From de988fd028700128643e3300c5594eff299d89dd Mon Sep 17 00:00:00 2001 From: cccs-cat001 Date: Fri, 26 Jun 2026 08:46:37 -0300 Subject: [PATCH 2/2] added security context default values --- console/helm/values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/console/helm/values.yaml b/console/helm/values.yaml index 9bf24e4b..9b1d0c4d 100644 --- a/console/helm/values.yaml +++ b/console/helm/values.yaml @@ -43,6 +43,13 @@ resources: cpu: 250m memory: 256Mi +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + runAsUser: 10000 + runAsGroup: 10001 + ingress: enabled: false className: ""