Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

issue 2448 - Optional securityContext for cainjector and webhook char… #2449

Merged
merged 1 commit into from Dec 11, 2019
Merged

issue 2448 - Optional securityContext for cainjector and webhook char… #2449

merged 1 commit into from Dec 11, 2019
+14 −0

Conversation

nefischer
Copy link

…t deployments

Signed-off-by: Nicolas Fischer nicolas@emberspark.io

What this PR does / why we need it: allows to specify a securityContext for the cainjector and webhook pods

Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #2448

Special notes for your reviewer: n/a

Release note:

Optional `webhook.securityContext` and `cainjector.securityContext` chart parameters to specify pods security context.

issue 2448 - Optional securityContext for cainjector and webhook char…
b574c4f 
…t deployments

Signed-off-by: Nicolas Fischer <nicolas@emberspark.io>
@jetstack-bot jetstack-bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. labels Dec 10, 2019
@jetstack-bot jetstack-bot added area/deploy Indicates a PR modifies deployment configuration needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Dec 10, 2019
@jetstack-bot
Copy link
Collaborator

Hi @nefischer. Thanks for your PR.

I'm waiting for a jetstack or cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@jetstack-bot jetstack-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Dec 10, 2019
@nefischer
Copy link
Author

/assign @simonswine

@munnerz
Copy link
Member

munnerz commented Dec 10, 2019

Thanks for this 😄

/approve
/ok-to-test

@jetstack-bot jetstack-bot added ok-to-test and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Dec 10, 2019
@jetstack-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: munnerz, nefischer

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 10, 2019
@munnerz
Copy link
Member

munnerz commented Dec 11, 2019

/lgtm

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Dec 11, 2019
@jetstack-bot jetstack-bot merged commit 6544ab9 into cert-manager:master Dec 11, 2019
@jetstack-bot jetstack-bot added this to the v0.13 milestone Dec 11, 2019
@munnerz munnerz added this to Done in v0.13 Dec 17, 2019
@shaunc
Copy link

shaunc commented Dec 19, 2019

Would be great to have instructions on how to apply security context for non-helm install (kubectl, kustomize), as it doesn't seem to have made it into the manifest.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@munnerz munnerz Awaiting requested review from munnerz

Assignees

@munnerz munnerz

@simonswine simonswine

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/deploy Indicates a PR modifies deployment configuration dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. lgtm Indicates that a PR is ready to be merged. ok-to-test release-note Denotes a PR that will be considered when it comes time to generate release notes. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
No open projects
v0.13
  
Done
Milestone
v0.13
Development

Successfully merging this pull request may close these issues.

Optional securityContext for cainjector and webhook chart deployments
5 participants
@nefischer @jetstack-bot @munnerz @shaunc @simonswine