From fe17af1df85543219d72233ee061b9cdefe48258 Mon Sep 17 00:00:00 2001
From: Zach Leslie <zach.leslie@grafana.com>
Date: Fri, 15 Mar 2024 15:06:37 +0000
Subject: [PATCH] Drop securityContext since the chown handles the permissions

---
 operations/jsonnet-compiled/StatefulSet-ingester.yaml          | 2 --
 operations/jsonnet-compiled/StatefulSet-metrics-generator.yaml | 2 --
 operations/jsonnet/microservices/generator.libsonnet           | 1 -
 operations/jsonnet/microservices/ingester.libsonnet            | 1 -
 4 files changed, 6 deletions(-)

diff --git a/operations/jsonnet-compiled/StatefulSet-ingester.yaml b/operations/jsonnet-compiled/StatefulSet-ingester.yaml
index 6208238a7df..34af8914364 100644
--- a/operations/jsonnet-compiled/StatefulSet-ingester.yaml
+++ b/operations/jsonnet-compiled/StatefulSet-ingester.yaml
@@ -58,8 +58,6 @@ spec:
           name: ingester-data
         - mountPath: /overrides
           name: overrides
-      securityContext:
-        fsGroup: 10001
       terminationGracePeriodSeconds: 1200
       volumes:
       - configMap:
diff --git a/operations/jsonnet-compiled/StatefulSet-metrics-generator.yaml b/operations/jsonnet-compiled/StatefulSet-metrics-generator.yaml
index a0fce5374dc..009b2f5e45d 100644
--- a/operations/jsonnet-compiled/StatefulSet-metrics-generator.yaml
+++ b/operations/jsonnet-compiled/StatefulSet-metrics-generator.yaml
@@ -60,8 +60,6 @@ spec:
           name: metrics-generator-data
         - mountPath: /overrides
           name: overrides
-      securityContext:
-        fsGroup: 10001
       volumes:
       - configMap:
           name: tempo-metrics-generator
diff --git a/operations/jsonnet/microservices/generator.libsonnet b/operations/jsonnet/microservices/generator.libsonnet
index 9d1a0d5cf25..ccbb08cf959 100644
--- a/operations/jsonnet/microservices/generator.libsonnet
+++ b/operations/jsonnet/microservices/generator.libsonnet
@@ -92,7 +92,6 @@
     ]) +
     statefulset.mixin.spec.withPodManagementPolicy('Parallel') +
     $.util.podPriority('high') +
-    statefulset.mixin.spec.template.spec.securityContext.withFsGroup(10001) +  // 10001 is the group ID assigned to Tempo in the Dockerfile
     (if with_anti_affinity then $.util.antiAffinity else {}),
 
   tempo_metrics_generator_statefulset: $.newGeneratorStatefulSet(target_name, self.tempo_metrics_generator_container) + statefulset.mixin.spec.withReplicas($._config.metrics_generator.replicas),
diff --git a/operations/jsonnet/microservices/ingester.libsonnet b/operations/jsonnet/microservices/ingester.libsonnet
index c92ad7aef2f..658d1788418 100644
--- a/operations/jsonnet/microservices/ingester.libsonnet
+++ b/operations/jsonnet/microservices/ingester.libsonnet
@@ -69,7 +69,6 @@
     ]) +
     statefulset.mixin.spec.withPodManagementPolicy('Parallel') +
     statefulset.mixin.spec.template.spec.withTerminationGracePeriodSeconds(1200) +
-    statefulset.mixin.spec.template.spec.securityContext.withFsGroup(10001) +  // 10001 is the group ID assigned to Tempo in the Dockerfile
     $.util.podPriority('high') +
     (if with_anti_affinity then $.util.antiAffinity else {})
   ,