[SECURITY] sidecar security context config

[isaaccarrington]

Containers in my Kubenernetes environment must not run as root and need runAsUser set for the security context.
e.g
securityContext: runAsUser: 1000

Is this possible? Can it be made possible?

[lkysow]

Hi, is this specifically for the injected sidecars when using service mesh?

[isaaccarrington]

Hey @lkysow, yeah that is exactly it

[isaaccarrington]

I have Consul Connect version 1.8.4 and k8s version 0.18.1
The error message is
Normal Pulled 23s (x3 over 25s) kubelet, #######.co.nz Successfully pulled image "docker.artifactory2.#######.co.nz/consul:1.8.4" Warning Failed 23s (x3 over 25s) kubelet, #########.co.nz Error: container has runAsNonRoot and image will run as root

[isaaccarrington]

I've updated the container securitycontexts and actually got this working. I'll rework it so that it is configurable via helm and has a default, then submit a PR

[isaaccarrington]

Sorry I havn't forgotten. Hopefully get around to the PR this side of Christmas

[david-yu]

Closing as this is addressed via #493