This repository has been archived by the owner on Feb 22, 2022. It is now read-only.
[stable/mongodb-replicaset] Use security context on pod level #5055
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
cncf-cla: yes
unguiculus
force-pushed
the
feature/mongo
branch
from
fcdae25
to
ad4cde6
Compare
* Use security context on pod level, which allows us to run all containers as non-root and to get rid of the init container for changing permissions * Fix typos in readme * Fix permissions for key when auth is enabled
unguiculus
force-pushed
the
feature/mongo
branch
from
ad4cde6
to
845a533
Compare
timstoop
approved these changes
Apr 16, 2018
| @@ -45,6 +46,7 @@ spec: | |||
|
|
|||
| {{- if .Values.auth.enabled }} | |||
| cp /keydir-readonly/key.txt /data/configdb/key.txt | |||
| chmod 600 /data/configdb/key.txt | |||
There was a problem hiding this comment.
Loving this change to remove an entire initContainer!
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: timstoop, unguiculus The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
goruha
added a commit
to goruha/charts
that referenced
this pull request
Apr 19, 2018
…into rabbitmq-workload-api-fix * 'rabbitmq-workload-api-fix' of github.com:goruha/charts: (75 commits) [stable/odoo] Add carrodher as owner (helm#4856) [stable/jasperreports] Release 1.0.3 (helm#5107) Add doc about redis data only persistence (helm#4965) [sentry] add nodeSelector, affinity & tolerations (helm#4264) [stable/sonarqube] Adding support for Service annotations (helm#4060) [incubator/schema-registry] Updating GroupID, and moving to using kafka coordinator master election (helm#5019) quote boolean S3 environment variables (helm#5066) Fix graceful shutdown of brokers, more settings, version bump (helm#5082) apiVersion shouldn't be hardcoded (helm#5060) [stable/phabricator] Release 1.0.4 (helm#5068) [stable/testlink] Release 1.0.5 (helm#5050) [stable/redis] fixed a typo into NOTES (helm#5070) [etcd-operator] readiness/liveness checks for operator (helm#4609) Annotations and checksum (helm#5067) Add OWNERS file to schema-registry (helm#5054) [stable/mongodb-replicaset] Use security context on pod level (helm#5055) Typo fix in sonarqube/README.md (helm#5045) Typo fix in sonatype-nexus/README.md (helm#5042) [sonarqube] nodeSelector, affinity & tolerations. also separate resoruces for plugin pod (helm#4265) [stable/sonarqube] upgrade to LTS version (6.7.3) (helm#5029) ...
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
containers as non-root and to get rid of the init container for
changing permissions
/cc @lachie83 @foxish @timstoop