From a8bdf3027ce899fd3ba3cbceed99be1a73ae227d Mon Sep 17 00:00:00 2001
From: Rajshekar Reddy <reddymh@gmail.com>
Date: Wed, 1 Feb 2023 09:57:16 +0530
Subject: [PATCH] added comment for root file system flag and updated the key
 names for tls certificates

Signed-off-by: Rajshekar Reddy <reddymh@gmail.com>
---
 charts/argo-workflows/values.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml
index ac269000..0bef7bda 100644
--- a/charts/argo-workflows/values.yaml
+++ b/charts/argo-workflows/values.yaml
@@ -109,12 +109,14 @@ controller:
     servicePortName: metrics
   # -- the controller container's securityContext
   securityContext:
-    readOnlyRootFilesystem: false
+    readOnlyRootFilesystem: true
     runAsNonRoot: true
     allowPrivilegeEscalation: false
     capabilities:
       drop:
         - ALL
+  # # readOnlyRootFilesystem should be false SSL when using postgres 
+  #  readOnlyRootFilesystem: false
   # -- enable persistence using postgres
   persistence: {}
   # connectionPool:
@@ -141,10 +143,10 @@ controller:
   #   caCertSecret:
   #     name: argo-postgres-tls
   #     key: ca.crt
-  #   serverCertSecret:
+  #   clientCertSecret:
   #     name: argo-postgres-tls
   #     key: tls.crt
-  #   serverKeySecret:
+  #   clientKeySecret:
   #     name: argo-postgres-tls
   #     key: tls.key
   # # default path to store postgres certificates if certPath is not defined: /home/argo/pgcerts