From abcd61717ff91c1f3b3d547be2bcd2d2c5a61db3 Mon Sep 17 00:00:00 2001
From: Sergey <41047934+1Psy@users.noreply.github.com>
Date: Wed, 21 Apr 2021 18:45:05 +0300
Subject: [PATCH] feat(argocd-notifications): Add securityContext (#644)

Signed-off-by: 1Psy <41047934+1Psy@users.noreply.github.com>
---
 charts/argocd-notifications/Chart.yaml                | 2 +-
 charts/argocd-notifications/templates/deployment.yaml | 8 ++++++--
 charts/argocd-notifications/values.yaml               | 7 +++++++
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/charts/argocd-notifications/Chart.yaml b/charts/argocd-notifications/Chart.yaml
index 2d1ada91..881c18ae 100644
--- a/charts/argocd-notifications/Chart.yaml
+++ b/charts/argocd-notifications/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: 1.1.1
 description: A Helm chart for ArgoCD notifications, an add-on to ArgoCD.
 name: argocd-notifications
 type: application
-version: 1.1.1
+version: 1.1.2
 home: https://github.com/argoproj/argo-helm
 icon: https://raw.githubusercontent.com/argoproj/argo/master/docs/assets/argo.png
 keywords:
diff --git a/charts/argocd-notifications/templates/deployment.yaml b/charts/argocd-notifications/templates/deployment.yaml
index bc6948d3..0e18f698 100644
--- a/charts/argocd-notifications/templates/deployment.yaml
+++ b/charts/argocd-notifications/templates/deployment.yaml
@@ -26,8 +26,9 @@ spec:
         {{- toYaml . | nindent 8 }}
     {{- end }}
       serviceAccountName: {{ include "argocd-notifications.serviceAccountName" . }}
-      securityContext:
-        runAsNonRoot: true
+      {{- if .Values.securityContext }}
+      securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
+      {{- end }}
       containers:
         - name: {{ include "argocd-notifications.name" . }}-controller
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@@ -51,6 +52,9 @@ spec:
             name: metrics
             protocol: TCP
           {{- end }}
+          {{- if .Values.containerSecurityContext }}
+          securityContext: {{- toYaml .Values.containerSecurityContext | nindent 12 }}
+          {{- end }}
           {{- with .Values.extraEnv }}
           env: {{ toYaml . | nindent 12 }}
           {{- end }}
diff --git a/charts/argocd-notifications/values.yaml b/charts/argocd-notifications/values.yaml
index 35cce8df..0a27e643 100644
--- a/charts/argocd-notifications/values.yaml
+++ b/charts/argocd-notifications/values.yaml
@@ -65,6 +65,13 @@ notifiers:
 
 podAnnotations: {}
 
+## Pod Security Context
+securityContext:
+  runAsNonRoot: true
+
+## Container Security Context
+containerSecurityContext: {}
+
 resources: {}
   # limits:
   #   cpu: 100m