Add fsGroup value to admission-webhooks/job-patch charts (#8267)

* added fsGroup to admission createSecret and patchWebhook job

* added fsGroup to admission createSecret and patchWebhook job

* modified helm/README.md to add value for fsGroup

* fixed patch job values ordering

* remove manually edited README for replacement with helm-docs generated version

* re-adding charts/README.md generated by helm-docs
This commit is contained in:
dylan-bitovi 2022-02-28 10:10:57 -05:00 committed by GitHub
parent bab0fbab0c
commit 4ecb3520c8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 4 additions and 0 deletions

View file

@ -250,6 +250,7 @@ Kubernetes: `>=1.19.0-0`
| controller.admissionWebhooks.namespaceSelector | object | `{}` | |
| controller.admissionWebhooks.objectSelector | object | `{}` | |
| controller.admissionWebhooks.patch.enabled | bool | `true` | |
| controller.admissionWebhooks.patch.fsGroup | int | `2000` | |
| controller.admissionWebhooks.patch.image.digest | string | `"sha256:64d8c73dca984af206adf9d6d7e46aa550362b1d7a01f3a0a91b20cc67868660"` | |
| controller.admissionWebhooks.patch.image.image | string | `"ingress-nginx/kube-webhook-certgen"` | |
| controller.admissionWebhooks.patch.image.pullPolicy | string | `"IfNotPresent"` | |

View file

@ -72,4 +72,5 @@ spec:
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.controller.admissionWebhooks.patch.runAsUser }}
fsGroup: {{ .Values.controller.admissionWebhooks.patch.fsGroup }}
{{- end }}

View file

@ -74,4 +74,5 @@ spec:
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.controller.admissionWebhooks.patch.runAsUser }}
fsGroup: {{ .Values.controller.admissionWebhooks.patch.fsGroup }}
{{- end }}

View file

@ -641,6 +641,7 @@ controller:
# -- Labels to be added to patch job resources
labels: {}
runAsUser: 2000
fsGroup: 2000
metrics:
port: 10254