DevFW-CICD/argocd-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(argo-cd): Sync redis / redis-ha readOnlyRootFilesystem from upstream (#2294)

Browse source 
Signed-off-by: Marco Maurer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Marco Maurer (-Kilchhofer) 2023-10-12 11:50:51 +02:00 committed by GitHub
parent 37069f92c9
commit 052454f233
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
charts/argo-cd/values.yaml
View file

@ -1279,6 +1279,7 @@ redis:
# -- Redis container-level security context
# @default -- See [values.yaml]
containerSecurityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop:
@ -1416,8 +1417,13 @@ redis-ha:
additionalAffinities: {}
# -- Assign custom [affinity] rules to the haproxy pods.
affinity: |
# -- [Tolerations] for use with node taints for haproxy pods.
tolerations: []
# -- HAProxy container-level security context
# @default -- See [values.yaml]
containerSecurityContext:
readOnlyRootFilesystem: true
# -- Whether the Redis server pods should be forced to run on separate nodes.
hardAntiAffinity: true
@ -1445,6 +1451,10 @@ redis-ha:
# -- Enforcement policy, hard or soft
# @default -- `""` (defaults to `ScheduleAnyway`)
whenUnsatisfiable: ""
# -- Redis HA statefulset container-level security context
# @default -- See [values.yaml]
containerSecurityContext:
readOnlyRootFilesystem: true
# External Redis parameters
externalRedis: