DevFW-CICD/argocd-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(argo-cd): Set container security contexts (#1579)

Browse source 
Signed-off-by: Petr Drastil <petr.drastil@gmail.com>
This commit is contained in:
Petr Drastil 2022-10-30 20:12:46 +01:00 committed by GitHub
parent b249ebf2a9
commit 3d9e2f35a6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 195 additions and 139 deletions
Download patch file Download diff file Expand all files Collapse all files

27
charts/argo-cd/templates/dex/deployment.yaml
View file

@ -36,12 +36,6 @@ spec:
- name: copyutil
image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }}
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
{{- with .Values.dex.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
command:
- cp
- -n
@ -52,6 +46,10 @@ spec:
name: static-files
- mountPath: /tmp
name: dexconfig
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- with .Values.dex.initContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}
@ -64,10 +62,7 @@ spec:
args:
- rundex
{{- with .Values.dex.extraArgs }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.dex.containerSecurityContext }}
securityContext: {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
{{- toYaml . | nindent 8 }}
{{- end }}
env:
{{- with .Values.dex.env }}
@ -115,18 +110,20 @@ spec:
successThreshold: {{ .Values.dex.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.dex.readinessProbe.failureThreshold }}
{{- end }}
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
securityContext:
{{- toYaml .Values.dex.containerSecurityContext | nindent 10 }}
volumeMounts:
{{- with .Values.dex.volumeMounts }}
{{- toYaml . | nindent 8 }}
{{- end }}
- name: static-files
mountPath: /shared
- name: dexconfig
mountPath: /tmp
- name: argocd-dex-server-tls
mountPath: /tls
{{- with .Values.dex.volumeMounts }}
{{- toYaml . | nindent 8 }}
{{- end }}
resources:
{{- toYaml .Values.dex.resources | nindent 10 }}
{{- with .Values.dex.extraContainers }}
{{- toYaml . | nindent 6 }}
{{- end }}