[solr-operator] branch release-0.5 updated: Move runAsNonRoot to container securityContext in Operator chart. (#395)

Fri, 11 Feb 2022 12:47:06 -0800 

This is an automated email from the ASF dual-hosted git repository.

houston pushed a commit to branch release-0.5
in repository https://gitbox.apache.org/repos/asf/solr-operator.git


The following commit(s) were added to refs/heads/release-0.5 by this push:
     new 5048b07  Move runAsNonRoot to container securityContext in Operator 
chart. (#395)
5048b07 is described below

commit 5048b071d0b79488a9ed64cb9c0ae3f3ae307946
Author: Houston Putman <[email protected]>
AuthorDate: Wed Jan 19 10:43:13 2022 -0500

    Move runAsNonRoot to container securityContext in Operator chart. (#395)
---
 config/manager/manager.yaml                  |  3 +--
 helm/solr-operator/Chart.yaml                | 11 ++++-------
 helm/solr-operator/templates/deployment.yaml |  3 +--
 3 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index 5cfc3b9..3e85306 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -37,8 +37,6 @@ spec:
       labels:
         control-plane: solr-operator
     spec:
-      securityContext:
-        runAsNonRoot: true
       containers:
       - args:
         - --leader-elect
@@ -47,6 +45,7 @@ spec:
         name: solr-operator
         securityContext:
           allowPrivilegeEscalation: false
+          runAsNonRoot: true
         livenessProbe:
           httpGet:
             path: /healthz
diff --git a/helm/solr-operator/Chart.yaml b/helm/solr-operator/Chart.yaml
index 9f9d9af..7287b4d 100644
--- a/helm/solr-operator/Chart.yaml
+++ b/helm/solr-operator/Chart.yaml
@@ -54,16 +54,13 @@ annotations:
   # Add change log for a single release here.
   # Allowed syntax is described at: 
https://artifacthub.io/docs/topics/annotations/helm/#example
   artifacthub.io/changes: |
-    - kind: added
-      description: Addition 1
+    - kind: fixed
+      description: Solr Operator helm chart now sets runAsNonRoot only on the 
solr operator container. Sidecars can run as root.
       links:
         - name: Github Issue
-          url: https://github.com/issue-url
-    - kind: changed
-      description: Change 2
-      links:
+          url: https://github.com/apache/solr-operator/issues/389
         - name: Github PR
-          url: https://github.com/pr-url
+          url: https://github.com/apache/solr-operator/pull/395
   artifacthub.io/images: |
     - name: solr-operator
       image: apache/solr-operator:v0.5.1-prerelease
diff --git a/helm/solr-operator/templates/deployment.yaml 
b/helm/solr-operator/templates/deployment.yaml
index 777d62b..5df86ee 100644
--- a/helm/solr-operator/templates/deployment.yaml
+++ b/helm/solr-operator/templates/deployment.yaml
@@ -37,8 +37,6 @@ spec:
         {{ toYaml .Values.labels | nindent 8 }}
         {{- end }}
     spec:
-      securityContext:
-        runAsNonRoot: true
       serviceAccountName: {{ include "solr-operator.serviceAccountName" . }}
       {{- if .Values.priorityClassName }}
       priorityClassName: {{ .Values.priorityClassName }}
@@ -92,6 +90,7 @@ spec:
 
         securityContext:
           allowPrivilegeEscalation: false
+          runAsNonRoot: true
         livenessProbe:
           httpGet:
             path: /healthz

Reply via email to