Skip to content

Commit 721c924

Browse files
pawan-59pawan-59
authored
Job Cronjob security context (#1331)
* added security context in CronJob manifest * added security context in Job manifest * added security context in test_values * added security context in app_values
1 parent 5496b0d commit 721c924

File tree

4 files changed

+42
-0
lines changed

4 files changed

+42
-0
lines changed

scripts/devtron-reference-helm-charts/cronjob-chart_1-2-0/app-values.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -237,3 +237,11 @@ envoyproxy:
237237
imagePullSecrets: []
238238
# - test1
239239
# - test2
240+
241+
containerSecurityContext:
242+
allowPrivilegeEscalation: false
243+
244+
podSecurityContext: {}
245+
# runAsUser: 1000
246+
# runAsGroup: 3000
247+
# fsGroup: 2000

scripts/devtron-reference-helm-charts/cronjob-chart_1-2-0/templates/Cronjob.yaml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,10 @@ spec:
8787
tolerations:
8888
{{- toYaml .Values.tolerations | nindent 12 }}
8989
{{- end }}
90+
{{- if $.Values.podSecurityContext }}
91+
securityContext:
92+
{{ toYaml .Values.podSecurityContext | indent 12 }}
93+
{{- end }}
9094
{{- if $.Values.imagePullSecrets}}
9195
imagePullSecrets:
9296
{{- range .Values.imagePullSecrets }}
@@ -149,6 +153,15 @@ spec:
149153
securityContext:
150154
privileged: true
151155
{{- end}}
156+
{{- if $.Values.containerSecurityContext }}
157+
securityContext:
158+
{{ toYaml .Values.containerSecurityContext | indent 16 }}
159+
{{- end }}
160+
{{- if and $.Values.containerSecurityContext $.Values.privileged }}
161+
securityContext:
162+
privileged: true
163+
{{ toYaml .Values.containerSecurityContext | indent 16 }}
164+
{{- end }}
152165
ports:
153166
{{- range $.Values.ContainerPort }}
154167
- name: {{ .name}}

scripts/devtron-reference-helm-charts/cronjob-chart_1-2-0/templates/job.yaml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,10 @@ spec:
8282
tolerations:
8383
{{ toYaml .Values.tolerations | indent 8 }}
8484
{{- end }}
85+
{{- if $.Values.podSecurityContext }}
86+
securityContext:
87+
{{ toYaml .Values.podSecurityContext | indent 8 }}
88+
{{- end }}
8589
{{- if $.Values.imagePullSecrets}}
8690
imagePullSecrets:
8791
{{- range .Values.imagePullSecrets }}
@@ -144,6 +148,15 @@ spec:
144148
securityContext:
145149
privileged: true
146150
{{- end}}
151+
{{- if $.Values.containerSecurityContext }}
152+
securityContext:
153+
{{ toYaml .Values.containerSecurityContext | indent 12 }}
154+
{{- end }}
155+
{{- if and $.Values.containerSecurityContext $.Values.privileged }}
156+
securityContext:
157+
privileged: true
158+
{{ toYaml .Values.containerSecurityContext | indent 12 }}
159+
{{- end }}
147160
ports:
148161
{{- range $.Values.ContainerPort }}
149162
- name: {{ .name}}

scripts/devtron-reference-helm-charts/cronjob-chart_1-2-0/test_values.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -423,3 +423,11 @@ podAnnotations:
423423

424424
podLabels:
425425
severity: critical
426+
427+
containerSecurityContext:
428+
allowPrivilegeEscalation: false
429+
430+
podSecurityContext: {}
431+
# runAsUser: 1000
432+
# runAsGroup: 3000
433+
# fsGroup: 2000

0 commit comments

Comments
 (0)