Added appArmor support, accessMode fix

Author: KorenP1

helm/templates/_helpers.tpl

@@ -21,5 +21,8 @@
 {{- if $securityContext.privileged }}
   {{- $securityContext = omit $securityContext "capabilities" -}}
 {{- end -}}
+{{- if not .context.Values.global.compatibility.appArmor.enabled }}
+  {{- $securityContext = omit $securityContext "appArmorProfile" -}}
+{{- end -}}
 {{- $securityContext | toYaml -}}
 {{- end -}}

helm/templates/deployment.yaml

@@ -178,6 +178,10 @@ spec:
               drop: ["ALL"]
             seccompProfile:
               type: RuntimeDefault
+            {{- if .Values.global.compatibility.appArmor.enabled }}
+            appArmorProfile:
+              type: RuntimeDefault
+            {{- end }}
             windowsOptions:
               hostProcess: false
         - name: unset-python3-cli-net-cap
@@ -208,5 +212,9 @@ spec:
               drop: ["ALL"]
             seccompProfile:
               type: RuntimeDefault
+            {{- if .Values.global.compatibility.appArmor.enabled }}
+            appArmorProfile:
+              type: RuntimeDefault
+            {{- end }}
             windowsOptions:
               hostProcess: false

helm/values.yaml

@@ -5,6 +5,8 @@ global:
   compatibility:
     openshift:
       adaptSecurityContext: auto
+    appArmor:
+      enabled: false
 
 fullname: pgadmin4
 
@@ -68,7 +70,7 @@ persistence:
   enabled: false
   size: 1Gi
   storageClass: ""
-  accessModes: ["ReadWriteMany"]
+  accessModes: ["ReadWriteOnce"]
 
 service:
   type: ClusterIP
@@ -136,5 +138,7 @@ containerSecurityContext:
     drop: ["ALL"]
   seccompProfile:
     type: RuntimeDefault
+  appArmorProfile:
+    type: RuntimeDefault
   windowsOptions:
     hostProcess: false