Skip to content

Commit 93d3abf

Browse files
urfreespaceurfreespace
committed
update
Signed-off-by: lili <lli@streamnative.io>
1 parent d639027 commit 93d3abf

File tree

4 files changed

+14
-0
lines changed

4 files changed

+14
-0
lines changed

charts/sn-platform-slim/templates/proxy/_proxy.tpl

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,11 +48,13 @@ Define proxy certs volumes
4848
secret:
4949
{{- if and .Values.certs.public_issuer.enabled (eq .Values.certs.public_issuer.type "acme") }}
5050
secretName: {{ .Values.certs.lets_encrypt.ca_ref.secretName }}
51+
defaultMode: 0400
5152
items:
5253
- key: {{ .Values.certs.lets_encrypt.ca_ref.keyName }}
5354
path: ca.crt
5455
{{- else }}
5556
secretName: "{{ template "pulsar.tls.ca.secret.name" . }}"
57+
defaultMode: 0400
5658
items:
5759
- key: ca.crt
5860
path: ca.crt
@@ -61,6 +63,7 @@ Define proxy certs volumes
6163
- name: proxy-certs
6264
secret:
6365
secretName: "{{ template "pulsar.proxy.tls.secret.name" . }}"
66+
defaultMode: 0400
6467
items:
6568
- key: tls.crt
6669
path: tls.crt
@@ -71,6 +74,7 @@ Define proxy certs volumes
7174
- name: broker-ca
7275
secret:
7376
secretName: "{{ template "pulsar.tls.ca.secret.name" . }}"
77+
defaultMode: 0400
7478
items:
7579
- key: ca.crt
7680
path: ca.crt

charts/sn-platform-slim/values.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1609,6 +1609,9 @@ proxy:
16091609
annotations: {}
16101610
securityContext:
16111611
runAsNonRoot: true
1612+
runAsUser: 10000
1613+
runAsGroup: 10000
1614+
fsGroup: 10000
16121615
tolerations: []
16131616
gracePeriod: 30
16141617
resources:

charts/sn-platform/templates/proxy/_proxy.tpl

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,11 +48,13 @@ Define proxy certs volumes
4848
secret:
4949
{{- if and .Values.certs.public_issuer.enabled (eq .Values.certs.public_issuer.type "acme") }}
5050
secretName: {{ .Values.certs.lets_encrypt.ca_ref.secretName }}
51+
defaultMode: 0400
5152
items:
5253
- key: {{ .Values.certs.lets_encrypt.ca_ref.keyName }}
5354
path: ca.crt
5455
{{- else }}
5556
secretName: "{{ template "pulsar.tls.ca.secret.name" . }}"
57+
defaultMode: 0400
5658
items:
5759
- key: ca.crt
5860
path: ca.crt
@@ -61,6 +63,7 @@ Define proxy certs volumes
6163
- name: proxy-certs
6264
secret:
6365
secretName: "{{ template "pulsar.proxy.tls.secret.name" . }}"
66+
defaultMode: 0400
6467
items:
6568
- key: tls.crt
6669
path: tls.crt
@@ -71,6 +74,7 @@ Define proxy certs volumes
7174
- name: broker-ca
7275
secret:
7376
secretName: "{{ template "pulsar.tls.ca.secret.name" . }}"
77+
defaultMode: 0400
7478
items:
7579
- key: ca.crt
7680
path: ca.crt

charts/sn-platform/values.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1685,6 +1685,9 @@ proxy:
16851685
annotations: {}
16861686
securityContext:
16871687
runAsNonRoot: true
1688+
runAsUser: 10000
1689+
runAsGroup: 10000
1690+
fsGroup: 10000
16881691
tolerations: []
16891692
gracePeriod: 30
16901693
resources:

0 commit comments

Comments
 (0)