From 051e83343186d7ea88f22e74361c585ff0d5206a Mon Sep 17 00:00:00 2001
From: SeanOMik <seanomik@gmail.com>
Date: Thu, 1 Jun 2023 22:54:02 -0400
Subject: [PATCH] add pod security context's to some pods in default ns

---
 cluster/apps/default/fireflyiii/helm-release.yaml | 7 +++++++
 cluster/apps/default/msrewards/helm-release.yaml  | 9 ++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/cluster/apps/default/fireflyiii/helm-release.yaml b/cluster/apps/default/fireflyiii/helm-release.yaml
index c4ab2b2c..cbf22c91 100644
--- a/cluster/apps/default/fireflyiii/helm-release.yaml
+++ b/cluster/apps/default/fireflyiii/helm-release.yaml
@@ -57,6 +57,13 @@ spec:
         size: 8Gi
         mountPath: /var/www/html/storage/upload
 
+    podSecurityContext:
+      runAsNonRoot: true
+      runAsUser: 10000
+      runAsGroup: 10000
+      fsGroup: 10000
+      fsGroupChangePolicy: OnRootMismatch
+
 #    resources:
 #      requests:
 #        cpu: 1m
diff --git a/cluster/apps/default/msrewards/helm-release.yaml b/cluster/apps/default/msrewards/helm-release.yaml
index 7151c896..a0b4e186 100644
--- a/cluster/apps/default/msrewards/helm-release.yaml
+++ b/cluster/apps/default/msrewards/helm-release.yaml
@@ -25,4 +25,11 @@ spec:
 
     service:
       main:
-        enabled: false
\ No newline at end of file
+        enabled: false
+
+    podSecurityContext:
+      runAsNonRoot: true
+      runAsUser: 10000
+      runAsGroup: 10000
+      fsGroup: 10000
+      fsGroupChangePolicy: OnRootMismatch
\ No newline at end of file