set database pods to run as a specific group

This commit is contained in:
SeanOMik 2023-06-01 22:14:27 -04:00
parent 8ef0113bc1
commit 2b81ac71de
3 changed files with 32 additions and 3 deletions

View File

@ -98,8 +98,8 @@ spec:
secretName: wildcard-main-tls secretName: wildcard-main-tls
podSecurityContext: podSecurityContext:
runAsUser: 1024 runAsUser: 10000
runAsGroup: 100 runAsGroup: 10000
fsGroup: 100 fsGroup: 100
fsGroupChangePolicy: "OnRootMismatch" fsGroupChangePolicy: "OnRootMismatch"

View File

@ -25,4 +25,13 @@ spec:
primary: primary:
persistence: persistence:
existingClaim: "postgresql-pv-claim" existingClaim: "postgresql-pv-claim"
containerSecurityContext:
enabled: true
runAsUser: 10000
readReplicas:
containerSecurityContext:
enabled: true
runAsUser: 10000

View File

@ -17,3 +17,23 @@ spec:
auth: auth:
existingSecret: "redis-secrets" existingSecret: "redis-secrets"
existingSecretPasswordKey: "password" existingSecretPasswordKey: "password"
master:
containerSecurityContext:
enabled: true
runAsUser: 10000
replica:
containerSecurityContext:
enabled: true
runAsUser: 10000
sentinel:
containerSecurityContext:
enabled: true
runAsUser: 10000
metrics:
containerSecurityContext:
enabled: true
runAsUser: 10000