Skip to content

Commit c50e69a

Browse files
ask-42ask-42
authored
Merge pull request #69 from checkr/add-security-context
Update helm chart generation
2 parents d6367a5 + 2a13e54 commit c50e69a

File tree

2 files changed

+15
-0
lines changed

2 files changed

+15
-0
lines changed

.github/workflows/main.js.yml

+4
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,10 @@ jobs:
1111
runs-on: ubuntu-latest
1212
steps:
1313
- uses: actions/checkout@v3
14+
- name: Use Node.js
15+
uses: actions/setup-node@v3
16+
with:
17+
node-version: 16.x
1418
- run: yarn setup
1519
- run: yarn lint:js
1620
- run: yarn lint:style

bin/generate_chart.sh

+11
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,17 @@ printf " alias: $CHART_ALIAS\n" >> .gitops/helm/oauth-reference-integration/Cha
1313
printf "microservice:\n" > .gitops/helm/oauth-reference-integration/sandbox_us.yaml
1414
printf " environment: sandbox\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
1515
printf " nameOverride: oauth-reference-integration\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
16+
printf " deploymentDefaults:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
17+
printf " containerSecurityContext:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
18+
printf " allowPrivilegeEscalation: false\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
19+
printf " capabilities:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
20+
printf " drop:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
21+
printf " - ALL\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
22+
printf " securityContext:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
23+
printf " runAsUser: 1001\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
24+
printf " runAsGroup: 1001\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
25+
printf " fsGroup: 1001\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
26+
printf " runAsNonRoot: true\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
1627
printf " podDefaults:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
1728
printf " env:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml
1829
printf " sandbox:\n" >> .gitops/helm/oauth-reference-integration/sandbox_us.yaml

0 commit comments

Comments
 (0)