From 0518a5129a1b3a23e8a524f241386949da1b024b Mon Sep 17 00:00:00 2001 From: Remi PLANEL <rplanel@pasteur.fr> Date: Thu, 10 Apr 2025 16:42:00 +0200 Subject: [PATCH] configure security context for db --- charts/supabase/values.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/charts/supabase/values.yaml b/charts/supabase/values.yaml index feeab94..5eddc13 100644 --- a/charts/supabase/values.yaml +++ b/charts/supabase/values.yaml @@ -107,15 +107,17 @@ db: # If not set and create is true, a name is generated using the fullname template name: "" podAnnotations: {} - podSecurityContext: {} - # fsGroup: 2000 - securityContext: {} + podSecurityContext: + enabled: true + fsGroup: 106 + runAsNonRoot: true + securityContext: # capabilities: # drop: # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + enabled: true + runAsUser: 105 + runAsNonRoot: true service: type: ClusterIP port: 5432 -- GitLab