Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow securityContext and podSecurityContext to be configurable via helm parameters #4942

Closed
vepatel opened this issue Jan 18, 2024 · 1 comment · Fixed by #5084
Closed

Allow securityContext and podSecurityContext to be configurable via helm parameters #4942

vepatel opened this issue Jan 18, 2024 · 1 comment · Fixed by #5084
Assignees
@vepatel
Labels
backlog Pull requests/issues that are backlog items proposal An issue that proposes a feature request
Milestone
v3.5.0

Comments

@vepatel
Copy link
Contributor

vepatel commented Jan 18, 2024
edited by oseoin
Loading

Expose the securityContext resource to be fully configured via helm. Currently we use this approach to expose the resources configuration of the pod. This will mean changing the securityContext fields in the deployment and daemonset from being hardcoded to being a toYaml representation of the values file, e.g:

securityContext:
          {{- toYaml .Values.controller.securityContext | nindent 10 }}

and we can reference the securityContext and podSecurityContext schemas in our values schema.

This seems to be a common approach in other charts and allows the user full control over the resource, which still allowing us to deliver our current default values. As we do this it also makes sense to expose the podSecurityContext in the same way even though we do not currently use it.
@vepatel vepatel added the proposal An issue that proposes a feature request label Jan 18, 2024
@vepatel vepatel added the backlog Pull requests/issues that are backlog items label Jan 18, 2024
@vepatel vepatel moved this from Todo ☑ to Prioritized Backlog in NGINX Ingress Controller Jan 18, 2024
@github-actions GitHub Actions
Copy link

Hi @vepatel thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this 🙂

Cheers!

@oseoin oseoin changed the title Allow allowPrivilegeEscalation to be configurable via helm parameters Allow securityContext and podSecurityContext to be configurable via helm parameters Jan 19, 2024
@danielnginx danielnginx moved this from Prioritized Backlog to Todo ☑ in NGINX Ingress Controller Jan 24, 2024
@vepatel vepatel moved this from Todo ☑ to In Progress 🛠 in NGINX Ingress Controller Feb 8, 2024
@vepatel vepatel linked a pull request Feb 13, 2024 that will close this issue
Allow securityContext and podSecurityContext to be configurable via helm parameters #5084
Merged
6 tasks
@vepatel vepatel moved this from In Progress 🛠 to In Review 👀 in NGINX Ingress Controller Feb 13, 2024
@vepatel vepatel added this to the v3.5.0 milestone Feb 13, 2024
@github-project-automation github-project-automation bot moved this from In Review 👀 to Done 🚀 in NGINX Ingress Controller Feb 19, 2024
@shaun-nx shaun-nx mentioned this issue Mar 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vepatel vepatel

Labels
backlog Pull requests/issues that are backlog items proposal An issue that proposes a feature request
Projects
NGINX Ingress Controller
Archived in project
Milestone
v3.5.0
1 participant
@vepatel