Skip to content

Commit

Permalink
[bitnami/redis] fix: 🐛 Set seLinuxOptions to {} (#24555)
Browse files Browse the repository at this point in the history 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
  • Loading branch information
@javsalgar
javsalgar committed Mar 20, 2024
1 parent dc93455 commit 392851d
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 11 deletions.
2 changes: 1 addition & 1 deletion bitnami/redis/Chart.yaml
View file
Expand Up @@ -36,4 +36,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis
version: 19.0.0
version: 19.0.1
10 changes: 5 additions & 5 deletions bitnami/redis/README.md
View file
Expand Up @@ -532,7 +532,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `master.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `master.podSecurityContext.fsGroup` | Set Redis&reg; master pod's Security Context fsGroup | `1001` |
| `master.containerSecurityContext.enabled` | Enabled Redis&reg; master containers' Security Context | `true` |
| `master.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `master.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `master.containerSecurityContext.runAsUser` | Set Redis&reg; master containers' Security Context runAsUser | `1001` |
| `master.containerSecurityContext.runAsGroup` | Set Redis&reg; master containers' Security Context runAsGroup | `1001` |
| `master.containerSecurityContext.runAsNonRoot` | Set Redis&reg; master containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -652,7 +652,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `replica.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `replica.podSecurityContext.fsGroup` | Set Redis&reg; replicas pod's Security Context fsGroup | `1001` |
| `replica.containerSecurityContext.enabled` | Enabled Redis&reg; replicas containers' Security Context | `true` |
| `replica.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `replica.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `replica.containerSecurityContext.runAsUser` | Set Redis&reg; replicas containers' Security Context runAsUser | `1001` |
| `replica.containerSecurityContext.runAsGroup` | Set Redis&reg; replicas containers' Security Context runAsGroup | `1001` |
| `replica.containerSecurityContext.runAsNonRoot` | Set Redis&reg; replicas containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -796,7 +796,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `sentinel.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if sentinel.resources is set (sentinel.resources is recommended for production). | `nano` |
| `sentinel.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `sentinel.containerSecurityContext.enabled` | Enabled Redis&reg; Sentinel containers' Security Context | `true` |
| `sentinel.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `sentinel.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `sentinel.containerSecurityContext.runAsUser` | Set Redis&reg; Sentinel containers' Security Context runAsUser | `1001` |
| `sentinel.containerSecurityContext.runAsGroup` | Set Redis&reg; Sentinel containers' Security Context runAsGroup | `1001` |
| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis&reg; Sentinel containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -898,7 +898,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `metrics.extraArgs` | Extra arguments for Redis&reg; exporter, for example: | `{}` |
| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis&reg; exporter | `[]` |
| `metrics.containerSecurityContext.enabled` | Enabled Redis&reg; exporter containers' Security Context | `true` |
| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `metrics.containerSecurityContext.runAsUser` | Set Redis&reg; exporter containers' Security Context runAsUser | `1001` |
| `metrics.containerSecurityContext.runAsGroup` | Set Redis&reg; exporter containers' Security Context runAsGroup | `1001` |
| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis&reg; exporter containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -965,7 +965,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` |
| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
| `kubectl.image.registry` | Kubectl image registry | `REGISTRY_NAME` |
| `kubectl.image.repository` | Kubectl image repository | `REPOSITORY_NAME/kubectl` |
Expand Down
10 changes: 5 additions & 5 deletions bitnami/redis/values.yaml
View file
Expand Up @@ -315,7 +315,7 @@ master:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -777,7 +777,7 @@ replica:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -1332,7 +1332,7 @@ sentinel:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -1708,7 +1708,7 @@ metrics:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -2015,7 +2015,7 @@ volumePermissions:
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
##
containerSecurityContext:
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 0

## Kubectl InitContainer
Expand Down

0 comments on commit 392851d

Please sign in to comment.