Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bitnami/redis] fix: 🐛 Set seLinuxOptions to {} #24555

Merged
merged 1 commit into from Mar 20, 2024
Merged

[bitnami/redis] fix: 🐛 Set seLinuxOptions to {} #24555

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion bitnami/redis/Chart.yaml
View file
Open in desktop
Expand Up @@ -36,4 +36,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis
version: 19.0.0
version: 19.0.1
10 changes: 5 additions & 5 deletions bitnami/redis/README.md
View file
Open in desktop
Expand Up @@ -532,7 +532,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `master.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `master.podSecurityContext.fsGroup` | Set Redis® master pod's Security Context fsGroup | `1001` |
| `master.containerSecurityContext.enabled` | Enabled Redis® master containers' Security Context | `true` |
| `master.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `master.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `master.containerSecurityContext.runAsUser` | Set Redis® master containers' Security Context runAsUser | `1001` |
| `master.containerSecurityContext.runAsGroup` | Set Redis® master containers' Security Context runAsGroup | `1001` |
| `master.containerSecurityContext.runAsNonRoot` | Set Redis® master containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -652,7 +652,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `replica.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `replica.podSecurityContext.fsGroup` | Set Redis® replicas pod's Security Context fsGroup | `1001` |
| `replica.containerSecurityContext.enabled` | Enabled Redis® replicas containers' Security Context | `true` |
| `replica.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `replica.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `replica.containerSecurityContext.runAsUser` | Set Redis® replicas containers' Security Context runAsUser | `1001` |
| `replica.containerSecurityContext.runAsGroup` | Set Redis® replicas containers' Security Context runAsGroup | `1001` |
| `replica.containerSecurityContext.runAsNonRoot` | Set Redis® replicas containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -796,7 +796,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `sentinel.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if sentinel.resources is set (sentinel.resources is recommended for production). | `nano` |
| `sentinel.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` |
| `sentinel.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `sentinel.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` |
| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `1001` |
| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -898,7 +898,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` |
| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` |
| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` |
| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` |
| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `1001` |
| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` |
Expand Down Expand Up @@ -965,7 +965,7 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` |
| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
| `kubectl.image.registry` | Kubectl image registry | `REGISTRY_NAME` |
| `kubectl.image.repository` | Kubectl image repository | `REPOSITORY_NAME/kubectl` |
Expand Down
10 changes: 5 additions & 5 deletions bitnami/redis/values.yaml
View file
Open in desktop
Expand Up @@ -315,7 +315,7 @@ master:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -777,7 +777,7 @@ replica:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -1332,7 +1332,7 @@ sentinel:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -1708,7 +1708,7 @@ metrics:
##
containerSecurityContext:
enabled: true
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
Expand Down Expand Up @@ -2015,7 +2015,7 @@ volumePermissions:
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
##
containerSecurityContext:
seLinuxOptions: null
seLinuxOptions: {}
runAsUser: 0

## Kubectl InitContainer
Expand Down