diff --git a/bitnami/memcached/templates/deployment.yaml b/bitnami/memcached/templates/deployment.yaml index ddcd9512dc..d450e01225 100644 --- a/bitnami/memcached/templates/deployment.yaml +++ b/bitnami/memcached/templates/deployment.yaml @@ -68,6 +68,10 @@ spec: {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} + {{- if .Values.securityContext.enabled }} + securityContext: + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + {{- end }} {{- if .Values.metrics.enabled }} - name: metrics image: {{ template "memcached.metrics.image" . }} diff --git a/bitnami/memcached/templates/statefulset.yaml b/bitnami/memcached/templates/statefulset.yaml index 317a4e9643..19f76e0fd3 100644 --- a/bitnami/memcached/templates/statefulset.yaml +++ b/bitnami/memcached/templates/statefulset.yaml @@ -72,6 +72,10 @@ spec: {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} + {{- if .Values.securityContext.enabled }} + securityContext: + readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }} + {{- end }} {{- if .Values.persistence.enabled }} volumeMounts: - name: pv-data diff --git a/bitnami/memcached/values-production.yaml b/bitnami/memcached/values-production.yaml index 4b0ab2ac62..3df2631047 100644 --- a/bitnami/memcached/values-production.yaml +++ b/bitnami/memcached/values-production.yaml @@ -98,6 +98,7 @@ securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 + readOnlyRootFilesystem: true ## Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ diff --git a/bitnami/memcached/values.yaml b/bitnami/memcached/values.yaml index 02382fc99e..9744105a79 100644 --- a/bitnami/memcached/values.yaml +++ b/bitnami/memcached/values.yaml @@ -98,6 +98,7 @@ securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 + readOnlyRootFilesystem: true ## Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/