[bitnami/mediawiki] feat: ✨ Add support for PSA restricted policy

Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
2026-03-06 23:47:48 +08:00 · 2023-10-27 12:03:32 +02:00
parent 6a6051ebc3
commit 4210cfa620
3 changed files with 20 additions and 8 deletions
--- a/bitnami/mediawiki/Chart.lock
+++ b/bitnami/mediawiki/Chart.lock
@@ -1,9 +1,9 @@
 dependencies:
 - name: mariadb
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 14.0.1
+  version: 14.1.0
 - name: common
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 2.13.2
-digest: sha256:c314e0a70f16a40021a3d1b66194d128025951f37a9a53bea531a38daae93e89
-generated: "2023-10-10T18:39:38.237637475+02:00"
+  version: 2.13.3
+digest: sha256:1f8deb27dd9691c12d0755e2c6cf8e1859584e7422500289f99ed840d5a66c07
+generated: "2023-10-27T12:00:18.173228926+02:00"
--- a/bitnami/mediawiki/Chart.yaml
+++ b/bitnami/mediawiki/Chart.yaml
@@ -39,4 +39,4 @@ maintainers:
 name: mediawiki
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/mediawiki
-version: 17.1.0
+version: 17.2.0
--- a/bitnami/mediawiki/values.yaml
+++ b/bitnami/mediawiki/values.yaml
@@ -171,14 +171,26 @@ podSecurityContext:
  fsGroup: 1001
 ## Mediawiki containers' SecurityContext
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
-## @param containerSecurityContext.enabled Enable Mediawiki containers' SecurityContext
-## @param containerSecurityContext.runAsUser User ID to run Mediawiki containers
-## @param containerSecurityContext.runAsNonRoot Set Mediawiki container's Security Context runAsNonRoot
+## @param containerSecurityContext.enabled Enabled containers' Security Context
+## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
+## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
+## @param containerSecurityContext.privileged Set container's Security Context privileged
+## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
+## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
+## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
+## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
 ##
 containerSecurityContext:
  enabled: true
  runAsUser: 1001
  runAsNonRoot: true
+  privileged: false
+  readOnlyRootFilesystem: false
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop: ["ALL"]
+  seccompProfile:
+    type: "RuntimeDefault"
 ## Mediawiki resource requests and limits
 ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
 ## We usually recommend not to specify default resources and to leave this as a conscious