diff --git a/bitnami/flux/Chart.yaml b/bitnami/flux/Chart.yaml index aa04b4de37..f5a6f743da 100644 --- a/bitnami/flux/Chart.yaml +++ b/bitnami/flux/Chart.yaml @@ -43,4 +43,4 @@ maintainers: name: flux sources: - https://github.com/bitnami/charts/tree/main/bitnami/flux -version: 1.9.0 +version: 1.10.0 diff --git a/bitnami/flux/README.md b/bitnami/flux/README.md index d319c53463..cd9e93b6cf 100644 --- a/bitnami/flux/README.md +++ b/bitnami/flux/README.md @@ -132,7 +132,8 @@ The command removes all the Kubernetes components associated with the chart and | `kustomizeController.podSecurityContext.fsGroup` | Set Kustomize Controller pod's Security Context fsGroup | `1001` | | `kustomizeController.containerSecurityContext.enabled` | Enabled Kustomize Controller containers' Security Context | `true` | | `kustomizeController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `kustomizeController.containerSecurityContext.runAsUser` | Set Kustomize Controller containers' Security Context runAsUser | `1001` | +| `kustomizeController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `kustomizeController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `kustomizeController.containerSecurityContext.runAsNonRoot` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | | `kustomizeController.containerSecurityContext.privileged` | Set Kustomize Controller containers' Security Context privileged | `false` | | `kustomizeController.containerSecurityContext.readOnlyRootFilesystem` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | @@ -268,7 +269,8 @@ The command removes all the Kubernetes components associated with the chart and | `helmController.podSecurityContext.fsGroup` | Set Helm Controller pod's Security Context fsGroup | `1001` | | `helmController.containerSecurityContext.enabled` | Enabled Helm Controller containers' Security Context | `true` | | `helmController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `helmController.containerSecurityContext.runAsUser` | Set Helm Controller containers' Security Context runAsUser | `1001` | +| `helmController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `helmController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `helmController.containerSecurityContext.runAsNonRoot` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | | `helmController.containerSecurityContext.privileged` | Set Helm Controller containers' Security Context privileged | `false` | | `helmController.containerSecurityContext.readOnlyRootFilesystem` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | @@ -405,7 +407,8 @@ The command removes all the Kubernetes components associated with the chart and | `sourceController.podSecurityContext.fsGroup` | Set Source Controller pod's Security Context fsGroup | `1001` | | `sourceController.containerSecurityContext.enabled` | Enabled Source Controller containers' Security Context | `true` | | `sourceController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `sourceController.containerSecurityContext.runAsUser` | Set Source Controller containers' Security Context runAsUser | `1001` | +| `sourceController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `sourceController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `sourceController.containerSecurityContext.runAsNonRoot` | Set Source Controller containers' Security Context runAsNonRoot | `true` | | `sourceController.containerSecurityContext.privileged` | Set Source Controller containers' Security Context privileged | `false` | | `sourceController.containerSecurityContext.readOnlyRootFilesystem` | Set Source Controller containers' Security Context runAsNonRoot | `true` | @@ -572,7 +575,8 @@ The command removes all the Kubernetes components associated with the chart and | `notificationController.podSecurityContext.fsGroup` | Set Notification Controller pod's Security Context fsGroup | `1001` | | `notificationController.containerSecurityContext.enabled` | Enabled Notification Controller containers' Security Context | `true` | | `notificationController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `notificationController.containerSecurityContext.runAsUser` | Set Notification Controller containers' Security Context runAsUser | `1001` | +| `notificationController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `notificationController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `notificationController.containerSecurityContext.runAsNonRoot` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | | `notificationController.containerSecurityContext.readOnlyRootFilesystem` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | | `notificationController.containerSecurityContext.privileged` | Set Notification Controller containers' Security Context privileged | `false` | @@ -708,7 +712,8 @@ The command removes all the Kubernetes components associated with the chart and | `imageAutomationController.podSecurityContext.fsGroup` | Set Image Automation Controller pod's Security Context fsGroup | `1001` | | `imageAutomationController.containerSecurityContext.enabled` | Enabled Image Automation Controller containers' Security Context | `true` | | `imageAutomationController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `imageAutomationController.containerSecurityContext.runAsUser` | Set Image Automation Controller containers' Security Context runAsUser | `1001` | +| `imageAutomationController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `imageAutomationController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `imageAutomationController.containerSecurityContext.runAsNonRoot` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | | `imageAutomationController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | | `imageAutomationController.containerSecurityContext.privileged` | Set Image Automation Controller containers' Security Context privileged | `false` | @@ -844,7 +849,8 @@ The command removes all the Kubernetes components associated with the chart and | `imageReflectorController.podSecurityContext.fsGroup` | Set Image Reflector Controller pod's Security Context fsGroup | `1001` | | `imageReflectorController.containerSecurityContext.enabled` | Enabled Image Reflector Controller containers' Security Context | `true` | | `imageReflectorController.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `imageReflectorController.containerSecurityContext.runAsUser` | Set Image Reflector Controller containers' Security Context runAsUser | `1001` | +| `imageReflectorController.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `imageReflectorController.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | | `imageReflectorController.containerSecurityContext.runAsNonRoot` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | | `imageReflectorController.containerSecurityContext.privileged` | Set Image Reflector Controller containers' Security Context privileged | `false` | | `imageReflectorController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | diff --git a/bitnami/flux/values.yaml b/bitnami/flux/values.yaml index 7842f4179c..4439a2f12c 100644 --- a/bitnami/flux/values.yaml +++ b/bitnami/flux/values.yaml @@ -267,7 +267,8 @@ kustomizeController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param kustomizeController.containerSecurityContext.enabled Enabled Kustomize Controller containers' Security Context ## @param kustomizeController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param kustomizeController.containerSecurityContext.runAsUser Set Kustomize Controller containers' Security Context runAsUser + ## @param kustomizeController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param kustomizeController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param kustomizeController.containerSecurityContext.runAsNonRoot Set Kustomize Controller containers' Security Context runAsNonRoot ## @param kustomizeController.containerSecurityContext.privileged Set Kustomize Controller containers' Security Context privileged ## @param kustomizeController.containerSecurityContext.readOnlyRootFilesystem Set Kustomize Controller containers' Security Context runAsNonRoot @@ -279,6 +280,7 @@ kustomizeController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true privileged: false readOnlyRootFilesystem: true @@ -780,7 +782,8 @@ helmController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param helmController.containerSecurityContext.enabled Enabled Helm Controller containers' Security Context ## @param helmController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param helmController.containerSecurityContext.runAsUser Set Helm Controller containers' Security Context runAsUser + ## @param helmController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param helmController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param helmController.containerSecurityContext.runAsNonRoot Set Helm Controller containers' Security Context runAsNonRoot ## @param helmController.containerSecurityContext.privileged Set Helm Controller containers' Security Context privileged ## @param helmController.containerSecurityContext.readOnlyRootFilesystem Set Helm Controller containers' Security Context runAsNonRoot @@ -792,6 +795,7 @@ helmController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true privileged: false readOnlyRootFilesystem: true @@ -1295,7 +1299,8 @@ sourceController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param sourceController.containerSecurityContext.enabled Enabled Source Controller containers' Security Context ## @param sourceController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param sourceController.containerSecurityContext.runAsUser Set Source Controller containers' Security Context runAsUser + ## @param sourceController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param sourceController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param sourceController.containerSecurityContext.runAsNonRoot Set Source Controller containers' Security Context runAsNonRoot ## @param sourceController.containerSecurityContext.privileged Set Source Controller containers' Security Context privileged ## @param sourceController.containerSecurityContext.readOnlyRootFilesystem Set Source Controller containers' Security Context runAsNonRoot @@ -1307,6 +1312,7 @@ sourceController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true readOnlyRootFilesystem: true privileged: false @@ -1905,7 +1911,8 @@ notificationController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param notificationController.containerSecurityContext.enabled Enabled Notification Controller containers' Security Context ## @param notificationController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param notificationController.containerSecurityContext.runAsUser Set Notification Controller containers' Security Context runAsUser + ## @param notificationController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param notificationController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param notificationController.containerSecurityContext.runAsNonRoot Set Notification Controller containers' Security Context runAsNonRoot ## @param notificationController.containerSecurityContext.readOnlyRootFilesystem Set Notification Controller containers' Security Context runAsNonRoot ## @param notificationController.containerSecurityContext.privileged Set Notification Controller containers' Security Context privileged @@ -1917,6 +1924,7 @@ notificationController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true privileged: false readOnlyRootFilesystem: true @@ -2418,7 +2426,8 @@ imageAutomationController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param imageAutomationController.containerSecurityContext.enabled Enabled Image Automation Controller containers' Security Context ## @param imageAutomationController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param imageAutomationController.containerSecurityContext.runAsUser Set Image Automation Controller containers' Security Context runAsUser + ## @param imageAutomationController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param imageAutomationController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param imageAutomationController.containerSecurityContext.runAsNonRoot Set Image Automation Controller containers' Security Context runAsNonRoot ## @param imageAutomationController.containerSecurityContext.readOnlyRootFilesystem Set Image Automation Controller containers' Security Context runAsNonRoot ## @param imageAutomationController.containerSecurityContext.privileged Set Image Automation Controller containers' Security Context privileged @@ -2430,6 +2439,7 @@ imageAutomationController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true readOnlyRootFilesystem: true privileged: false @@ -2931,7 +2941,8 @@ imageReflectorController: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param imageReflectorController.containerSecurityContext.enabled Enabled Image Reflector Controller containers' Security Context ## @param imageReflectorController.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param imageReflectorController.containerSecurityContext.runAsUser Set Image Reflector Controller containers' Security Context runAsUser + ## @param imageReflectorController.containerSecurityContext.runAsUser Set containers' Security Context runAsUser + ## @param imageReflectorController.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup ## @param imageReflectorController.containerSecurityContext.runAsNonRoot Set Image Reflector Controller containers' Security Context runAsNonRoot ## @param imageReflectorController.containerSecurityContext.privileged Set Image Reflector Controller containers' Security Context privileged ## @param imageReflectorController.containerSecurityContext.readOnlyRootFilesystem Set Image Reflector Controller containers' Security Context runAsNonRoot @@ -2943,6 +2954,7 @@ imageReflectorController: enabled: true seLinuxOptions: null runAsUser: 1001 + runAsGroup: 1001 runAsNonRoot: true privileged: false readOnlyRootFilesystem: true