From aedab1318888f3ebff12a3ff7f41d861f2543251 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20J=2E=20Salmer=C3=B3n-Garc=C3=ADa?= Date: Thu, 25 Jan 2024 10:13:58 +0100 Subject: [PATCH] [bitnami/redmine] fix: :bug: Set seLinuxOptions to null for Openshift compatibility (#22655) Signed-off-by: Javier Salmeron Garcia --- bitnami/redmine/Chart.yaml | 2 +- bitnami/redmine/README.md | 6 +++--- bitnami/redmine/values.yaml | 12 ++++++------ 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/bitnami/redmine/Chart.yaml b/bitnami/redmine/Chart.yaml index 3eb93148bc..efaea52f4b 100644 --- a/bitnami/redmine/Chart.yaml +++ b/bitnami/redmine/Chart.yaml @@ -43,4 +43,4 @@ maintainers: name: redmine sources: - https://github.com/bitnami/charts/tree/main/bitnami/redmine -version: 26.3.0 +version: 26.3.1 diff --git a/bitnami/redmine/README.md b/bitnami/redmine/README.md index b5d41d3166..ed6c2781a7 100644 --- a/bitnami/redmine/README.md +++ b/bitnami/redmine/README.md @@ -133,7 +133,7 @@ helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine --set databa | `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | | `podSecurityContext.fsGroup` | Set Redmine pod's Security Context fsGroup | `0` | | `containerSecurityContext.enabled` | Enabled Redmine containers' Security Context | `true` | -| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | | `containerSecurityContext.runAsUser` | Set Redmine container's Security Context runAsUser | `0` | | `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | | `livenessProbe.enabled` | Enable livenessProbe on Redmine containers | `true` | @@ -230,7 +230,7 @@ helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine --set databa | `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | | `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | | `volumePermissions.containerSecurityContext.enabled` | Enable init container's Security Context | `true` | -| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | | `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### RBAC Parameters @@ -320,7 +320,7 @@ helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine --set databa | `mailReceiver.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | | `mailReceiver.podSecurityContext.fsGroup` | Set Redmine pod's Security Context fsGroup | `1001` | | `mailReceiver.containerSecurityContext.enabled` | mailReceiver Container securityContext | `false` | -| `mailReceiver.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | +| `mailReceiver.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | | `mailReceiver.containerSecurityContext.runAsUser` | User ID for the mailReceiver container | `1001` | | `mailReceiver.containerSecurityContext.runAsNonRoot` | Whether to run the mailReceiver container as a non-root user | `true` | | `mailReceiver.podAnnotations` | Additional pod annotations | `{}` | diff --git a/bitnami/redmine/values.yaml b/bitnami/redmine/values.yaml index 0dd6b8d95a..6718a307c1 100644 --- a/bitnami/redmine/values.yaml +++ b/bitnami/redmine/values.yaml @@ -203,13 +203,13 @@ podSecurityContext: ## Configure Container Security Context (only main container) ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param containerSecurityContext.enabled Enabled Redmine containers' Security Context -## @param containerSecurityContext.seLinuxOptions Set SELinux options in container +## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container ## @param containerSecurityContext.runAsUser Set Redmine container's Security Context runAsUser ## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## containerSecurityContext: enabled: true - seLinuxOptions: {} + seLinuxOptions: null runAsUser: 0 seccompProfile: type: "RuntimeDefault" @@ -599,12 +599,12 @@ volumePermissions: ## Init container Container Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param volumePermissions.containerSecurityContext.enabled Enable init container's Security Context - ## @param volumePermissions.containerSecurityContext.seLinuxOptions Set SELinux options in container + ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container ## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser ## containerSecurityContext: enabled: true - seLinuxOptions: {} + seLinuxOptions: null runAsUser: 0 ## @section RBAC Parameters @@ -834,13 +834,13 @@ mailReceiver: ## @param ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param mailReceiver.containerSecurityContext.enabled mailReceiver Container securityContext - ## @param mailReceiver.containerSecurityContext.seLinuxOptions Set SELinux options in container + ## @param mailReceiver.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container ## @param mailReceiver.containerSecurityContext.runAsUser User ID for the mailReceiver container ## @param mailReceiver.containerSecurityContext.runAsNonRoot Whether to run the mailReceiver container as a non-root user ## containerSecurityContext: enabled: false - seLinuxOptions: {} + seLinuxOptions: null runAsUser: 1001 runAsNonRoot: true ## @param mailReceiver.podAnnotations Additional pod annotations