Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-04-01 06:47:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/argo-cd] feat: 🔒 Add readOnlyRootFilesystem support (#23875)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-02-23 17:26:30 +01:00
committed by GitHub
parent b60af0d57f
commit e577a7d2a9
10 changed files with 78 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bitnami/argo-cd/README.md
View File

@@ -122,6 +122,7 @@ The command removes all the Kubernetes components associated with the chart and
| `controller.containerSecurityContext.enabled` | Enabled Argo CD containers' Security Context | `true` |
| `controller.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `controller.containerSecurityContext.runAsUser` | Set Argo CD containers' Security Context runAsUser | `1001` |
| `controller.containerSecurityContext.runAsGroup` | Set Argo CD containers' Security Context runAsGroup | `0` |
| `controller.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD containers' Security Context allowPrivilegeEscalation | `false` |
| `controller.containerSecurityContext.capabilities.drop` | Set Argo CD containers' Security Context capabilities to be dropped | `["ALL"]` |
| `controller.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD containers' Security Context readOnlyRootFilesystem | `false` |
@@ -287,6 +288,7 @@ The command removes all the Kubernetes components associated with the chart and
| `applicationSet.containerSecurityContext.enabled` | Enabled Argo CD applicationSet controller containers' Security Context | `true` |
| `applicationSet.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `applicationSet.containerSecurityContext.runAsUser` | Set Argo CD applicationSet controller containers' Security Context runAsUser | `1001` |
| `applicationSet.containerSecurityContext.runAsGroup` | Set Argo CD applicationSet controller containers' Security Context runAsGroup | `0` |
| `applicationSet.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD applicationSet controller containers' Security Context allowPrivilegeEscalation | `false` |
| `applicationSet.containerSecurityContext.capabilities.drop` | Set Argo CD applicationSet controller containers' Security Context capabilities to be dropped | `["ALL"]` |
| `applicationSet.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD applicationSet controller containers' Security Context readOnlyRootFilesystem | `false` |
@@ -400,6 +402,7 @@ The command removes all the Kubernetes components associated with the chart and
| `notifications.containerSecurityContext.enabled` | Enabled Argo CD notifications controller containers' Security Context | `true` |
| `notifications.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `notifications.containerSecurityContext.runAsUser` | Set Argo CD notifications controller containers' Security Context runAsUser | `1001` |
| `notifications.containerSecurityContext.runAsGroup` | Set Argo CD notifications controller containers' Security Context runAsGroup | `0` |
| `notifications.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD notifications controller containers' Security Context allowPrivilegeEscalation | `false` |
| `notifications.containerSecurityContext.capabilities.drop` | Set Argo CD notifications controller containers' Security Context capabilities to be dropped | `["ALL"]` |
| `notifications.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD notifications controller containers' Security Context readOnlyRootFilesystem | `false` |
@@ -513,6 +516,7 @@ The command removes all the Kubernetes components associated with the chart and
| `notifications.bots.slack.containerSecurityContext.enabled` | Enabled Argo CD Slack bot containers' Security Context | `true` |
| `notifications.bots.slack.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `notifications.bots.slack.containerSecurityContext.runAsUser` | Set Argo CD Slack bot containers' Security Context runAsUser | `1001` |
| `notifications.bots.slack.containerSecurityContext.runAsGroup` | Set Argo CD Slack bot containers' Security Context runAsGroup | `0` |
| `notifications.bots.slack.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD Slack bot containers' Security Context allowPrivilegeEscalation | `false` |
| `notifications.bots.slack.containerSecurityContext.capabilities.drop` | Set Argo CD Slack bot containers' Security Context capabilities to be dropped | `["ALL"]` |
| `notifications.bots.slack.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD Slack bot containers' Security Context readOnlyRootFilesystem | `false` |
@@ -571,6 +575,7 @@ The command removes all the Kubernetes components associated with the chart and
| `server.containerSecurityContext.enabled` | Enabled Argo CD server containers' Security Context | `true` |
| `server.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `server.containerSecurityContext.runAsUser` | Set Argo CD server containers' Security Context runAsUser | `1001` |
| `server.containerSecurityContext.runAsGroup` | Set Argo CD server containers' Security Context runAsGroup | `0` |
| `server.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD server containers' Security Context allowPrivilegeEscalation | `false` |
| `server.containerSecurityContext.capabilities.drop` | Set Argo CD containers' server Security Context capabilities to be dropped | `["ALL"]` |
| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD containers' server Security Context readOnlyRootFilesystem | `false` |
@@ -730,6 +735,7 @@ The command removes all the Kubernetes components associated with the chart and
| `repoServer.containerSecurityContext.enabled` | Enabled Argo CD repo server containers' Security Context | `true` |
| `repoServer.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `repoServer.containerSecurityContext.runAsUser` | Set Argo CD repo server containers' Security Context runAsUser | `1001` |
| `repoServer.containerSecurityContext.runAsGroup` | Set Argo CD repo server containers' Security Context runAsGroup | `0` |
| `repoServer.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD repo server containers' Security Context allowPrivilegeEscalation | `false` |
| `repoServer.containerSecurityContext.capabilities.drop` | Set Argo CD containers' repo server Security Context capabilities to be dropped | `["ALL"]` |
| `repoServer.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD containers' repo server Security Context readOnlyRootFilesystem | `false` |
@@ -861,6 +867,7 @@ The command removes all the Kubernetes components associated with the chart and
| `dex.containerSecurityContext.enabled` | Enabled Dex containers' Security Context | `true` |
| `dex.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `dex.containerSecurityContext.runAsUser` | Set Dex containers' Security Context runAsUser | `1001` |
| `dex.containerSecurityContext.runAsGroup` | Set Dex containers' Security Context runAsGroup | `0` |
| `dex.containerSecurityContext.allowPrivilegeEscalation` | Set Dex containers' Security Context allowPrivilegeEscalation | `false` |
| `dex.containerSecurityContext.readOnlyRootFilesystem` | Set Dex containers' server Security Context readOnlyRootFilesystem | `false` |
| `dex.containerSecurityContext.runAsNonRoot` | Set Dex containers' Security Context runAsNonRoot | `true` |
@@ -1014,6 +1021,7 @@ The command removes all the Kubernetes components associated with the chart and
| `redisWait.containerSecurityContext.enabled` | Enabled Argo CD repo server containers' Security Context | `true` |
| `redisWait.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `redisWait.containerSecurityContext.runAsUser` | Set Argo CD repo server containers' Security Context runAsUser | `1001` |
| `redisWait.containerSecurityContext.runAsGroup` | Set Argo CD repo server containers' Security Context runAsGroup | `0` |
| `redisWait.containerSecurityContext.allowPrivilegeEscalation` | Set Argo CD repo server containers' Security Context allowPrivilegeEscalation | `false` |
| `redisWait.containerSecurityContext.capabilities.drop` | Set Argo CD containers' repo server Security Context capabilities to be dropped | `["ALL"]` |
| `redisWait.containerSecurityContext.readOnlyRootFilesystem` | Set Argo CD containers' repo server Security Context readOnlyRootFilesystem | `false` |