From f9b22567c91cc906f8e8432bf388e39b1163d9f9 Mon Sep 17 00:00:00 2001 From: r1cebank Date: Thu, 4 May 2023 21:39:43 +0000 Subject: [PATCH 1/4] Update security context to allow frontend pod to start (#6) Reviewed-on: https://kolaente.dev/vikunja/helm-chart/pulls/6 Reviewed-by: Yurii Vlasov Co-authored-by: r1cebank Co-committed-by: r1cebank --- Chart.yaml | 2 +- README.md | 2 +- values.yaml | 8 +++++--- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index d14227e..35491a9 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -10,7 +10,7 @@ description: |- the high alpine areas of the Andes and a relative of the llama. annotations: category: TaskTracker -version: 0.1.3 +version: 0.1.4 appVersion: 0.20.4 kubeVersion: ">= 1.19" dependencies: diff --git a/README.md b/README.md index 9d12274..62446bf 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ api: config: database: # Use PostgreSQL database anyway - type: postgresql + type: postgres envFrom: # Bind env variables from the secret - name: VIKUNJA_DATABASE_USER diff --git a/values.yaml b/values.yaml index b8c1d5d..01f286d 100644 --- a/values.yaml +++ b/values.yaml @@ -39,12 +39,14 @@ frontend: # fsGroup: 1000 securityContext: + allowPrivilegeEscalation: false + runAsUser: 101 # nginx capabilities: drop: - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + add: + - NET_BIND_SERVICE + service: type: ClusterIP From 3d7e2a357414dd7b98c8ce566356960781f2984f Mon Sep 17 00:00:00 2001 From: kolaente Date: Mon, 3 Jul 2023 20:55:28 +0200 Subject: [PATCH 2/4] fix(ci): use correct path to packaged helm repo --- .drone.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone.yml b/.drone.yml index ebc5272..136d980 100644 --- a/.drone.yml +++ b/.drone.yml @@ -42,9 +42,9 @@ steps: commands: - helm dependency update - helm package . - - curl --user "frederick:$HELM_PASSWORD" -X POST --upload-file './.tgz' https://kolaente.dev/api/packages/vikunja/helm/api/charts + - curl --user "frederick:$HELM_PASSWORD" -X POST --upload-file vikunja-*.tgz https://kolaente.dev/api/packages/vikunja/helm/api/charts --- kind: signature -hmac: 6255e5bec10e3e6eeaf92a8b523e04e03a191c13822b829d3361a861c9845fce +hmac: 993135e828384d9938343750ed3164c2ae702b87118d28b74ae3e1f522403f61 ... From c00cf65dcf5591a3eacc8c2053e19b7f10796a7a Mon Sep 17 00:00:00 2001 From: kolaente Date: Fri, 7 Jul 2023 17:41:38 +0200 Subject: [PATCH 3/4] chore: update appVersion for last release --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 35491a9..e8f25f5 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -11,7 +11,7 @@ description: |- annotations: category: TaskTracker version: 0.1.4 -appVersion: 0.20.4 +appVersion: 0.21.0 kubeVersion: ">= 1.19" dependencies: - name: redis From b361d79bb2708393db493787c32f1aafc72f7052 Mon Sep 17 00:00:00 2001 From: kolaente Date: Fri, 7 Jul 2023 17:42:57 +0200 Subject: [PATCH 4/4] chore: increase chart version --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index e8f25f5..d4fe188 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -10,7 +10,7 @@ description: |- the high alpine areas of the Andes and a relative of the llama. annotations: category: TaskTracker -version: 0.1.4 +version: 0.2.0 appVersion: 0.21.0 kubeVersion: ">= 1.19" dependencies: