Update security context to allow frontend pod to start (#6)

Reviewed-on: #6 Reviewed-by: Yurii Vlasov <yuriy@vlasov.pro> Co-authored-by: r1cebank <siyuangao@pm.me> Co-committed-by: r1cebank <siyuangao@pm.me>
2023-05-04 21:39:43 +00:00 · 2023-05-04 21:39:43 +00:00 · f9b22567c9
parent 1e81af0512
commit f9b22567c9
3 changed files with 7 additions and 5 deletions
--- a/Chart.yaml
+++ b/Chart.yaml
@ -10,7 +10,7 @@ description: |-
  the high alpine areas of the Andes and a relative of the llama.
 annotations:
  category: TaskTracker
-version: 0.1.3
+version: 0.1.4
 appVersion: 0.20.4
 kubeVersion: ">= 1.19"
 dependencies:
--- a/README.md
+++ b/README.md
@ -61,7 +61,7 @@ api:
  config:
    database:
      # Use PostgreSQL database anyway
-      type: postgresql
+      type: postgres
  envFrom:
  # Bind env variables from the secret
  - name: VIKUNJA_DATABASE_USER
--- a/values.yaml
+++ b/values.yaml
@ -39,12 +39,14 @@ frontend:
    # fsGroup: 1000

  securityContext:
+    allowPrivilegeEscalation: false
+    runAsUser: 101 # nginx
    capabilities:
      drop:
      - ALL
-    # readOnlyRootFilesystem: true
-    # runAsNonRoot: true
-    # runAsUser: 1000
+      add:
+      - NET_BIND_SERVICE
+

  service:
    type: ClusterIP