securityContext is in values.yaml but not in deployment.yaml

[mgiles-sfdc]

Hello, this is similar to issue #23 an option that is documented in the values.yaml (lines 42-48) file but is not included in the deployment.yaml template file.

I have forked this repo and made some modifications to the template to add this capabiliy and tested it with an uncommented values file. The tests consisted of modifiying the deployment.yaml file and uncommenting the securityContext entries in the values.yaml file so that the seurityContext values were applied to the running pod.

I will add the PR from the fork and some additional info to the comments here so that you can evaluate and decide if it is good to implement it. Thanks!

[mrgiles]

Tests results:

kubectl -n default get pods cloudhealth-collector -o yaml
apiVersion: v1
kind: Pod
...
spec:
  containers:
...
    name: cloudhealth-collector
    resources:
      limits:
        cpu: "1"
        memory: 1Gi
      requests:
        cpu: 500m
        memory: 512Mi
    securityContext:
      capabilities:
        drop:
        - ALL
      readOnlyRootFilesystem: true
      runAsNonRoot: true
      runAsUser: 1000
...
    volumeMounts:
    - mountPath: /tmp
      name: tmpfs
...

[gm-cht]

Being addressed in PR https://github.com/CloudHealth/helm/pull/52

[mrgiles]

Looks great Govind. Thank you!

[gm-cht]

Added support for securityContext (pod & container) in latest Helm chart as of 06/17/2022. Version: 1.1.3