Open dj95 opened 3 months ago
Hello @dj95,
Thanks for your pull request! A Core Committer will review your pull request soon. For code contributions, you can learn more about the review process here.
Per the Mattermost Contribution Guide, we need to add you to the list of approved contributors for the Mattermost project.
Please help complete the Mattermost contribution license agreement?
Once you have signed the CLA, please comment with /check-cla
and confirm that the CLA check is green.
This is a standard procedure for many open source projects.
Please let us know if you have any questions.
We are very happy to have you join our growing community! If you're not yet a member, please consider joining our Contributors community channel to meet other contributors and discuss new opportunities with the core team.
This PR has been automatically labelled "stale" because it hasn't had recent activity. A core team member will check in on the status of the PR to help with questions. Thank you for your contribution!
Summary
Hi, this pull request introduces a configuration parameter in the
values.yaml
, that allows to configure thesecurityContext
on pod level.I've implemented this feature, as the pod level
securityContext
does not offer all parameters one can set on the container level. A few examples arerunAsNonRoot
,allowPrivilegeEscalation
,capabilities
orprivileged
. Especially when you thrive to harden the cluster it is important to restrict also the container especially withrunAsNonRoot
,allowPrivilegeEscalation
and dropping all capabilities.In case anything is missing or unclear, feel free to ask me :)
Ticket Link
Unfortunately I don't have a JIRA or ticket link, since this issue popped up while trying to harden the mattermost installation based on the helm chart.