[community-operator] Add support of securityContext for operator pod and container

legal90 commented 1 year ago

Closes #236

This PR adds two variables which allow to customize securityContext:

operator.securityContext (for the container level)
operator.podSecurityContext (for the pod level)

These vars have default values, which are backward compatible with previous behavior: both readOnlyRootFilesystem: true and runAsUser: 2000 are preserved. New values added by default do not break the functionality and only improve the security posture of the operator pod in runtime.

Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

All Submissions:

[x] Have you opened an Issue before filing this PR?
[x] Have you signed our CLA?
[x] Have you checked to ensure there aren't other open Pull Requests for the same update/change?
[x] Put closes #XXXX in your comment to auto-close the issue that your PR fixes (if such).

slaskawi commented 1 year ago

Thanks for the contribution @legal90 !

legal90 commented 1 year ago

@slaskawi Thank you! Could you please release a new version of the community-operator chart with this PR included?

mongodb / helm-charts

[community-operator] Add support of securityContext for operator pod and container #237

All Submissions: