As noted in this comment on #441, the support for configuring securityContext was only added for hooks, not for the zookeeper-operator pod itself. Thus we cannot make set runAsNonRoot: true on the zk-operator POD.
Importance
This is important to enforce non-root requirements in many environments.
Description
As noted in this comment on #441, the support for configuring
securityContextwas only added for hooks, not for the zookeeper-operator pod itself. Thus we cannot make setrunAsNonRoot: trueon the zk-operator POD.Importance
This is important to enforce non-root requirements in many environments.
Location
See referenced issue
Suggestions for an improvement
In values file https://github.com/pravega/zookeeper-operator/pull/441#issuecomment-1194402901 it is indicated with that a top-level
securityContextkey is supported, but it is not. Add support for it in code.