From d0aa57c456185eeaaf6418e8e893254067fff103 Mon Sep 17 00:00:00 2001 From: Youcef Guichi <44117431+YoucefGuichi@users.noreply.github.com> Date: Mon, 14 Aug 2023 15:01:22 +0200 Subject: [PATCH] Add security context to init containers -- Added unit test for it (#76) * Add security context to init containers -- Added unit test for it * Minor cleaning --------- Co-authored-by: Laszlo Fogas --- charts/onechart/templates/deployment.yaml | 6 +++++- .../tests/deployment_initcontainers_test.yaml | 13 ++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/charts/onechart/templates/deployment.yaml b/charts/onechart/templates/deployment.yaml index 32dad8b..fec893e 100644 --- a/charts/onechart/templates/deployment.yaml +++ b/charts/onechart/templates/deployment.yaml @@ -67,7 +67,11 @@ spec: - mountPath: {{ .path }} name: {{ .name }} {{- end }} - {{- end }} + {{- end }} + {{if .securityContext }} + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- end}} {{- end }} containers: - name: {{ template "robustName" .Release.Name }} diff --git a/charts/onechart/tests/deployment_initcontainers_test.yaml b/charts/onechart/tests/deployment_initcontainers_test.yaml index 24275e3..83a169a 100644 --- a/charts/onechart/tests/deployment_initcontainers_test.yaml +++ b/charts/onechart/tests/deployment_initcontainers_test.yaml @@ -26,6 +26,13 @@ tests: - equal: path: spec.template.spec.initContainers[0].command value: ['/bin/sh', '-c', 'while true; do date; sleep 2; done && ls /data && printf something'] - - - \ No newline at end of file + + - it: Should set security context + set: + initContainers: + - securityContext: + runAsNonRoot: true + asserts: + - equal: + path: spec.template.spec.initContainers[0].securityContext.runAsNonRoot + value: true