You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
To comply with our organization's security standards, we must set some specific configuration in the securityContext object for pods and/or containers.
Today it is not possible to set all of the possible securityContext fields, since the templates only uses hard coded values.
Being able to customize this would be a huge improvement.
Here's an example of what the pod's SecurityContext is in the core/core-dpl.yaml file:
I would like there to be a podSecurityContext and a containerSecurityContext object for each component, and that the template for any Pod, Deployment, StatefulSet or DaemonSet should include them if they are defined.
Describe the main design/architecture of your solution
[…]spec:
{{- with .Values.core.podSecurityContext }}securityContext:
{{ toYaml . }}{{- end }}containers:
- name: core{{- with .Values.core.containerSecurityContext }}securityContext:
{{ toYaml . }}{{- end }}[…]
Note that we are careful to not include the object if it is undefined.
Describe the development plan you've considered
This should be pretty straight-forward to implement by just adding the template code I suggested in the right places, since this is added functionality and not changed functionality.
And as long as we transfer the current hard-coded values to the values.yaml file, the default values should not change at all in the releases.
The text was updated successfully, but these errors were encountered:
@lindhe unfortunately, we have no plan to configure this in harbor-helm. The main reason for that is because some of the Dockerfile is hardcode with some specific user code number.
I don't understand your argument there. You could still have the same default values as today, just that you would include the entire object from Values. Can you please elaborate or give an example?
Is your feature request related to a problem? Please describe.
To comply with our organization's security standards, we must set some specific configuration in the
securityContext
object for pods and/or containers.Today it is not possible to set all of the possible
securityContext
fields, since the templates only uses hard coded values.Being able to customize this would be a huge improvement.
Here's an example of what the pod's
SecurityContext
is in thecore/core-dpl.yaml
file:Describe the solution you'd like
I would like there to be a
podSecurityContext
and acontainerSecurityContext
object for each component, and that the template for anyPod
,Deployment
,StatefulSet
orDaemonSet
should include them if they are defined.Describe the main design/architecture of your solution
In the
values.yaml
file, it would look like this:Template files should use it like this:
Note that we are careful to not include the object if it is undefined.
Describe the development plan you've considered
This should be pretty straight-forward to implement by just adding the template code I suggested in the right places, since this is added functionality and not changed functionality.
And as long as we transfer the current hard-coded values to the
values.yaml
file, the default values should not change at all in the releases.The text was updated successfully, but these errors were encountered: