From 882de005bba2da768696865078564273ee70488b Mon Sep 17 00:00:00 2001
From: bravof <fbravo@whitestack.com>
Date: Tue, 7 Jul 2020 10:06:46 -0400
Subject: [PATCH] fix(security): securityContext for pods sharing same volume

Signed-off-by: bravof <fbravo@whitestack.com>
---
 .../eechart/charts/snmpexporter/templates/deployment.yaml     | 4 ++++
 snmp_ee_vnf/helm-charts/eechart/templates/statefulset.yaml    | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/snmp_ee_vnf/helm-charts/eechart/charts/snmpexporter/templates/deployment.yaml b/snmp_ee_vnf/helm-charts/eechart/charts/snmpexporter/templates/deployment.yaml
index 212da7db..b4022a95 100644
--- a/snmp_ee_vnf/helm-charts/eechart/charts/snmpexporter/templates/deployment.yaml
+++ b/snmp_ee_vnf/helm-charts/eechart/charts/snmpexporter/templates/deployment.yaml
@@ -14,6 +14,10 @@ spec:
       labels:
         {{- include "snmpexporter.selectorLabels" . | nindent 8 }}
     spec:
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 3000
+        fsGroup: 2000
       initContainers:
         - name: cleanup
           image: "ubuntu:18.04"
diff --git a/snmp_ee_vnf/helm-charts/eechart/templates/statefulset.yaml b/snmp_ee_vnf/helm-charts/eechart/templates/statefulset.yaml
index 7e75594b..ab06db44 100755
--- a/snmp_ee_vnf/helm-charts/eechart/templates/statefulset.yaml
+++ b/snmp_ee_vnf/helm-charts/eechart/templates/statefulset.yaml
@@ -21,7 +21,9 @@ spec:
       - name: regcred 
       serviceAccountName: {{ template "eechart.serviceAccountName" . }}
       securityContext:
-        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+        runAsUser: 1000
+        runAsGroup: 3000
+        fsGroup: 2000
       containers:
         - name: {{ .Chart.Name }}
           securityContext:
-- 
GitLab