mysql_port: Optional[int]
mysql_root_password: Optional[str]
image_pull_policy: str
+ security_context: bool
@validator("max_file_size")
def validate_max_file_size(cls, v):
self._check_missing_dependencies(config, external_db)
# Create Builder for the PodSpec
- pod_spec_builder = PodSpecV3Builder()
+ pod_spec_builder = PodSpecV3Builder(
+ enable_security_context=config.security_context
+ )
container_builder = ContainerV3Builder(
- self.app.name, image_info, config.image_pull_policy
+ self.app.name,
+ image_info,
+ config.image_pull_policy,
+ run_as_non_root=config.security_context,
)
# Build files
ldap_secrets = {
"authentication_domain_name": config_ldap.ldap_authentication_domain_name,
"url": config_ldap.ldap_url,
- "page_size": config_ldap.ldap_page_size,
+ "page_size": str(config_ldap.ldap_page_size),
"user_objectclass": config_ldap.ldap_user_objectclass,
"user_id_attribute": config_ldap.ldap_user_id_attribute,
"user_name_attribute": config_ldap.ldap_user_name_attribute,
"user_pass_attribute": config_ldap.ldap_user_pass_attribute,
- "user_enabled_mask": config_ldap.ldap_user_enabled_mask,
+ "user_enabled_mask": str(config_ldap.ldap_user_enabled_mask),
"user_enabled_default": config_ldap.ldap_user_enabled_default,
- "user_enabled_invert": config_ldap.ldap_user_enabled_invert,
+ "user_enabled_invert": str(config_ldap.ldap_user_enabled_invert),
"group_objectclass": config_ldap.ldap_group_objectclass,
}
ldap_envs = {
ldap_envs["LDAP_TLS_CACERT_BASE64"] = "tls_cacert_base64"
if config_ldap.ldap_use_starttls:
- ldap_secrets["use_starttls"] = config_ldap.ldap_use_starttls
+ ldap_secrets["use_starttls"] = str(config_ldap.ldap_use_starttls)
ldap_secrets["tls_cacert_base64"] = config_ldap.ldap_tls_cacert_base64
ldap_secrets["tls_req_cert"] = config_ldap.ldap_tls_req_cert
ldap_envs["LDAP_USE_STARTTLS"] = "use_starttls"