diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index e1710b8a035910b164348c974017608bd1ae9423..c6aa75141309794cf147ab2b26cd8f9ff599a0c4 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -139,9 +139,6 @@ spec:
{{- with (.Values.securityContext).runAsGroup }}
runAsGroup: {{ . }}
{{- end }}
- {{- with (.Values.securityContext).fsGroup }}
- fsGroup: {{ . }}
- {{- end }}
{{- with (.Values.securityContext).capabilities }}
capabilities:
{{ toYaml . | indent 12 }}
@@ -170,5 +167,10 @@ spec:
{{ toYaml . | indent 8 }}
{{- end }}
schedulerName: default-scheduler
+ {{- if (.Values.securityContext).fsGroup }}
+ securityContext:
+ fsGroup: {{ (.Values.securityContext).fsGroup }}
+ {{- else }}
securityContext: {}
+ {{- end }}
terminationGracePeriodSeconds: 30
\ No newline at end of file
diff --git a/src/test/helm/deployment_container_security_context_test.yaml b/src/test/helm/deployment_container_security_context_test.yaml
index 165a9742a582dfc2da9b566485357f72554d7bbf..416374d56a7f925dfe499c556eb58b6e71eb2029 100644
--- a/src/test/helm/deployment_container_security_context_test.yaml
+++ b/src/test/helm/deployment_container_security_context_test.yaml
@@ -50,7 +50,7 @@ tests:
- isNull:
path: spec.template.spec.containers[0].securityContext.runAsGroup
- isNull:
- path: spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.template.spec.securityContext.fsGroup
- isNull:
path: spec.template.spec.containers[0].securityContext.capabilities
- it: check runAsUser
@@ -72,7 +72,7 @@ tests:
securityContext.fsGroup: 1000
asserts:
- equal:
- path: spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.template.spec.securityContext.fsGroup
value: 1000
- it: check capabilities
set:
diff --git a/xta-adapter/src/main/helm/templates/xta_adapter_cronjob.yaml b/xta-adapter/src/main/helm/templates/xta_adapter_cronjob.yaml
index 89ad38b0445b1511d16501fb57115c2a23747997..8f8f55aea4531cbe52c88983d7491551b9c2354e 100644
--- a/xta-adapter/src/main/helm/templates/xta_adapter_cronjob.yaml
+++ b/xta-adapter/src/main/helm/templates/xta_adapter_cronjob.yaml
@@ -111,9 +111,6 @@ spec:
{{- with (.Values.securityContext).runAsGroup }}
runAsGroup: {{ . }}
{{- end }}
- {{- with (.Values.securityContext).fsGroup }}
- fsGroup: {{ . }}
- {{- end }}
{{- with (.Values.securityContext).capabilities }}
capabilities:
{{ toYaml . | indent 18 }}
@@ -170,4 +167,10 @@ spec:
- name: {{ .Values.imagePullSecret }}
{{ else }}
- name: {{ include "app.name" . }}-image-pull-secret
- {{- end }}
\ No newline at end of file
+ {{- end }}
+ {{- if (.Values.securityContext).fsGroup }}
+ securityContext:
+ fsGroup: {{ (.Values.securityContext).fsGroup }}
+ {{- else }}
+ securityContext: {}
+ {{- end }}
\ No newline at end of file
diff --git a/xta-adapter/src/test/helm/xta_adapter_cronjob_basic_test.yaml b/xta-adapter/src/test/helm/xta_adapter_cronjob_basic_test.yaml
index 4b47e6a77c49c0d7926da23652aaf0c2bd3b23ed..a75640cc51806e0a22c85787acb094ed8218b0bf 100644
--- a/xta-adapter/src/test/helm/xta_adapter_cronjob_basic_test.yaml
+++ b/xta-adapter/src/test/helm/xta_adapter_cronjob_basic_test.yaml
@@ -105,7 +105,7 @@ tests:
- isNull:
path: spec.jobTemplate.spec.template.spec.containers[0].securityContext.runAsGroup
- isNull:
- path: spec.jobTemplate.spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.jobTemplate.spec.template.spec.securityContext.fsGroup
- isNull:
path: spec.jobTemplate.spec.template.spec.containers[0].securityContext.capabilities
- it: check runAsUser
@@ -135,7 +135,7 @@ tests:
securityContext.fsGroup: 1000
asserts:
- equal:
- path: spec.jobTemplate.spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.jobTemplate.spec.template.spec.securityContext.fsGroup
value: 1000
- it: check capabilities
set: