diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index bfce167d2dc4a05c800586378c525a10079bfe7c..730d6def15d9bb7bbd9d90da968debfacee2b5f5 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -183,9 +183,6 @@ spec:
{{- with (.Values.securityContext).runAsGroup }}
runAsGroup: {{ . }}
{{- end }}
- {{- with (.Values.securityContext).fsGroup }}
- fsGroup: {{ . }}
- {{- end }}
{{- with (.Values.securityContext).capabilities }}
capabilities:
{{ toYaml . | indent 12 }}
@@ -240,5 +237,10 @@ spec:
{{ toYaml . | indent 8 }}
{{- end }}
schedulerName: default-scheduler
+ {{- if (.Values.securityContext).fsGroup }}
+ securityContext:
+ fsGroup: {{ (.Values.securityContext).fsGroup }}
+ {{- else }}
securityContext: {}
+ {{- end }}
terminationGracePeriodSeconds: 30
\ No newline at end of file
diff --git a/src/test/helm/deployment_container_security_context_test.yaml b/src/test/helm/deployment_container_security_context_test.yaml
index f1c7b1154cf34c372d891cf6cb32f64280c07d42..d22aa5a026e247ec201975add71bbf041ad42383 100644
--- a/src/test/helm/deployment_container_security_context_test.yaml
+++ b/src/test/helm/deployment_container_security_context_test.yaml
@@ -57,7 +57,7 @@ tests:
- isNull:
path: spec.template.spec.containers[0].securityContext.runAsGroup
- isNull:
- path: spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.template.spec.securityContext.fsGroup
- isNull:
path: spec.template.spec.containers[0].securityContext.capabilities
- it: check runAsUser
@@ -79,7 +79,7 @@ tests:
securityContext.fsGroup: 1000
asserts:
- equal:
- path: spec.template.spec.containers[0].securityContext.fsGroup
+ path: spec.template.spec.securityContext.fsGroup
value: 1000
- it: check capabilities
set: