From 8b347681ca3799dbb1b50152d4f991ac24ad5ff0 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Thu, 29 Feb 2024 12:34:06 +0100
Subject: [PATCH] add securityContext fsGroup

---
 src/main/helm/templates/deployment.yaml                   | 8 +++++---
 .../helm/deployment_container_security_context_test.yaml  | 4 ++--
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index bfce167d..730d6def 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -183,9 +183,6 @@ spec:
           {{- with (.Values.securityContext).runAsGroup }}
           runAsGroup: {{ . }}
           {{- end }}
-          {{- with (.Values.securityContext).fsGroup }}
-          fsGroup: {{ . }}
-          {{- end }}
           {{- with (.Values.securityContext).capabilities }}
           capabilities:
 {{ toYaml . | indent 12 }}
@@ -240,5 +237,10 @@ spec:
 {{ toYaml . | indent 8 }}
       {{- end }}
       schedulerName: default-scheduler
+      {{- if (.Values.securityContext).fsGroup }}
+      securityContext:
+        fsGroup: {{ (.Values.securityContext).fsGroup }}
+      {{- else }}
       securityContext: {}
+      {{- end }}
       terminationGracePeriodSeconds: 30
\ No newline at end of file
diff --git a/src/test/helm/deployment_container_security_context_test.yaml b/src/test/helm/deployment_container_security_context_test.yaml
index f1c7b115..d22aa5a0 100644
--- a/src/test/helm/deployment_container_security_context_test.yaml
+++ b/src/test/helm/deployment_container_security_context_test.yaml
@@ -57,7 +57,7 @@ tests:
       - isNull:
           path: spec.template.spec.containers[0].securityContext.runAsGroup
       - isNull:
-          path: spec.template.spec.containers[0].securityContext.fsGroup
+          path: spec.template.spec.securityContext.fsGroup
       - isNull:
           path: spec.template.spec.containers[0].securityContext.capabilities
   - it: check runAsUser
@@ -79,7 +79,7 @@ tests:
       securityContext.fsGroup: 1000
     asserts:
       - equal:
-          path: spec.template.spec.containers[0].securityContext.fsGroup
+          path: spec.template.spec.securityContext.fsGroup
           value: 1000
   - it: check capabilities
     set:
-- 
GitLab