In some clusters, a validation controller can prohibit creating pods that have not dropped capabilities, or require SELinux, AppArmor, or some other security feature. This exposes the Kubernetes SecurityContext feature so that it can be configured via helm values.

• make securityContext and podSecurityContext configurable
• add changelog entry

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When installing StackStorm through helm, I get the following error on the MongoDB container:

> kubectl logs -f -n stackstorm stackstorm-mongodb-0
Advertised Hostname: stackstorm-mongodb-0.stackstorm-mongodb-headless.stackstorm.svc.cluster.local
Pod name matches initial primary pod name, configuring node as a primary
mongodb 15:09:55.49 
mongodb 15:09:55.49 Welcome to the Bitnami mongodb container
mongodb 15:09:55.49 Subscribe to project updates by watching https://github.com/bitnami/bitnami-docker-mongodb
mongodb 15:09:55.49 Submit issues and feature requests at https://github.com/bitnami/bitnami-docker-mongodb/issues
mongodb 15:09:55.50 
mongodb 15:09:55.50 INFO  ==> ** Starting MongoDB setup **
mongodb 15:09:55.52 INFO  ==> Validating settings in MONGODB_* env vars...
mkdir: cannot create directory '/bitnami/mongodb/data': Permission denied

As far as I can tell, this is related to https://github.com/bitnami/bitnami-docker-mongodb/issues/177 and could be fixed if this merge request was merged :)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.