diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml index f3d7f8f482..5a4d3b6c25 100644 --- a/neutron/Chart.yaml +++ b/neutron/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Neutron name: neutron -version: 0.1.4 +version: 0.1.5 home: https://docs.openstack.org/neutron/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png sources: diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index 1eedc226d4..6f254a2c55 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -103,7 +103,7 @@ spec: - name: nginx {{ tuple $envAll "nginx" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.nginx | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} -{{ dict "envAll" $envAll "application" "neutron" "container" "nginx" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} +{{ dict "envAll" $envAll "application" "neutron_server" "container" "nginx" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} ports: - name: q-api containerPort: {{ tuple "network" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} @@ -129,6 +129,8 @@ spec: - /tmp/nginx.sh - stop volumeMounts: + - name: pod-tmp + mountPath: /tmp - name: neutron-bin mountPath: /tmp/nginx.sh subPath: nginx.sh diff --git a/neutron/values.yaml b/neutron/values.yaml index d75447828e..0275649f49 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -516,6 +516,9 @@ pod: pod: runAsUser: 42424 container: + nginx: + runAsUser: 0 + readOnlyRootFilesystem: false neutron_server: allowPrivilegeEscalation: false readOnlyRootFilesystem: true