From c2bd947787dc516ffbb8be56e6b40cd99f95423e Mon Sep 17 00:00:00 2001
From: Prateek Dodda <prateek.reddy.dodda@att.com>
Date: Tue, 5 Nov 2019 15:40:36 -0600
Subject: [PATCH] Adding missing readOnlyRootFilesystem flag for container
 security context

Change-Id: Id11292ec0a76dbf659e918833859b9109c07cc18
---
 horizon/templates/deployment.yaml | 3 ---
 horizon/values.yaml               | 3 ++-
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml
index fe8dd9e792..fe884c42be 100644
--- a/horizon/templates/deployment.yaml
+++ b/horizon/templates/deployment.yaml
@@ -60,9 +60,6 @@ spec:
 {{ tuple $envAll "horizon" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
 {{ dict "envAll" $envAll "application" "horizon" "container" "horizon" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
-          securityContext:
-            runAsUser: 0
-            allowPrivilegeEscalation: false
           command:
             - /tmp/horizon.sh
             - start
diff --git a/horizon/values.yaml b/horizon/values.yaml
index 7e30390592..ee6844ff4b 100644
--- a/horizon/values.yaml
+++ b/horizon/values.yaml
@@ -2028,8 +2028,9 @@ pod:
         runAsUser: 42424
       container:
         horizon:
-          readOnlyRootFilesystem: true
+          readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
+          runAsUser: 0
   affinity:
     anti:
       type: