Gitiles
Code Review Sign In
gerrit.opencord.org / voltha-helm-charts / 9f58b1167e0b959094b5701cfec1c0c01dfb670e^! / .
commit9f58b1167e0b959094b5701cfec1c0c01dfb670e[log] [tgz]
authorabhayk <abhayk@radisys.com>Sat Jan 11 00:08:02 2025 +0530
committerabhayk <abhayk@radisys.com>Sat Jan 11 00:09:15 2025 +0530
treeeb30df1fee4eeb93263ec1baf1e661a603a5c8a3
parent4a45cc89a2a7eb753b5b9b7b94c4b195d17f0714 [diff]
Add VGC security context

Change-Id: I2ede9b0f131a6244cee7b53f2d7ea0ab276d541d
Signed-off-by: abhayk <abhayk@radisys.com>

diff --git a/VERSION b/VERSION
index 4f5e697..1cf8253 100644
--- a/VERSION
+++ b/VERSION

@@ -1 +1 @@
-3.4.5
+3.4.6

diff --git a/voltha-go-controller/Chart.yaml b/voltha-go-controller/Chart.yaml
index ffe12d6..2e40067 100644
--- a/voltha-go-controller/Chart.yaml
+++ b/voltha-go-controller/Chart.yaml

@@ -27,6 +27,6 @@
 
 ## Chart version for package voltha-stack
 ##   Increment when Chart.yaml changes
-version: "0.1.6"
+version: "0.1.7"
 
 # [EOF]

diff --git a/voltha-go-controller/templates/deployment.yaml b/voltha-go-controller/templates/deployment.yaml
index 0e2ffa0..8b28dc8 100644
--- a/voltha-go-controller/templates/deployment.yaml
+++ b/voltha-go-controller/templates/deployment.yaml

@@ -28,6 +28,12 @@
       labels:
         app: "{{ .Chart.Name }}"
     spec:
+      {{- if .Values.securityContext.enabled }}
+      securityContext:
+        runAsUser: {{ .Values.securityContext.runAsUser }}
+        runAsGroup: {{ .Values.securityContext.runAsGroup }}
+        fsGroup: {{ .Values.securityContext.fsGroup }}
+      {{- end }}
       containers:
       - args:
           - "/app/voltha-go-controller"
@@ -69,10 +75,10 @@
         name: voltha-go-controller
         image: '{{ tpl .Values.images.voltha_go_controller.registry . }}{{ tpl .Values.images.voltha_go_controller.repository . }}:{{ tpl ( tpl .Values.images.voltha_go_controller.tag . ) . }}'
         imagePullPolicy: {{ tpl .Values.images.voltha_go_controller.pullPolicy . }}
+        {{- if .Values.securityContext.enabled }}
         securityContext:
-          runAsUser: {{ .Values.securityContext.runAsUser }}
-          runAsGroup: {{ .Values.securityContext.runAsGroup }}
-          fsGroup: {{ .Values.securityContext.fsGroup }}
+          allowPrivilegeEscalation: false
+        {{- end }}
         ports:
         - containerPort: {{ .Values.voltha_go_controller.sshPort }}
           name: ssh-port

diff --git a/voltha-stack/Chart.yaml b/voltha-stack/Chart.yaml
index b58239c..288d0e5 100644
--- a/voltha-stack/Chart.yaml
+++ b/voltha-stack/Chart.yaml

@@ -34,7 +34,7 @@
 
 ## Chart version for package voltha-stack
 ##   Increment when Chart.yaml changes
-version    : "2.12.12"
+version    : "2.12.13"
 
 # -----------------------------------------------------------------------
 # NOTE: Dependencies are chart versions not component/repository version
@@ -55,7 +55,7 @@
     condition  : voltha-adapter-openolt.enabled
   - name       : voltha-go-controller
     repository : file://../voltha-go-controller
-    version    : "0.1.6"
+    version    : "0.1.7"
     condition  : voltha-go-controller.enabled
 
 # [EOF]