Add security context for wait-for-mongodb (#332)

* Add security context for wait-for-mongodb
- Add securityContext in values.yaml
- Using this securityContext in auth-server-deployment.yaml and server-deployment.yaml
- Bumping Chart version to 2.16.0
- Regenerating docs with helm-docs

Signed-off-by: Calvin Audier <[email protected]>

* Removing default values for initContainer securityContext
- Update values.yaml to remove default values for security securityContext
- Example values for securityContext as comments
- Regenerating docs with helm-docs
- Switching for bump to 2.16.0 to bump to 2.15.11

Signed-off-by: Calvin Audier <[email protected]>

---------

Signed-off-by: Calvin Audier <[email protected]>
Co-authored-by: Calvin Audier <[email protected]>

charts/litmus/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: "2.14.0"
 description: A Helm chart to install ChaosCenter
 name: litmus
-version: 2.15.10
+version: 2.15.11
 kubeVersion: ">=1.16.0-0"
 home: https://litmuschaos.io
 sources:

charts/litmus/README.md

@@ -1,6 +1,6 @@
 # litmus
 
-![Version: 2.15.10](https://img.shields.io/badge/Version-2.15.10-informational?style=flat-square) ![AppVersion: 2.14.0](https://img.shields.io/badge/AppVersion-2.14.0-informational?style=flat-square)
+![Version: 2.15.11](https://img.shields.io/badge/Version-2.15.11-informational?style=flat-square) ![AppVersion: 2.14.0](https://img.shields.io/badge/AppVersion-2.14.0-informational?style=flat-square)
 
 A Helm chart to install ChaosCenter
 
@@ -229,6 +229,7 @@ We separated service configuration from `portal.server.service` to `portal.serve
 | portal.server.waitForMongodb.resources.requests.cpu | string | `"25m"` |  |
 | portal.server.waitForMongodb.resources.requests.ephemeral-storage | string | `"500Mi"` |  |
 | portal.server.waitForMongodb.resources.requests.memory | string | `"150Mi"` |  |
+| portal.server.waitForMongodb.securityContext | object | `{}` |  |
 | portalScope | string | `"cluster"` |  |
 | upgradeAgent.affinity | object | `{}` |  |
 | upgradeAgent.controlPlane.image.pullPolicy | string | `"Always"` |  |

charts/litmus/templates/auth-server-deployment.yaml

@@ -46,6 +46,8 @@ spec:
             ]
           resources:
             {{- toYaml .Values.portal.server.waitForMongodb.resources | nindent 12 }}
+          securityContext:
+            {{- toYaml .Values.portal.server.waitForMongodb.securityContext | nindent 12 }}
       containers:
         - name: auth-server
           image: {{ .Values.image.imageRegistryName }}/{{ .Values.portal.server.authServer.image.repository }}:{{ .Values.portal.server.authServer.image.tag }}

charts/litmus/templates/server-deployment.yaml

@@ -43,6 +43,8 @@ spec:
             [
                 "while [[ $(curl -sw '%{http_code}' http://{{ include "litmus-portal.mongodbServiceName" . }}:{{ .Values.mongodb.service.ports.mongodb }} -o /dev/null) -ne 200 ]]; do sleep 5; echo 'Waiting for the MongoDB to be ready...'; done; echo 'Connection with MongoDB established'",
             ]
+          securityContext:
+            {{- toYaml .Values.portal.server.waitForMongodb.securityContext | nindent 12 }}
           resources:
             {{- toYaml .Values.portal.server.waitForMongodb.resources | nindent 12 }}
       containers:

charts/litmus/values.yaml

@@ -168,6 +168,11 @@ portal:
         repository: curl
         tag: 2.14.0
         pullPolicy: "Always"
+      securityContext: {}
+       # runAsUser: 101
+       # allowPrivilegeEscalation: false
+       # runAsNonRoot: true
+       # readOnlyRootFilesystem: true
       resources:
         # We usually recommend not to specify default resources and to leave this as a conscious
         # choice for the user. This also increases chances charts run on environments with little