# This is a combination of 5 commits.

# This is the 1st commit message: Revert "Change security context UID/GID references to 1001" This reverts commit 6a5663a5. # This is the commit message #2: Revert "Mattermost #155: Correct pod security context settings for postgresql primary" This reverts commit f3bf748f. # This is the commit message #3: Revert "Mattermost #155: Correct pod security context settings for postgresql primary" This reverts commit f0edb1c3. # This is the commit message #4: Revert "Mattermost #155: Force mattermost chart template to properly manage postgresql values" This reverts commit c204cf8d. # This is the commit message #5: Revert "Mattermost #155: Add runAsGroup for mattermost postgresql security context" This reverts commit a1004a1b.

# This is a combination of 5 commits.
0a2a2488 · Andrew Kesterson · 6f9d7ed3 · 0a2a2488 · 0a2a2488
Commit 0a2a2488 authored 8 months ago by Andrew Kesterson
--- a/chart/templates/mattermost/secret-database.yaml
+++ b/chart/templates/mattermost/secret-database.yaml
@@ -14,8 +14,6 @@ metadata:
 stringData:
  DB_CONNECTION_CHECK_URL: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
  DB_CONNECTION_STRING: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/{{ .database }}?connect_timeout=10&sslmode={{ .ssl_mode | default "disable" }}"
-  username: "{{ .username }}"
-  password: "{{ .password }}"
 {{- end }}
 {{- end }}
 {{- end }}
\ No newline at end of file
--- a/chart/templates/mattermost/values.yaml
+++ b/chart/templates/mattermost/values.yaml
@@ -88,42 +88,16 @@ enterprise:
 {{- if and .username .password .host .port .database }}
 database:
  secret: "mattermost-database-secret"
-postgresql:
-  secret: "mattermost-database-secret"
 {{- else }}
 postgresql:
  image:
    pullSecrets:
      - private-registry
-  {{- if and .username .password .host .port .database }}
-  secret: "mattermost-database-secret"
-  {{- else }}
-  secret: "mattermost-dbcreds"
-  {{- end }}
  install: true
  {{- if $istioInjection }}
  primary:
    podAnnotations:
      {{ include "istioAnnotation" $ }}
-    podSecurityContext:
-      enabled: true
-      fsGroup: 1001
-      runAsUser: 1001
-      runAsGroup: 1001
-    containerSecurityContext:
-      enabled: true
-      runAsUser: 1001
-      runAsGroup: 1001
-      runAsNonRoot: true
-      capabilities:
-        drop:
-          - ALL
-    #permissions for initContainers
-    volumePermissions:
-      securityContext:
-        capabilities:
-          drop:
-            - ALL
  readReplicas:
    podAnnotations:
      {{ include "istioAnnotation" $ }}