#155: Add correct pod security context values to pass kyverno tests for postgresql
General MR
Summary
This corrects the postgresql pod securitycontext configuration to pass kyverno tests, discovered during mergeback of the previous MR on #156 into the bigbang umbrella chart.
Relevant logs/screenshots
Before
0s (x17 over 6m2s) Warning FailedCreate StatefulSet/mattermost-postgresql create Pod mattermost-postgresql-0 in StatefulSet mattermost-postgresql failed error: admission webhook "validate.kyverno.svc-fail" denied the request:
resource Pod/mattermost/mattermost-postgresql-0 was blocked due to the following policies
require-non-root-group:
run-as-group: 'validation failure: validation error: runAsGroup must be set to an
id > 0 in either spec.securityContext.runAsGroup or (spec.containers[*].securityContext.runAsGroup,
spec.initContainers[*].securityContext.runAsGroup, and spec.ephemeralContainers[*].securityContext.runAsGroup).
rule run-as-group[0] failed at path /securityContext/runAsGroup/'
restrict-host-path-write:
require-readonly-hostpath: rule skipped
After, mattermost works and tests pass
Linked Issue
Upgrade Notices
N/A