Skip to content

Commit

Permalink
feat: securityContext privileged
Browse files Browse the repository at this point in the history
  • Loading branch information
stephane-segning committed Nov 20, 2024
1 parent a9518d9 commit 7ec86f5
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 8 deletions.
9 changes: 3 additions & 6 deletions charts/wazuh/templates/manager/sts.wazuh-master.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -73,10 +73,6 @@ spec:
imagePullPolicy: IfNotPresent
##
##
securityContext:
privileged: true
##
##
command:
- /bin/sh
- -c
Expand Down Expand Up @@ -110,7 +106,7 @@ spec:
{{ include "common.tplvalues.render" (dict "value" . "context" $) | nindent 8}}
{{- end }}
securityContext:
fsGroup: 101
fsGroup: 1000
containers:
- name: wazuh-manager
{{ $imageTpl := include "common.images.image" (dict "imageRoot" .image "global" $.Values.global) }}
Expand All @@ -119,9 +115,10 @@ spec:
resources: {{ include "common.tplvalues.render" (dict "value" . "context" $) | nindent 12}}
{{- end }}
securityContext:
privileged: true
capabilities:
add: [ "SYS_CHROOT" ]
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: {{ $name }}
mountPath: /var/ossec/api/configuration
Expand Down
3 changes: 2 additions & 1 deletion charts/wazuh/templates/manager/sts.wazuh-worker.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -120,9 +120,10 @@ spec:
resources: {{ include "common.tplvalues.render" (dict "value" . "context" $) | nindent 12}}
{{- end }}
securityContext:
privileged: true
capabilities:
add: [ "SYS_CHROOT" ]
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: {{ $name }}
mountPath: /var/ossec/api/configuration
Expand Down
2 changes: 1 addition & 1 deletion charts/wazuh/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -253,7 +253,7 @@ indexer:
cpu: 500m
memory: 1Gi
limits:
cpu: 1000m
cpu: 1
memory: 2Gi

worker:
Expand Down

0 comments on commit 7ec86f5

Please sign in to comment.