chore(charts):[#1222] TRG 4.07 Read-only filesystem

eclipse-tractusx · Jul 23, 2024 · 0ebcbe3 · 0ebcbe3
1 parent 5a98ba0
commit 0ebcbe3
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/charts/traceability-foss/charts/backend/templates/deployment.yaml b/charts/traceability-foss/charts/backend/templates/deployment.yaml
@@ -164,6 +164,9 @@ spec:
             - name: http-trusted
               containerPort: 8181
               protocol: TCP
+          volumeMounts:
+            - name: tmp
+              mountPath: /tmp
           # @url: https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-best-practices-setting-up-health-checks-with-readiness-and-liveness-probes
         {{- if .Values.healthCheck.enabled }}
           livenessProbe:
@@ -190,6 +193,9 @@ spec:
         {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
+      volumes:
+        - name: tmp
+          emptyDir: {}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

diff --git a/charts/traceability-foss/values.yaml b/charts/traceability-foss/values.yaml
@@ -207,7 +207,7 @@ backend:
     capabilities:
       drop:
         - ALL
-    readOnlyRootFilesystem: false
+    readOnlyRootFilesystem: true
 
   service:
     type: ClusterIP