From 0c70c0188f3f142bf00674d67ada58b040d77754 Mon Sep 17 00:00:00 2001
From: Riadh Meghenem <ArcRiiad@users.noreply.github.com>
Date: Tue, 10 Dec 2024 11:05:15 +0100
Subject: [PATCH] fix: security context rollback (#38)

* fix: security context rollback

* fix
---
 templates/upgrade.yml |  6 ------
 values.yaml           | 18 ------------------
 2 files changed, 24 deletions(-)

diff --git a/templates/upgrade.yml b/templates/upgrade.yml
index 8c47f6b..a65c2e5 100644
--- a/templates/upgrade.yml
+++ b/templates/upgrade.yml
@@ -11,9 +11,6 @@ spec:
         - name: stream-upgrade
           image: {{ include "common.images.image" (dict "imageRoot" .Values.upgrade.image "global" .Values.global) }}
           imagePullPolicy: {{ .Values.upgrade.image.pullPolicy | default "IfNotPresent" | quote }}
-          {{- if .Values.upgrade.containerSecurityContext.enabled }}
-          securityContext: {{- omit .Values.upgrade.containerSecurityContext "enabled" | toYaml | nindent 12 }}
-          {{- end }}
           {{- include "common.images.renderPullSecrets" (dict "images" (list .Values.upgrade.image) "context" $) | nindent 10 }}
           args: [
               "-y",
@@ -29,8 +26,5 @@ spec:
                   name: {{ include "common.secrets.name" (dict "existingSecret" .Values.externalDatabase.secretName "context" $) }}
                   key: {{ include "common.secrets.key" (dict "existingSecret" .Values.externalDatabase.secretKey "key" "mongoUri") }}
       restartPolicy: Never
-      {{- if .Values.upgrade.podSecurityContext.enabled }}
-      securityContext: {{- omit .Values.upgrade.podSecurityContext "enabled" | toYaml | nindent 8 }}
-      {{- end }}
   backoffLimit: 0
 {{- end }}
diff --git a/values.yaml b/values.yaml
index b8137e7..e3c01b7 100644
--- a/values.yaml
+++ b/values.yaml
@@ -559,24 +559,6 @@ upgrade:
     requests:
       memory: 512Mi
       cpu: 500m
-  ## Configure Pods Security Context
-  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
-  ## @param upgrade.podSecurityContext.enabled Enabled Horizon pods' Security Context
-  ## @param upgrade.podSecurityContext.fsGroup Set Horizon pod's Security Context fsGroup
-  ##
-  podSecurityContext:
-    enabled: true
-    fsGroup: 1001
-  ## Configure Container Security Context (only main container)
-  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
-  ## @param upgrade.containerSecurityContext.enabled Enabled Horizon containers' Security Context
-  ## @param upgrade.containerSecurityContext.runAsUser Set Horizon container's Security Context runAsUser
-  ## @param upgrade.containerSecurityContext.runAsNonRoot Set Horizon container's Security Context runAsNonRoot
-  ##
-  containerSecurityContext:
-    enabled: true
-    runAsUser: 1001
-    runAsNonRoot: true
 
 ## Configuration for a Stream external database
 ## Refer to the Stream installation guide to configure the installation correctly