Merge pull request #142 from vshn/keycloak/securityContext

Fix Keycloak securityContext for OpenShift
vshn · Mar 12, 2024 · faca3fc · faca3fc
2 parents 7a7a3b0 + cd2d8fd
commit faca3fc
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/pkg/comp-functions/functions/vshnkeycloak/deploy.go b/pkg/comp-functions/functions/vshnkeycloak/deploy.go
@@ -374,11 +374,13 @@ func newValues(ctx context.Context, svc *runtime.ServiceRuntime, comp *vshnv1.VS
 		},
 		"nodeSelector": nodeSelector,
 		"dbchecker": map[string]any{
-			"enabled": true,
+			"enabled":         true,
+			"securityContext": nil,
 		},
 		// See https://github.com/keycloak/keycloak/issues/11286
 		// readOnlyRootFilesystem: true
 		"securityContext": map[string]any{
+			"runAsUser":                nil,
 			"allowPrivilegeEscalation": false,
 			"capabilities": map[string]any{
 				"drop": []string{
@@ -389,6 +391,7 @@ func newValues(ctx context.Context, svc *runtime.ServiceRuntime, comp *vshnv1.VS
 		"http": map[string]any{
 			"relativePath": comp.Spec.Parameters.Service.RelativePath,
 		},
+		"podSecurityContext": nil,
 	}
 
 	fqdn := comp.Spec.Parameters.Service.FQDN