diff --git a/grafana/templates/job-add-home-dashboard.yaml b/grafana/templates/job-add-home-dashboard.yaml index ac191b384..1a9fbf62d 100644 --- a/grafana/templates/job-add-home-dashboard.yaml +++ b/grafana/templates/job-add-home-dashboard.yaml @@ -36,6 +36,7 @@ spec: configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} {{ dict "envAll" $envAll "podName" "grafana-add-home-dashboard" "containerNames" (list "add-home-dashboard" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: +{{ dict "envAll" $envAll "application" "add_home_dashboard" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} serviceAccountName: {{ $serviceAccountName }} restartPolicy: OnFailure nodeSelector: @@ -46,6 +47,7 @@ spec: - name: add-home-dashboard {{ tuple $envAll "add_home_dashboard" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.add_home_dashboard | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} +{{ dict "envAll" $envAll "application" "add_home_dashboard" "container" "add_home_dashboard" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} env: - name: GF_SECURITY_ADMIN_USER valueFrom: @@ -75,4 +77,4 @@ spec: configMap: name: grafana-bin defaultMode: 0555 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/grafana/templates/job-db-session-sync.yaml b/grafana/templates/job-db-session-sync.yaml index 5b0c9be00..fb086c549 100644 --- a/grafana/templates/job-db-session-sync.yaml +++ b/grafana/templates/job-db-session-sync.yaml @@ -45,7 +45,7 @@ spec: - name: grafana-db-session-sync {{ tuple $envAll "grafana_db_session_sync" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.db_session_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} -{{ dict "envAll" $envAll "application" "db-session-sync" "container" "grafana_db_session_sync" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} +{{ dict "envAll" $envAll "application" "db_session_sync" "container" "grafana_db_session_sync" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} env: - name: DB_CONNECTION valueFrom: diff --git a/grafana/values.yaml b/grafana/values.yaml index 3d1d992d9..3bfc73dce 100644 --- a/grafana/values.yaml +++ b/grafana/values.yaml @@ -81,7 +81,7 @@ pod: pod: runAsUser: 104 container: - grafana_set_admin_password: + add_home_dashboard: allowPrivilegeEscalation: false readOnlyRootFilesystem: true test: