Add missing flags to nginx container in neutron chart

This adds readOnly-fs flag to nginx container

Change-Id: Ie75e460fe2f45f1ae908f1fe475461267251461f

neutron/Chart.yaml

@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Neutron
 name: neutron
-version: 0.1.4
+version: 0.1.5
 home: https://docs.openstack.org/neutron/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png
 sources:

neutron/templates/deployment-server.yaml

@@ -103,7 +103,7 @@ spec:
         - name: nginx
 {{ tuple $envAll "nginx" | include "helm-toolkit.snippets.image" | indent 10 }}
 {{ tuple $envAll $envAll.Values.pod.resources.nginx | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "neutron" "container" "nginx" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+{{ dict "envAll" $envAll "application" "neutron_server" "container" "nginx" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           ports:
             - name: q-api
               containerPort: {{ tuple "network" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
@@ -129,6 +129,8 @@ spec:
                   - /tmp/nginx.sh
                   - stop
           volumeMounts:
+            - name: pod-tmp
+              mountPath: /tmp
             - name: neutron-bin
               mountPath: /tmp/nginx.sh
               subPath: nginx.sh

neutron/values.yaml

@@ -516,6 +516,9 @@ pod:
       pod:
         runAsUser: 42424
       container:
+        nginx:
+          runAsUser: 0
+          readOnlyRootFilesystem: false
         neutron_server:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true