From ddb023da07929f0fb9934d26ea2ae2b66c54f73d Mon Sep 17 00:00:00 2001 From: Mridul Gogoi Date: Mon, 20 Nov 2023 16:15:25 -0800 Subject: [PATCH 1/2] Run nats as nonroot. Making use of userid 65534 (nobody). --- charts/stigatron/values.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/charts/stigatron/values.yaml b/charts/stigatron/values.yaml index d2e5eea..fab2e38 100644 --- a/charts/stigatron/values.yaml +++ b/charts/stigatron/values.yaml @@ -58,8 +58,19 @@ nats: jetstream: enabled: true fileStore: + enabled: true + dir: /tmp/jetstream pvc: enabled: false + podTemplate: + configChecksumAnnotation: true + merge: + spec: + securityContext: + runAsNonRoot: true + fsGroup: 65534 + runAsUser: 65534 + runAsGroup: 65534 global: cattle: systemDefaultRegistry: "rgcrprod.azurecr.us" From 3f123d73068e3602769c18f0b3cbabc2296a0588 Mon Sep 17 00:00:00 2001 From: Mridul Gogoi Date: Mon, 27 Nov 2023 10:45:49 -0800 Subject: [PATCH 2/2] Bumping up nats version to 1.1.5, and the charts version and appVersion. --- charts/stigatron/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/stigatron/Chart.yaml b/charts/stigatron/Chart.yaml index 5d0b467..7428c3f 100644 --- a/charts/stigatron/Chart.yaml +++ b/charts/stigatron/Chart.yaml @@ -2,14 +2,14 @@ apiVersion: v2 name: stigatron description: Rancher Government Stigatron Extension icon: https://raw.githubusercontent.com/rancherfederal/carbide-docs/main/static/img/carbide-logo.svg -version: "0.2.4" -appVersion: "0.2.1" +version: "0.2.5" +appVersion: "0.2.2" dependencies: - name: heimdall2 version: "0.1.41" repository: "https://rancherfederal.github.io/carbide-charts" alias: heimdall2 - name: nats - version: "1.1.4" + version: "1.1.5" repository: https://nats-io.github.io/k8s/helm/charts/ alias: nats