Update Redis sub-chart to >=14.0.0
Summary
Redis sub-chart included within Gitlab helm chart is out of date and not every pod and container has fully customizable securityContext
values so they fail most installations when paired with basic sets of Kyverno ClusterPolicy resources.
Steps to reproduce
Deploy Gitlab chart without an external redis host configured.
Configuration used
redis:
install: true
metrics:
enabled: true
securityContext:
runAsUser: 1001
fsGroup: 1001
runAsNonRoot: true
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
capabilities:
drop:
- ALL
Current behavior
If redis sub-chart metrics.enabled=true
the metrics container within the redis master and replica pods don't have a containerSecurityContext
or securityContext
template available so things like runAsUser
, runAsNonRoot
and capabilties
values to satisfy a common baseline of security recommendations for Kubernetes clusters.
Expected behavior
Every redis pod has securityContext
values able to be completely set and applied.
Versions
- Chart: 6.0.1
- Platform:
- Cloud: EKS | RKE2
- Kubernetes:
- Client: 1.23.4
- Server: 1.23.6
- Helm:
- Client: v3.8.0
- Server: fluxv2 v0.31.2
Relevant logs
N/A
Edited by Ryan Garcia