From 4449d9af30cb569fc55b8dd0cf9ffee800a8e748 Mon Sep 17 00:00:00 2001
From: devOpsHelm <54980549+devOpsHelm@users.noreply.github.com>
Date: Wed, 4 Mar 2020 15:35:46 +0300
Subject: [PATCH] make configurable securityContext at statefulset spec level
 (#102) (#21218)

Signed-off-by: devOpsHelm <devops+1@hazelcast.com>
---
 stable/hazelcast/Chart.yaml                           | 2 +-
 stable/hazelcast/templates/mancenter-statefulset.yaml | 2 ++
 stable/hazelcast/templates/statefulset.yaml           | 2 ++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/stable/hazelcast/Chart.yaml b/stable/hazelcast/Chart.yaml
index a8d6af474a8c..28012053431e 100644
--- a/stable/hazelcast/Chart.yaml
+++ b/stable/hazelcast/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: hazelcast
-version: 3.0.4
+version: 3.0.5
 appVersion: "4.0"
 tillerVersion: ">=2.7.2"
 kubeVersion: ">=1.9.0-0"
diff --git a/stable/hazelcast/templates/mancenter-statefulset.yaml b/stable/hazelcast/templates/mancenter-statefulset.yaml
index c5e5de2a6ad7..0c2ef3ef66b3 100644
--- a/stable/hazelcast/templates/mancenter-statefulset.yaml
+++ b/stable/hazelcast/templates/mancenter-statefulset.yaml
@@ -38,11 +38,13 @@ spec:
       hostNetwork: false
       hostPID: false
       hostIPC: false
+      {{- if .Values.securityContext.enabled }}
       securityContext:
         runAsNonRoot: {{ if eq (int .Values.securityContext.runAsUser) 0 }}false{{ else }}true{{ end }}
         runAsUser: {{ .Values.securityContext.runAsUser }}
         runAsGroup: {{ .Values.securityContext.runAsGroup }}
         fsGroup: {{ .Values.securityContext.fsGroup }}
+      {{- end }}
       {{- if .Values.mancenter.affinity }}
       affinity:
 {{ toYaml .Values.mancenter.affinity | indent 8 }}
diff --git a/stable/hazelcast/templates/statefulset.yaml b/stable/hazelcast/templates/statefulset.yaml
index a433d6116abf..5a260470302e 100644
--- a/stable/hazelcast/templates/statefulset.yaml
+++ b/stable/hazelcast/templates/statefulset.yaml
@@ -40,11 +40,13 @@ spec:
       hostNetwork: false
       hostPID: false
       hostIPC: false
+      {{- if .Values.securityContext.enabled }}
       securityContext:
         runAsNonRoot: {{ if eq (int .Values.securityContext.runAsUser) 0 }}false{{ else }}true{{ end }}
         runAsUser: {{ .Values.securityContext.runAsUser }}
         runAsGroup: {{ .Values.securityContext.runAsGroup }}
         fsGroup: {{ .Values.securityContext.fsGroup }}
+      {{- end }}
       {{- if .Values.affinity }}
       affinity:
 {{ toYaml .Values.affinity | indent 8 }}