Pods are not starting in VIP Authentication Hub after running helm upgrade to change DB password with strict updated securityContext

search cancel

Pods are not starting in VIP Authentication Hub after running helm upgrade to change DB password with strict updated securityContext

book

Article ID: 397635

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

Doing a helm upgrade to change database (DB) password, the pods were not starting over, due to a new company gateway keeper rule mandating:

securityContext:
  capabilities:
    drop:
      - ALL
        privileged: false
        runAsNonRoot: true
        readOnlyRootFilesystem: true
        allowPrivilegeEscalation: false
        seccompProfile:
        type: RuntimeDefault

Is there a possibility out-of-the-box, to set those in the yaml values?

Resolution

Upgrade VIP Authentication Hub to 3.5 when this one will be available, to benefit the support of missing securityContext parameters in the helm chart.

As workaround, change the securityContext manually in all deployement yaml.

Feedback

thumb_up Yes

thumb_down No