From d2e3d189aeb77ba148ceb6334922e920095b43a2 Mon Sep 17 00:00:00 2001
From: Simon Flandergan <simon.flandergan@device-insight.com>
Date: Mon, 12 Aug 2019 13:07:12 +0200
Subject: [PATCH] added support for security context

---
 activemq-artemis/templates/master-statefulset.yaml | 12 ++++++++++--
 activemq-artemis/templates/slave-statefulset.yaml  | 10 +++++++++-
 activemq-artemis/values.yaml                       |  5 +++++
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/activemq-artemis/templates/master-statefulset.yaml b/activemq-artemis/templates/master-statefulset.yaml
index 14db001..c0fdb37 100644
--- a/activemq-artemis/templates/master-statefulset.yaml
+++ b/activemq-artemis/templates/master-statefulset.yaml
@@ -98,6 +98,10 @@ spec:
             port: core
           initialDelaySeconds: 10
           periodSeconds: 10
+        {{- if .Values.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.containerSecurityContext | indent 10 }}
+        {{- end }}
         volumeMounts:
         - name: data
           mountPath: /var/lib/artemis/data
@@ -107,6 +111,10 @@ spec:
           mountPath: /opt/configure-common
         - name: configure-master
           mountPath: /opt/configure-master
+      {{- if .Values.podSecurityContext }}
+      securityContext:
+{{ toYaml .Values.podSecurityContext | indent 8 }}
+      {{- end }}
       volumes:
       - name: config-override
         emptyDir: {}
@@ -126,7 +134,7 @@ spec:
       resources:
         requests:
           storage: {{ .Values.persistence.size }}
-  {{- else}}
+{{- else }}
       - name: data
         emptyDir: {}
-  {{- end}}
\ No newline at end of file
+{{- end }}
diff --git a/activemq-artemis/templates/slave-statefulset.yaml b/activemq-artemis/templates/slave-statefulset.yaml
index d6af3b6..93252cb 100644
--- a/activemq-artemis/templates/slave-statefulset.yaml
+++ b/activemq-artemis/templates/slave-statefulset.yaml
@@ -78,6 +78,10 @@ spec:
             port: core
           initialDelaySeconds: 10
           periodSeconds: 10
+        {{- if .Values.containerSecurityContext }}
+        securityContext:
+{{ toYaml .Values.containerSecurityContext | indent 10 }}
+        {{- end }}
         volumeMounts:
         - name: data
           mountPath: /var/lib/artemis/data
@@ -87,6 +91,10 @@ spec:
           mountPath: /opt/configure-common
         - name: configure-slave
           mountPath: /opt/configure-slave
+      {{- if .Values.podSecurityContext }}
+      securityContext:
+{{ toYaml .Values.podSecurityContext | indent 8 }}
+      {{- end }}
       volumes:
       - name: config-override
         emptyDir: {}
@@ -106,7 +114,7 @@ spec:
       resources:
         requests:
           storage: {{ .Values.persistence.size }}
-{{- else}}
+{{- else }}
       - name: data
         emptyDir: {}
 {{- end}}
diff --git a/activemq-artemis/values.yaml b/activemq-artemis/values.yaml
index df93a3f..f9aab6f 100644
--- a/activemq-artemis/values.yaml
+++ b/activemq-artemis/values.yaml
@@ -72,6 +72,11 @@ resources:
 loadbalancer:
   enabled: true
 
+# podSecurityContext allows setting security context for the pod: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+# podSecurityContext:
+# containerSecurityContext allows setting security context for the container: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+# containerSecurityContext:
+
 ## Prometheus Exporters / Metrics
 ##
 prometheus: