Add security context for permission

Signed-off-by: Benedith Mulongo <benedith@sunet.se>
2025-01-30 17:53:01 +01:00 · 2025-01-30 17:53:01 +01:00 · 85d0b5e73a
commit 85d0b5e73a
parent 9c7b302e0a
2 changed files with 4 additions and 13 deletions
--- a/keycloak/base/keycloak-deployment.yaml
+++ b/keycloak/base/keycloak-deployment.yaml
@ -23,12 +23,6 @@ spec:
        - "start"
        - "--hostname=keycloak-test.streams.sunet.se"
        - "--verbose"
-        # args: [ "start" ]
-        # args:
-        # - "start"
-        # # - "--https-certificate-file=/etc/ssl/certs/cert.pem"+
-        # # - "--https-certificate-key-file=/etc/ssl/certs/key.pem"
-        # - "--verbose"
        env:
        - name: KC_HTTP_ENABLED
          value: "true"
@ -78,12 +72,9 @@ spec:
        - name: keycloak-tls-secret
          mountPath: /etc/ssl/certs
          readOnly: true
-        # command:
-        # # - /opt/keycloak/bin/kc.sh
-        # - start
-        # - --https-certificate-file=/etc/ssl/certs/cert.pem
-        # - --https-certificate-key-file=/etc/ssl/certs/key.pem
-        # - --verbose
+        securityContext:
+          runAsUser: 1000
+          runAsGroup: 1000
      volumes:
      - name: storage
        persistentVolumeClaim:
--- a/keycloak/keyckoak-application.yaml
+++ b/keycloak/keyckoak-application.yaml
@ -7,7 +7,7 @@ spec:
  project: default
  source:
    repoURL: https://platform.sunet.se/streams/streams-manifests.git
-    targetRevision: streams-manifests-2025-01-30-v53
+    targetRevision: streams-manifests-2025-01-30-v56
    path: keycloak/overlays/test
  destination:
    server: https://kubernetes.default.svc