From 8611f63a22687357b1f97f731115d22f963d147c Mon Sep 17 00:00:00 2001
From: Angus Williams <anguswilliams@gmail.com>
Date: Thu, 9 Apr 2020 22:59:12 +1200
Subject: [PATCH] Adds optional securityContext config

Allows chart to be run as non-root user. This is required in
environments where pod security policies prohibit running containers as
root.
---
 charts/influxdb/Chart.yaml                 | 2 +-
 charts/influxdb/README.md                  | 1 +
 charts/influxdb/templates/statefulset.yaml | 4 ++++
 charts/influxdb/values.yaml                | 4 ++++
 4 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/charts/influxdb/Chart.yaml b/charts/influxdb/Chart.yaml
index 6f47846..f6de5f7 100755
--- a/charts/influxdb/Chart.yaml
+++ b/charts/influxdb/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: influxdb
-version: 4.4.4
+version: 4.4.5
 appVersion: 1.7.10
 description: Scalable datastore for metrics, events, and real-time analytics.
 keywords:
diff --git a/charts/influxdb/README.md b/charts/influxdb/README.md
index 003cc01..0961920 100644
--- a/charts/influxdb/README.md
+++ b/charts/influxdb/README.md
@@ -75,6 +75,7 @@ The command removes all the Kubernetes components associated with the chart and
 | nodeSelector | Node labels for pod assignment | {} |
 | affinity | [Affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) for pod assignment |  {|
 | tolerations | [Tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) for pod assignment | [] |
+| securityContext | [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for pod | {} |
 | env | environment variables for influxdb container | {} |
 | config.reporting_disabled | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#reporting-disabled-false) | false |
 | config.rpc | RPC address for backup and storage | {} |
diff --git a/charts/influxdb/templates/statefulset.yaml b/charts/influxdb/templates/statefulset.yaml
index 0559c20..23e17de 100644
--- a/charts/influxdb/templates/statefulset.yaml
+++ b/charts/influxdb/templates/statefulset.yaml
@@ -37,6 +37,10 @@ spec:
       {{- if .Values.tolerations }}
       tolerations:
 {{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.securityContext }}
+      securityContext:
+{{ toYaml .Values.securityContext | indent 8 }}
       {{- end }}
       {{- if .Values.image.pullSecrets }}
       imagePullSecrets:
diff --git a/charts/influxdb/values.yaml b/charts/influxdb/values.yaml
index ad295fb..df25cf1 100644
--- a/charts/influxdb/values.yaml
+++ b/charts/influxdb/values.yaml
@@ -28,6 +28,10 @@ readinessProbe: {}
   # timeoutSeconds: 1
   # scheme: HTTP
 
+securityContext: {}
+  # runAsUser: 999
+  # runAsGroup: 999
+
 startupProbe:
   enabled: false
   # failureThreshold: 6
-- 
2.24.1