From e5b2f52dbaaa320b310a2017b0c67b7156b6bb00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=B6ran=20P=C3=B6hner?=
<10630407+groundhog2k@users.noreply.github.com>
Date: Thu, 30 Mar 2023 17:34:02 +0200
Subject: [PATCH] Updated rabbitmq security (#1225)
---
charts/rabbitmq/Chart.yaml | 4 ++--
charts/rabbitmq/README.md | 2 +-
charts/rabbitmq/RELEASENOTES.md | 1 +
charts/rabbitmq/values.yaml | 5 +++++
4 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/charts/rabbitmq/Chart.yaml b/charts/rabbitmq/Chart.yaml
index f0e161f0..f2e721a1 100644
--- a/charts/rabbitmq/Chart.yaml
+++ b/charts/rabbitmq/Chart.yaml
@@ -7,6 +7,6 @@ type: application
maintainers:
- name: groundhog2k
-version: "0.5.20"
+version: "0.6.13"
-appVersion: "3.10.20"
+appVersion: "3.11.11"
diff --git a/charts/rabbitmq/README.md b/charts/rabbitmq/README.md
index d8403742..03bb26a4 100644
--- a/charts/rabbitmq/README.md
+++ b/charts/rabbitmq/README.md
@@ -1,6 +1,6 @@
# RabbitMQ
-  
+  
## Changelog
diff --git a/charts/rabbitmq/RELEASENOTES.md b/charts/rabbitmq/RELEASENOTES.md
index 320f66f3..af775c6c 100644
--- a/charts/rabbitmq/RELEASENOTES.md
+++ b/charts/rabbitmq/RELEASENOTES.md
@@ -68,4 +68,5 @@
| 0.6.10 | 3.11.9 | Upgraded to RabbitMQ 3.11.9 |
| 0.6.11 | 3.11.10 | Upgraded to RabbitMQ 3.11.10 |
| 0.6.12 | 3.11.11 | Upgraded to RabbitMQ 3.11.11 |
+| 0.6.13 | 3.11.11 | Updated default security context |
| | | |
diff --git a/charts/rabbitmq/values.yaml b/charts/rabbitmq/values.yaml
index dbb1659e..ac2eb306 100644
--- a/charts/rabbitmq/values.yaml
+++ b/charts/rabbitmq/values.yaml
@@ -29,6 +29,8 @@ podAnnotations: {}
## Pod security options
podSecurityContext:
fsGroup: 999
+ supplementalGroups:
+ - 999
## Pod management policy
podManagementPolicy: OrderedReady
@@ -44,6 +46,9 @@ securityContext:
runAsNonRoot: true
runAsGroup: 999
runAsUser: 999
+ capabilities:
+ drop:
+ - ALL
## Default RabbitMq service ports (default: AMQP port 5672, Secure AMQP port 5671, Management UI port 15672)
service:
--
GitLab