From 6b93a1e382ba9de36626d80528e97d90d2484e4c Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sun, 10 Sep 2023 15:44:00 +0200
Subject: [PATCH] test(mastodon): Fix missing unittest updates

---
 .../tests/__snapshot__/50_sidekiq_test.yaml.snap  |  5 ++++-
 .../tests/__snapshot__/50_web_test.yaml.snap      |  5 ++++-
 .../tests/__snapshot__/98_snapshot_test.yaml.snap | 15 ++++++++++++---
 3 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/charts/mastodon/tests/__snapshot__/50_sidekiq_test.yaml.snap b/charts/mastodon/tests/__snapshot__/50_sidekiq_test.yaml.snap
index f079b2538..aae912064 100644
--- a/charts/mastodon/tests/__snapshot__/50_sidekiq_test.yaml.snap
+++ b/charts/mastodon/tests/__snapshot__/50_sidekiq_test.yaml.snap
@@ -64,7 +64,6 @@ should match basic snapshot:
           annotations:
             checksum/config-configmap: 6171320454845e8c5c867b5db63251ff95089e25c0200ca8f72d6bb9f6535726
             checksum/config-secrets: c0d40e352ffcd2127af550b605bb0464640cd2960d007d940960d3d69d3c6aa4
-            rollme: "0"
           labels:
             app.kubernetes.io/component: sidekiq-all-queues
             app.kubernetes.io/instance: RELEASE-NAME
@@ -117,9 +116,13 @@ should match basic snapshot:
                 - mountPath: /opt/mastodon/public/system
                   name: system
           securityContext:
+            allowPrivilegeEscalation: false
             fsGroup: 991
             runAsGroup: 991
+            runAsNonRoot: true
             runAsUser: 991
+            seccompProfile:
+              type: RuntimeDefault
           serviceAccountName: RELEASE-NAME-mastodon
           volumes:
             - name: assets
diff --git a/charts/mastodon/tests/__snapshot__/50_web_test.yaml.snap b/charts/mastodon/tests/__snapshot__/50_web_test.yaml.snap
index 5f28d6107..9cdc3e704 100644
--- a/charts/mastodon/tests/__snapshot__/50_web_test.yaml.snap
+++ b/charts/mastodon/tests/__snapshot__/50_web_test.yaml.snap
@@ -60,7 +60,6 @@ should match basic snapshot:
           annotations:
             checksum/config-configmap: 6171320454845e8c5c867b5db63251ff95089e25c0200ca8f72d6bb9f6535726
             checksum/config-secrets: c0d40e352ffcd2127af550b605bb0464640cd2960d007d940960d3d69d3c6aa4
-            rollme: "0"
           labels:
             app.kubernetes.io/component: web
             app.kubernetes.io/instance: RELEASE-NAME
@@ -121,9 +120,13 @@ should match basic snapshot:
                 - mountPath: /opt/mastodon/public/system
                   name: system
           securityContext:
+            allowPrivilegeEscalation: false
             fsGroup: 991
             runAsGroup: 991
+            runAsNonRoot: true
             runAsUser: 991
+            seccompProfile:
+              type: RuntimeDefault
           serviceAccountName: RELEASE-NAME-mastodon
           volumes:
             - name: assets
diff --git a/charts/mastodon/tests/__snapshot__/98_snapshot_test.yaml.snap b/charts/mastodon/tests/__snapshot__/98_snapshot_test.yaml.snap
index 17307d374..185f24a63 100644
--- a/charts/mastodon/tests/__snapshot__/98_snapshot_test.yaml.snap
+++ b/charts/mastodon/tests/__snapshot__/98_snapshot_test.yaml.snap
@@ -132,7 +132,6 @@ should match basic snapshot:
           annotations:
             checksum/config-configmap: 6171320454845e8c5c867b5db63251ff95089e25c0200ca8f72d6bb9f6535726
             checksum/config-secrets: c0d40e352ffcd2127af550b605bb0464640cd2960d007d940960d3d69d3c6aa4
-            rollme: "0"
           labels:
             app.kubernetes.io/component: sidekiq-all-queues
             app.kubernetes.io/instance: RELEASE-NAME
@@ -185,9 +184,13 @@ should match basic snapshot:
                 - mountPath: /opt/mastodon/public/system
                   name: system
           securityContext:
+            allowPrivilegeEscalation: false
             fsGroup: 991
             runAsGroup: 991
+            runAsNonRoot: true
             runAsUser: 991
+            seccompProfile:
+              type: RuntimeDefault
           serviceAccountName: RELEASE-NAME-mastodon
           volumes:
             - name: assets
@@ -219,7 +222,6 @@ should match basic snapshot:
           annotations:
             checksum/config-configmap: 6171320454845e8c5c867b5db63251ff95089e25c0200ca8f72d6bb9f6535726
             checksum/config-secrets: c0d40e352ffcd2127af550b605bb0464640cd2960d007d940960d3d69d3c6aa4
-            rollme: "0"
           labels:
             app.kubernetes.io/component: streaming
             app.kubernetes.io/instance: RELEASE-NAME
@@ -263,9 +265,13 @@ should match basic snapshot:
                   path: /api/v1/streaming/health
                   port: streaming
           securityContext:
+            allowPrivilegeEscalation: false
             fsGroup: 991
             runAsGroup: 991
+            runAsNonRoot: true
             runAsUser: 991
+            seccompProfile:
+              type: RuntimeDefault
           serviceAccountName: RELEASE-NAME-mastodon
   5: |
     apiVersion: apps/v1
@@ -291,7 +297,6 @@ should match basic snapshot:
           annotations:
             checksum/config-configmap: 6171320454845e8c5c867b5db63251ff95089e25c0200ca8f72d6bb9f6535726
             checksum/config-secrets: c0d40e352ffcd2127af550b605bb0464640cd2960d007d940960d3d69d3c6aa4
-            rollme: "0"
           labels:
             app.kubernetes.io/component: web
             app.kubernetes.io/instance: RELEASE-NAME
@@ -352,9 +357,13 @@ should match basic snapshot:
                 - mountPath: /opt/mastodon/public/system
                   name: system
           securityContext:
+            allowPrivilegeEscalation: false
             fsGroup: 991
             runAsGroup: 991
+            runAsNonRoot: true
             runAsUser: 991
+            seccompProfile:
+              type: RuntimeDefault
           serviceAccountName: RELEASE-NAME-mastodon
           volumes:
             - name: assets
-- 
GitLab