fix(homer): run as non root (#2895)

* fix(homer): run as non root

* bump

* chore(icons): fix links
This commit is contained in:
Stavros Kois 2022-06-15 12:54:37 +03:00 committed by GitHub
parent d64f8ee064
commit 422072b3ea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 23 additions and 14 deletions

View File

@ -7,7 +7,7 @@ dependencies:
deprecated: false
description: PostgresSQL
home: https://github.com/truecharts/apps/tree/master/charts/dependency/postgresql
icon: https://truecharts.org/_static/img/appicons/postgresql
icon: https://truecharts.org/_static/img/appicons/postgresql.png
keywords:
- postgres
- postgressql

View File

@ -6,7 +6,7 @@ dependencies:
version: 10.0.10
deprecated: false
description: Promtail is an agent which ships the contents of local logs to a Loki instance
icon: https://truecharts.org/_static/img/appicons/promtail
icon: https://truecharts.org/_static/img/appicons/promtail.png
home: https://github.com/truecharts/apps/tree/master/charts/dependency/promtail
keywords:
- metrics

View File

@ -7,7 +7,7 @@ dependencies:
deprecated: false
description: Open source, advanced key-value store.
home: https://github.com/truecharts/apps/tree/master/charts/dependency/redis
icon: https://truecharts.org/_static/img/appicons/redis
icon: https://truecharts.org/_static/img/appicons/redis.png
keywords:
- redis
- keyvalue

View File

@ -20,7 +20,7 @@ name: homer
sources:
- https://github.com/bastienwirtz/homer
- https://hub.docker.com/r/b4bz/homer
version: 2.0.5
version: 2.0.6
annotations:
truecharts.org/catagories: |
- media

View File

@ -74,7 +74,19 @@ questions:
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: INIT_ASSETS
label: "INIT_ASSETS"
description: "Set 1 to generate example file or 0 to not generate"
schema:
type: string
default: "1"
# Include{containerConfig}
- variable: service
@ -227,7 +239,7 @@ questions:
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: true
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
@ -252,13 +264,13 @@ questions:
description: "The UserID of the user running the application"
schema:
type: int
default: 0
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 0
default: 568
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."

View File

@ -3,12 +3,9 @@ image:
tag: v22.06.1@sha256:bbde8dc3b11a98b9a41d19ead8b55e898a822ef74df097c65bb79d63d1a0f94f
pullPolicy: IfNotPresent
securityContext:
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
runAsUser: 1000
runAsGroup: 1000
service:
main:

View File

@ -6,7 +6,7 @@ name: spotweb
description: Spotweb is a decentralized usenet community based on the Spotnet protocol.
type: application
home: https://github.com/truecharts/apps/tree/master/charts/stable/spotweb
icon: https://truecharts.org/_static/img/appicons/spotnet
icon: https://truecharts.org/_static/img/appicons/spotweb.png
keywords:
- usenet
- spotweb