From d0cb38d0bc27bcd9987c81b895f20aeaafd364a3 Mon Sep 17 00:00:00 2001
From: Miguel Angel Moreno <mmoreno@cartodb.com>
Date: Tue, 20 Jun 2023 12:53:26 +0200
Subject: [PATCH] Add missing podSecurityContext and podSecurityContext in the
 pre-hook install job

---
 chart/values.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/chart/values.yaml b/chart/values.yaml
index 0d44999e..c0d4eb9a 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -4528,6 +4528,7 @@ upgradeCheck:
   podSecurityContext:
     enabled: true
     fsGroup: 1000
+    supplementalGroups: [2345]
   ## Configure Container Security Context
   ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
   ## @param upgradeCheck.containerSecurityContext.enabled Enabled Upgrade Check pre-hook containers' Security Context
@@ -4538,7 +4539,9 @@ upgradeCheck:
   containerSecurityContext:
     enabled: true
     runAsUser: 1000
+    runAsGroup: 1000
     runAsNonRoot: false
+    allowPrivilegeEscalation: false
     capabilities:
       drop:
         - all