Update Redis sub-chart to >=14.0.0
Summary
Redis sub-chart included within Gitlab helm chart is out of date and not every pod and container has fully customizable securityContext values so they fail most installations when paired with basic sets of Kyverno ClusterPolicy resources.
Steps to reproduce
Deploy Gitlab chart without an external redis host configured.
Configuration used
redis:
install: true
metrics:
enabled: true
securityContext:
runAsUser: 1001
fsGroup: 1001
runAsNonRoot: true
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
capabilities:
drop:
- ALLCurrent behavior
If redis sub-chart metrics.enabled=true the metrics container within the redis master and replica pods don't have a containerSecurityContext or securityContext template available so things like runAsUser, runAsNonRoot and capabilties values to satisfy a common baseline of security recommendations for Kubernetes clusters.
Expected behavior
Every redis pod has securityContext values able to be completely set and applied.
Versions
- Chart: 6.0.1
- Platform:
- Cloud: EKS | RKE2
- Kubernetes:
- Client: 1.23.4
- Server: 1.23.6
- Helm:
- Client: v3.8.0
- Server: fluxv2 v0.31.2
Relevant logs
N/A
Edited by Ryan Garcia