)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":29982,"name":"Priya Shet","email":"priya.shet@gmail.com","username":"priyashet"},"change_message_id":"438b55bcc50d27ddc33b5979f561be4c447c135b","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":22,"id":"07af0b32_49cb9b28","updated":"2021-10-27 14:39:35.000000000","message":"recheck","commit_id":"26db251747d7b00420f5a3afaa86dafd63a3673a"}],"helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl":[{"author":{"_account_id":22636,"name":"Cliff Parsons","email":"cliffhparsons@aol.com","username":"cliffparsons"},"change_message_id":"b17d886132f1d6db6c5bd5f7c16414724d1c5dfa","unresolved":true,"context_lines":[{"line_number":73,"context_line":"      containers:"},{"line_number":74,"context_line":"        - name: ks-user"},{"line_number":75,"context_line":"          image: {{ $envAll.Values.images.tags.ks_user }}"},{"line_number":76,"context_line":"{{ dict \"envAll\" . \"application\" \"app\" | include \"helm-toolkit.snippets.kubernetes_pod_security_context\" | indent 8 }}"},{"line_number":77,"context_line":"          imagePullPolicy: {{ $envAll.Values.images.pull_policy }}"},{"line_number":78,"context_line":"{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include \"helm-toolkit.snippets.kubernetes_resources\" | indent 10 }}"},{"line_number":79,"context_line":"          command:"}],"source_content_type":"text/x-smarty","patch_set":1,"id":"12c7ae33_183269fc","line":76,"range":{"start_line":76,"start_character":0,"end_line":76,"end_character":3},"updated":"2021-09-23 22:37:05.000000000","message":"The problem here is that you are applying a pod security context at the container level.\nIf you want pod security context you need to apply it about at line 67.\nYou can also apply container level security contexts if you want. there is also a helm toolkit for that called kubernetes_container_security_context.\nAlso, the indentation is important here. for pod level security context in this file, you need indentation of 6. For container level security context you need indentation of 10.","commit_id":"cbd29315107c79ddc58ee6565cb7b3e864f16e98"},{"author":{"_account_id":29982,"name":"Priya Shet","email":"priya.shet@gmail.com","username":"priyashet"},"change_message_id":"26c2d59e780cdd94bb3559643599d24ed6c9e82c","unresolved":true,"context_lines":[{"line_number":73,"context_line":"      containers:"},{"line_number":74,"context_line":"        - name: ks-user"},{"line_number":75,"context_line":"          image: {{ $envAll.Values.images.tags.ks_user }}"},{"line_number":76,"context_line":"{{ dict \"envAll\" . \"application\" \"app\" | include \"helm-toolkit.snippets.kubernetes_pod_security_context\" | indent 8 }}"},{"line_number":77,"context_line":"          imagePullPolicy: {{ $envAll.Values.images.pull_policy }}"},{"line_number":78,"context_line":"{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include \"helm-toolkit.snippets.kubernetes_resources\" | indent 10 }}"},{"line_number":79,"context_line":"          command:"}],"source_content_type":"text/x-smarty","patch_set":1,"id":"3c0466a2_4403939f","line":76,"range":{"start_line":76,"start_character":0,"end_line":76,"end_character":3},"in_reply_to":"12c7ae33_183269fc","updated":"2021-09-24 13:18:42.000000000","message":"Thank you for the feedback , updated.","commit_id":"cbd29315107c79ddc58ee6565cb7b3e864f16e98"},{"author":{"_account_id":22636,"name":"Cliff Parsons","email":"cliffhparsons@aol.com","username":"cliffparsons"},"change_message_id":"d08bf226957ae97c0c2f423c518618422c95975a","unresolved":true,"context_lines":[{"line_number":68,"context_line":"      serviceAccountName: {{ $serviceAccountName | quote }}"},{"line_number":69,"context_line":"{{- if hasKey $envAll.Values \"pod\" -}}"},{"line_number":70,"context_line":"{{- if hasKey $envAll.Values.pod \"security_context\" }}"},{"line_number":71,"context_line":"      {{ dict \"envAll\" . \"application\" \"app\" | include \"helm-toolkit.snippets.kubernetes_pod_security_context\" | indent 6 }}"},{"line_number":72,"context_line":"{{- end }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"      restartPolicy: {{ $restartPolicy }}"}],"source_content_type":"text/x-smarty","patch_set":4,"id":"82cc5125_55e61be7","line":71,"range":{"start_line":71,"start_character":0,"end_line":71,"end_character":3},"updated":"2021-09-27 21:56:59.000000000","message":"You need to also have similar configuration in values.yaml file, where you will define the security behavior:\n\npod:\n  security_context:\n    \u003capplication\u003e:\n      pod:\n        runAsUser: \u003cval\u003e\n        ...\n      container:\n        \u003ccontainer_name\u003e:\n          runAsUser: \u003cval\u003e\n          allowPrivilegeEscalation: \u003cval\u003e\n          readOnlyRootFilesystem: \u003cval\u003e\n        \u003ccontainer_name2\u003e:\n          runAsUser: \u003cval\u003e\n          allowPrivilegeEscalation: \u003cval\u003e\n          readOnlyRootFilesystem: \u003cval\u003e","commit_id":"36ab177a38e94fcdaf6fe3f5bed3cc9f48475a20"},{"author":{"_account_id":29982,"name":"Priya Shet","email":"priya.shet@gmail.com","username":"priyashet"},"change_message_id":"a52d1ba0aa32cd23976a30cf9b31887f78079d2a","unresolved":true,"context_lines":[{"line_number":68,"context_line":"      serviceAccountName: {{ $serviceAccountName | quote }}"},{"line_number":69,"context_line":"{{- if hasKey $envAll.Values \"pod\" -}}"},{"line_number":70,"context_line":"{{- if hasKey $envAll.Values.pod \"security_context\" }}"},{"line_number":71,"context_line":"      {{ dict \"envAll\" . \"application\" \"app\" | include \"helm-toolkit.snippets.kubernetes_pod_security_context\" | indent 6 }}"},{"line_number":72,"context_line":"{{- end }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"      restartPolicy: {{ $restartPolicy }}"}],"source_content_type":"text/x-smarty","patch_set":4,"id":"cb10c271_569c03f4","line":71,"range":{"start_line":71,"start_character":0,"end_line":71,"end_character":3},"in_reply_to":"82cc5125_55e61be7","updated":"2021-09-27 23:05:35.000000000","message":"We added the security context so that we could use it downstream where the Ks-user chart is being used. I was trying to update this job to make it optional field if it was not already present in the values.yaml, Do you suggest including in the values.yaml ?","commit_id":"36ab177a38e94fcdaf6fe3f5bed3cc9f48475a20"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"41dbe1ea979d7a048951363be2ffeee20f6385e7","unresolved":true,"context_lines":[{"line_number":38,"context_line":"{{- end }}"},{"line_number":39,"context_line":"{{- $restartPolicy :\u003d index . \"restartPolicy\" | default $restartPolicy_ -}}"},{"line_number":40,"context_line":""},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"{{- $serviceAccountName :\u003d printf \"%s-%s\" $serviceUserPretty \"ks-user\" }}"},{"line_number":43,"context_line":"{{ tuple $envAll \"ks_user\" $serviceAccountName | include \"helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount\" }}"},{"line_number":44,"context_line":"---"}],"source_content_type":"text/x-smarty","patch_set":5,"id":"39810e12_2c5013d2","line":41,"updated":"2021-09-30 21:41:53.000000000","message":"Unneeded newline","commit_id":"bda94d2ce1618446ce0108984457c2151259f0c5"},{"author":{"_account_id":29982,"name":"Priya Shet","email":"priya.shet@gmail.com","username":"priyashet"},"change_message_id":"c6c1e05a14caf3d4ca2510a18629ecd67ab09b58","unresolved":false,"context_lines":[{"line_number":38,"context_line":"{{- end }}"},{"line_number":39,"context_line":"{{- $restartPolicy :\u003d index . \"restartPolicy\" | default $restartPolicy_ -}}"},{"line_number":40,"context_line":""},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"{{- $serviceAccountName :\u003d printf \"%s-%s\" $serviceUserPretty \"ks-user\" }}"},{"line_number":43,"context_line":"{{ tuple $envAll \"ks_user\" $serviceAccountName | include \"helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount\" }}"},{"line_number":44,"context_line":"---"}],"source_content_type":"text/x-smarty","patch_set":5,"id":"90345847_8483a6e5","line":41,"in_reply_to":"39810e12_2c5013d2","updated":"2021-10-05 15:40:46.000000000","message":"Ack","commit_id":"bda94d2ce1618446ce0108984457c2151259f0c5"},{"author":{"_account_id":18250,"name":"Roy Tang","email":"roy.s.tang@att.com","username":"rt7380"},"change_message_id":"de5137fc40c72ca675295c16afd38195b1c05c19","unresolved":true,"context_lines":[{"line_number":72,"context_line":"      serviceAccountName: {{ $serviceAccountName | quote }}"},{"line_number":73,"context_line":"{{- if hasKey $envAll.Values \"pod\" -}}"},{"line_number":74,"context_line":"{{- if hasKey $envAll.Values.pod \"security_context\" -}}"},{"line_number":75,"context_line":"      {{ dict \"envAll\" . \"application\" \"app\" | include \"helm-toolkit.snippets.kubernetes_pod_security_context\" | indent 6 }}"},{"line_number":76,"context_line":"{{- end }}"},{"line_number":77,"context_line":"{{- end }}"},{"line_number":78,"context_line":"      restartPolicy: {{ $restartPolicy }}"}],"source_content_type":"text/x-smarty","patch_set":13,"id":"714fb541_9582d8f1","line":75,"range":{"start_line":75,"start_character":25,"end_line":75,"end_character":45},"updated":"2021-10-12 17:46:55.000000000","message":"This won\u0027t work here, you will have to render the values data and extra the proper names each of the application/component that are listed.","commit_id":"a5826a25892e417d5f18209789c4a90d529f9087"}]}