Disallow privilege escalation in rabbitmq server container

This PS is to address security best practices in rabbitmq server containers by disabling allowPrivilegeEscalation flag Change-Id: I4de2ee4320efaa9569312016f4cca61c1f7636b2
2021-01-29 09:37:37 +00:00 · 2021-01-29 09:37:37 +00:00 · bf41f10068
commit bf41f10068
parent 39173f27a8
3 changed files with 7 additions and 1 deletions
--- a/rabbitmq/Chart.yaml
+++ b/rabbitmq/Chart.yaml
@ -15,6 +15,6 @@ apiVersion: v1
 appVersion: v3.7.26
 description: OpenStack-Helm RabbitMQ
 name: rabbitmq
-version: 0.1.5
+version: 0.1.6
 home: https://github.com/rabbitmq/rabbitmq-server
 ...
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@ -84,6 +84,7 @@ pod:
          runAsUser: 0
          readOnlyRootFilesystem: true
        rabbitmq:
+          allowPrivilegeEscalation: false
          runAsUser: 999
          readOnlyRootFilesystem: false
    cluster_wait:
--- a/releasenotes/notes/rabbitmq.yaml
+++ b/releasenotes/notes/rabbitmq.yaml
@ -1,4 +1,9 @@
 ---
 rabbitmq:
  - 0.1.0 Initial Chart
+  - 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0"
+  - 0.1.2 changes rmq-exporter secret src
+  - 0.1.4 Add configurable RABBIT_TIMEOUT parameter
+  - 0.1.5 Update Rabbitmq exporter version
+  - 0.1.6 Disallow privilege escalation in rabbitmq server container
 ...