From 5407b547bbb08397e41cceec4cf88d7ae9cbf9fc Mon Sep 17 00:00:00 2001
From: "PRIYA, FNU (fp048v)" <fp048v@att.com>
Date: Thu, 28 Oct 2021 11:26:37 -0500
Subject: [PATCH] Set Security Context to ks-user job

We need flexibility to add securityContext to ks-user job , so that it can be executed without elevated privileges.

Change-Id: I24544015816d57d86c1e69f44b90b6b0271e76a4
---
 helm-toolkit/Chart.yaml                                | 2 +-
 helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl | 9 +++++++++
 releasenotes/notes/helm-toolkit.yaml                   | 1 +
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/helm-toolkit/Chart.yaml b/helm-toolkit/Chart.yaml
index 9c8915a8d..997957bdd 100644
--- a/helm-toolkit/Chart.yaml
+++ b/helm-toolkit/Chart.yaml
@@ -15,7 +15,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Helm-Toolkit
 name: helm-toolkit
-version: 0.2.24
+version: 0.2.25
 home: https://docs.openstack.org/openstack-helm
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png
 sources:
diff --git a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
index cb90b44f6..8bb2dd23e 100644
--- a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
@@ -70,6 +70,15 @@ spec:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
     spec:
       serviceAccountName: {{ $serviceAccountName | quote }}
+{{- if hasKey $envAll.Values "pod" -}}
+{{- if hasKey $envAll.Values.pod "security_context" -}}
+{{- range $service, $value := $envAll.Values.pod.security_context }}
+{{- if  (($value).pod) }}
+{{ dict "envAll" $envAll "application" $service | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
       restartPolicy: {{ $restartPolicy }}
       nodeSelector:
 {{ toYaml $nodeSelector | indent 8 }}
diff --git a/releasenotes/notes/helm-toolkit.yaml b/releasenotes/notes/helm-toolkit.yaml
index 669ba9617..423479717 100644
--- a/releasenotes/notes/helm-toolkit.yaml
+++ b/releasenotes/notes/helm-toolkit.yaml
@@ -31,4 +31,5 @@ helm-toolkit:
   - 0.2.22 Add ability to set labels to add to resources
   - 0.2.23 Helm 3 - Fix Job labels
   - 0.2.24 Migrate Ingress resources to networking.k8s.io/v1
+  - 0.2.25 Set Security Context to ks-user job
 ...