diff --git a/.gitignore b/.gitignore index fca92e43e78..55050d3cbd8 100644 --- a/.gitignore +++ b/.gitignore @@ -41,5 +41,5 @@ tests/test-report.txt tests/test-report.xml private_values.yaml temp/ -library/common-test/charts/* +library/common-test/charts/ Chart.lock diff --git a/.tools/tests/charts/common-test_spec.rb b/.tools/tests/charts/common-test_spec.rb index 32f13e149f0..e37b2b7dc51 100644 --- a/.tools/tests/charts/common-test_spec.rb +++ b/.tools/tests/charts/common-test_spec.rb @@ -38,6 +38,19 @@ class Test < ChartTest end end + describe 'startAsRoot' do + it 'defaults to false = runAs 568' do + jq('.spec.template.spec.securityContext.runAsUser', resource('Deployment')).must_equal 568 + jq('.spec.template.spec.securityContext.runAsGroup', resource('Deployment')).must_equal 568 + end + + it 'can be enabled = runAs nil' do + chart.value startAsRoot: true + jq('.spec.template.spec.securityContext.runAsUser', resource('Deployment')).must_equal nil + jq('.spec.template.spec.securityContext.runAsGroup', resource('Deployment')).must_equal nil + end + end + describe 'hostNetwork' do it ' hostnetworking default = nil' do jq('.spec.template.spec.hostNetwork', resource('Deployment')).must_equal nil diff --git a/charts/bazarr/2.0.0/charts/common-2.0.0.tgz b/charts/bazarr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/bazarr/2.0.0/charts/common-2.0.0.tgz and b/charts/bazarr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/bazarr/2.0.0/ix_values.yaml b/charts/bazarr/2.0.0/ix_values.yaml index 179f650444d..f64b89cc16b 100644 --- a/charts/bazarr/2.0.0/ix_values.yaml +++ b/charts/bazarr/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-v0.9.0.5 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/bazarr/2.0.0/test_values.yaml b/charts/bazarr/2.0.0/test_values.yaml index bb43d2c8f57..1f586e82c4d 100644 --- a/charts/bazarr/2.0.0/test_values.yaml +++ b/charts/bazarr/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/calibre-web/2.0.0/charts/common-2.0.0.tgz b/charts/calibre-web/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/calibre-web/2.0.0/charts/common-2.0.0.tgz and b/charts/calibre-web/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/calibre-web/2.0.0/ix_values.yaml b/charts/calibre-web/2.0.0/ix_values.yaml index 4e3857f7ea9..b529a6b199a 100644 --- a/charts/calibre-web/2.0.0/ix_values.yaml +++ b/charts/calibre-web/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-0.6.9 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/calibre-web/2.0.0/test_values.yaml b/charts/calibre-web/2.0.0/test_values.yaml index 2c8803d43c8..fe30e121420 100644 --- a/charts/calibre-web/2.0.0/test_values.yaml +++ b/charts/calibre-web/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/collabora-online/2.0.0/charts/common-2.0.0.tgz b/charts/collabora-online/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/collabora-online/2.0.0/charts/common-2.0.0.tgz and b/charts/collabora-online/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/collabora-online/2.0.0/ix_values.yaml b/charts/collabora-online/2.0.0/ix_values.yaml index ae7a9806330..dddeab6840c 100644 --- a/charts/collabora-online/2.0.0/ix_values.yaml +++ b/charts/collabora-online/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: tag: 6.4.6.2 pullPolicy: IfNotPresent +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/collabora-online/2.0.0/test_values.yaml b/charts/collabora-online/2.0.0/test_values.yaml index fe5dd594875..72011511b7b 100644 --- a/charts/collabora-online/2.0.0/test_values.yaml +++ b/charts/collabora-online/2.0.0/test_values.yaml @@ -6,6 +6,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: type: NodePort diff --git a/charts/deluge/2.0.0/charts/common-2.0.0.tgz b/charts/deluge/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/deluge/2.0.0/charts/common-2.0.0.tgz and b/charts/deluge/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/deluge/2.0.0/ix_values.yaml b/charts/deluge/2.0.0/ix_values.yaml index 671da2e5e51..58a47a946ac 100644 --- a/charts/deluge/2.0.0/ix_values.yaml +++ b/charts/deluge/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: latest +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/deluge/2.0.0/test_values.yaml b/charts/deluge/2.0.0/test_values.yaml index b9c68fa17a5..b919e8d624d 100644 --- a/charts/deluge/2.0.0/test_values.yaml +++ b/charts/deluge/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/esphome/2.0.0/charts/common-2.0.0.tgz b/charts/esphome/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/esphome/2.0.0/charts/common-2.0.0.tgz and b/charts/esphome/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/esphome/2.0.0/ix_values.yaml b/charts/esphome/2.0.0/ix_values.yaml index 3f501763679..00d035fd9d0 100644 --- a/charts/esphome/2.0.0/ix_values.yaml +++ b/charts/esphome/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: 1.15.3 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/esphome/2.0.0/test_values.yaml b/charts/esphome/2.0.0/test_values.yaml index 98e0c256102..33bf74f08d4 100644 --- a/charts/esphome/2.0.0/test_values.yaml +++ b/charts/esphome/2.0.0/test_values.yaml @@ -12,7 +12,6 @@ services: main: port: port: 6052 - nodePort: 30052 env: {} # ESPHOME_DASHBOARD_USE_PING: true diff --git a/charts/freshrss/2.0.0/charts/common-2.0.0.tgz b/charts/freshrss/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/freshrss/2.0.0/charts/common-2.0.0.tgz and b/charts/freshrss/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/freshrss/2.0.0/ix_values.yaml b/charts/freshrss/2.0.0/ix_values.yaml index aa00a8301d7..a50f786f428 100644 --- a/charts/freshrss/2.0.0/ix_values.yaml +++ b/charts/freshrss/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-1.17.0 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/freshrss/2.0.0/test_values.yaml b/charts/freshrss/2.0.0/test_values.yaml index 1dfdb82261c..439278a7ab8 100644 --- a/charts/freshrss/2.0.0/test_values.yaml +++ b/charts/freshrss/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/gaps/2.0.0/charts/common-2.0.0.tgz b/charts/gaps/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/gaps/2.0.0/charts/common-2.0.0.tgz and b/charts/gaps/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/grocy/2.0.0/charts/common-2.0.0.tgz b/charts/grocy/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/grocy/2.0.0/charts/common-2.0.0.tgz and b/charts/grocy/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/grocy/2.0.0/ix_values.yaml b/charts/grocy/2.0.0/ix_values.yaml index e118cebda7a..957cb3c4d9c 100644 --- a/charts/grocy/2.0.0/ix_values.yaml +++ b/charts/grocy/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: tag: version-v2.7.1 pullPolicy: IfNotPresent +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/grocy/2.0.0/test_values.yaml b/charts/grocy/2.0.0/test_values.yaml index 9992cb9d637..84bd9a50f55 100644 --- a/charts/grocy/2.0.0/test_values.yaml +++ b/charts/grocy/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/handbrake/2.0.0/charts/common-2.0.0.tgz b/charts/handbrake/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/handbrake/2.0.0/charts/common-2.0.0.tgz and b/charts/handbrake/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/handbrake/2.0.0/ix_values.yaml b/charts/handbrake/2.0.0/ix_values.yaml index b8fd1dd808c..28dcfd2d272 100644 --- a/charts/handbrake/2.0.0/ix_values.yaml +++ b/charts/handbrake/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: tag: v1.23.1 pullPolicy: IfNotPresent +startAsRoot: true + #All values here are set as the docker defaults. envTpl: # Permissions Settings diff --git a/charts/handbrake/2.0.0/test_values.yaml b/charts/handbrake/2.0.0/test_values.yaml index e905a5a849b..09e26b9c564 100644 --- a/charts/handbrake/2.0.0/test_values.yaml +++ b/charts/handbrake/2.0.0/test_values.yaml @@ -6,10 +6,12 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: - port: 5800 #Required for web GUI + port: 5800 #Required for web GUI vnc: enabled: true type: ClusterIP @@ -23,6 +25,7 @@ envTpl: # Permissions Settings USER_ID: "{{ .Values.PUID }}" GROUP_ID: "{{ .Values.PGID }}" + env: # General Settings KEEP_APP_RUNNING: "0" diff --git a/charts/heimdall/2.0.0/charts/common-2.0.0.tgz b/charts/heimdall/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/heimdall/2.0.0/charts/common-2.0.0.tgz and b/charts/heimdall/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/heimdall/2.0.0/ix_values.yaml b/charts/heimdall/2.0.0/ix_values.yaml index c246b48646b..5d8a294c05d 100644 --- a/charts/heimdall/2.0.0/ix_values.yaml +++ b/charts/heimdall/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: tag: version-2.2.2 pullPolicy: IfNotPresent +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/heimdall/2.0.0/test_values.yaml b/charts/heimdall/2.0.0/test_values.yaml index a1ce3aa4ef0..07fdf3e723b 100644 --- a/charts/heimdall/2.0.0/test_values.yaml +++ b/charts/heimdall/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/home-assistant/2.0.0/charts/common-2.0.0.tgz b/charts/home-assistant/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/home-assistant/2.0.0/charts/common-2.0.0.tgz and b/charts/home-assistant/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/home-assistant/2.0.0/ix_values.yaml b/charts/home-assistant/2.0.0/ix_values.yaml index 4ea3b3a9ff8..d50df2f8c29 100644 --- a/charts/home-assistant/2.0.0/ix_values.yaml +++ b/charts/home-assistant/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: 2021.1.5 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/home-assistant/2.0.0/test_values.yaml b/charts/home-assistant/2.0.0/test_values.yaml index 468d2fbb3be..e792a95bf93 100644 --- a/charts/home-assistant/2.0.0/test_values.yaml +++ b/charts/home-assistant/2.0.0/test_values.yaml @@ -8,8 +8,10 @@ image: strategy: type: Recreate +startAsRoot: true + env: {} - # TZ: + # TZ: services: main: diff --git a/charts/jackett/2.0.0/charts/common-2.0.0.tgz b/charts/jackett/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/jackett/2.0.0/charts/common-2.0.0.tgz and b/charts/jackett/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/jackett/2.0.0/ix_values.yaml b/charts/jackett/2.0.0/ix_values.yaml index 67867e4ca8b..8362ffdfdde 100644 --- a/charts/jackett/2.0.0/ix_values.yaml +++ b/charts/jackett/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-v0.17.153 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/jackett/2.0.0/test_values.yaml b/charts/jackett/2.0.0/test_values.yaml index 76476ceb7de..c301253a75e 100644 --- a/charts/jackett/2.0.0/test_values.yaml +++ b/charts/jackett/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/jellyfin/2.0.0/charts/common-2.0.0.tgz b/charts/jellyfin/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/jellyfin/2.0.0/charts/common-2.0.0.tgz and b/charts/jellyfin/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/jellyfin/2.0.0/ix_values.yaml b/charts/jellyfin/2.0.0/ix_values.yaml index 81772e33f6a..c24370f6ab3 100644 --- a/charts/jellyfin/2.0.0/ix_values.yaml +++ b/charts/jellyfin/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-10.6.4-1 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/jellyfin/2.0.0/test_values.yaml b/charts/jellyfin/2.0.0/test_values.yaml index 25c75b87731..73a53f8eaa7 100644 --- a/charts/jellyfin/2.0.0/test_values.yaml +++ b/charts/jellyfin/2.0.0/test_values.yaml @@ -9,6 +9,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/kms/2.0.0/Chart.yaml b/charts/kms/2.0.0/Chart.yaml index 31ede17308d..c10113e0296 100644 --- a/charts/kms/2.0.0/Chart.yaml +++ b/charts/kms/2.0.0/Chart.yaml @@ -7,7 +7,7 @@ version: 1.6.4 version: 2.0.0 >>>>>>> [Common] Refactor Services (#212):charts/kms/2.0.0/Chart.yaml # upstream_version: -appVersion: "auto" +appVersion: "minimal" description: Private Windows Activation Server for development and testing type: application deprecated: false diff --git a/charts/kms/2.0.0/charts/common-2.0.0.tgz b/charts/kms/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/kms/2.0.0/charts/common-2.0.0.tgz and b/charts/kms/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/kms/2.0.0/ix_values.yaml b/charts/kms/2.0.0/ix_values.yaml index c2177b2bb5f..d016fa3f01a 100644 --- a/charts/kms/2.0.0/ix_values.yaml +++ b/charts/kms/2.0.0/ix_values.yaml @@ -7,7 +7,9 @@ image: repository: pykmsorg/py-kms pullPolicy: IfNotPresent - tag: latest + tag: minimal + +startAsRoot: true ## # Most other defaults are set in questions.yaml diff --git a/charts/kms/2.0.0/questions.yaml b/charts/kms/2.0.0/questions.yaml index a4f36d9f8d3..b1c37a16a93 100644 --- a/charts/kms/2.0.0/questions.yaml +++ b/charts/kms/2.0.0/questions.yaml @@ -176,70 +176,6 @@ questions: ## TrueCharts Specific - - variable: appVolumeMounts - label: "app storage" - group: "Storage and Devices" - schema: - type: dict - attrs: - # Config ------------------------ - - variable: config - label: "config dataset" - schema: - type: dict - $ref: - - "normalize/ixVolume" - attrs: - - variable: enabled - label: "Enabled" - schema: - type: boolean - default: true - required: true - hidden: true - editable: false - - variable: setPermissions - label: "Automatic Permissions" - description: "Automatically set permissions on install" - schema: - type: boolean - default: true - hidden: false - - variable: emptyDir - label: "emptyDir" - schema: - type: boolean - default: false - hidden: true - editable: false - - variable: datasetName - label: "Dataset Name" - schema: - type: string - default: "config" - required: true - editable: false - - variable: mountPath - label: "Mount Path" - description: "Path to mount inside the pod" - schema: - type: path - required: true - default: "/config" - editable: false - - variable: hostPathEnabled - label: "host Path Enabled" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hostPath - label: "Host Path" - schema: - type: hostpath - required: true - - variable: additionalAppVolumeMounts label: "Custom app storage" group: "Storage and Devices" diff --git a/charts/kms/2.0.0/test_values.yaml b/charts/kms/2.0.0/test_values.yaml index 9f5f36262bb..0e13cbdd40e 100644 --- a/charts/kms/2.0.0/test_values.yaml +++ b/charts/kms/2.0.0/test_values.yaml @@ -3,34 +3,14 @@ image: repository: pykmsorg/py-kms pullPolicy: IfNotPresent - tag: latest + tag: minimal strategy: type: Recreate +startAsRoot: true + services: main: port: port: 1688 - -env: {} - # TZ: UTC - # PUID: 1001 - # PGID: 1001 - - -persistence: - config: - enabled: false - emptyDir: false - - -## TrueCharts Values - - -appVolumeMounts: - config: - enabled: true - emptyDir: true - setPermissions: true - mountPath: "/config" diff --git a/charts/lazylibrarian/2.0.0/charts/common-2.0.0.tgz b/charts/lazylibrarian/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/lazylibrarian/2.0.0/charts/common-2.0.0.tgz and b/charts/lazylibrarian/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/lazylibrarian/2.0.0/ix_values.yaml b/charts/lazylibrarian/2.0.0/ix_values.yaml index be495b43a39..cc54f40da2e 100644 --- a/charts/lazylibrarian/2.0.0/ix_values.yaml +++ b/charts/lazylibrarian/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: latest +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/lazylibrarian/2.0.0/test_values.yaml b/charts/lazylibrarian/2.0.0/test_values.yaml index a5bad0318c0..a13e76753d8 100644 --- a/charts/lazylibrarian/2.0.0/test_values.yaml +++ b/charts/lazylibrarian/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/lidarr/2.0.0/charts/common-2.0.0.tgz b/charts/lidarr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/lidarr/2.0.0/charts/common-2.0.0.tgz and b/charts/lidarr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/lidarr/2.0.0/ix_values.yaml b/charts/lidarr/2.0.0/ix_values.yaml index 6be7e776f32..fa6a027e8a5 100644 --- a/charts/lidarr/2.0.0/ix_values.yaml +++ b/charts/lidarr/2.0.0/ix_values.yaml @@ -8,6 +8,9 @@ image: repository: linuxserver/lidarr pullPolicy: IfNotPresent tag: version-0.8.0.1886 + +startAsRoot: true + probes: liveness: enabled: true diff --git a/charts/lidarr/2.0.0/test_values.yaml b/charts/lidarr/2.0.0/test_values.yaml index c86cabd43c8..d3a7ab403cc 100644 --- a/charts/lidarr/2.0.0/test_values.yaml +++ b/charts/lidarr/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/lychee/2.0.0/charts/common-2.0.0.tgz b/charts/lychee/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/lychee/2.0.0/charts/common-2.0.0.tgz and b/charts/lychee/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/lychee/2.0.0/ix_values.yaml b/charts/lychee/2.0.0/ix_values.yaml index 4462ff6945b..4e05224eb6f 100644 --- a/charts/lychee/2.0.0/ix_values.yaml +++ b/charts/lychee/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: v4.0.8 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/lychee/2.0.0/test_values.yaml b/charts/lychee/2.0.0/test_values.yaml index b1d745dc0aa..84a96554b81 100644 --- a/charts/lychee/2.0.0/test_values.yaml +++ b/charts/lychee/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/navidrome/2.0.0/charts/common-2.0.0.tgz b/charts/navidrome/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/navidrome/2.0.0/charts/common-2.0.0.tgz and b/charts/navidrome/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/node-red/2.0.0/charts/common-2.0.0.tgz b/charts/node-red/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/node-red/2.0.0/charts/common-2.0.0.tgz and b/charts/node-red/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/node-red/2.0.0/test_values.yaml b/charts/node-red/2.0.0/test_values.yaml index 696a909634b..4f28245e65a 100644 --- a/charts/node-red/2.0.0/test_values.yaml +++ b/charts/node-red/2.0.0/test_values.yaml @@ -38,4 +38,4 @@ appVolumeMounts: enabled: true emptyDir: true setPermissions: true - mountPath: "/config" + mountPath: "/data" diff --git a/charts/nzbget/2.0.0/charts/common-2.0.0.tgz b/charts/nzbget/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/nzbget/2.0.0/charts/common-2.0.0.tgz and b/charts/nzbget/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/nzbget/2.0.0/ix_values.yaml b/charts/nzbget/2.0.0/ix_values.yaml index 18bee4cc736..c5e877e9356 100644 --- a/charts/nzbget/2.0.0/ix_values.yaml +++ b/charts/nzbget/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-v21.0 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/nzbget/2.0.0/test_values.yaml b/charts/nzbget/2.0.0/test_values.yaml index 660849aa920..d3bcb17541e 100644 --- a/charts/nzbget/2.0.0/test_values.yaml +++ b/charts/nzbget/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/nzbhydra/2.0.0/charts/common-2.0.0.tgz b/charts/nzbhydra/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/nzbhydra/2.0.0/charts/common-2.0.0.tgz and b/charts/nzbhydra/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/nzbhydra/2.0.0/ix_values.yaml b/charts/nzbhydra/2.0.0/ix_values.yaml index ec3ae0e6e48..8429553dd74 100644 --- a/charts/nzbhydra/2.0.0/ix_values.yaml +++ b/charts/nzbhydra/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-v3.8.1 +startAsRoot: true + probes: liveness: custom: true diff --git a/charts/nzbhydra/2.0.0/test_values.yaml b/charts/nzbhydra/2.0.0/test_values.yaml index 8563b0d89b4..09a85fe714b 100644 --- a/charts/nzbhydra/2.0.0/test_values.yaml +++ b/charts/nzbhydra/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/ombi/2.0.0/charts/common-2.0.0.tgz b/charts/ombi/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/ombi/2.0.0/charts/common-2.0.0.tgz and b/charts/ombi/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/ombi/2.0.0/ix_values.yaml b/charts/ombi/2.0.0/ix_values.yaml index 3ffd7b90e87..6abe44526f6 100644 --- a/charts/ombi/2.0.0/ix_values.yaml +++ b/charts/ombi/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-v4.0.681 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/ombi/2.0.0/test_values.yaml b/charts/ombi/2.0.0/test_values.yaml index 598e5aab2ae..95b0afb12ba 100644 --- a/charts/ombi/2.0.0/test_values.yaml +++ b/charts/ombi/2.0.0/test_values.yaml @@ -9,6 +9,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/organizr/2.0.0/charts/common-2.0.0.tgz b/charts/organizr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/organizr/2.0.0/charts/common-2.0.0.tgz and b/charts/organizr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/organizr/2.0.0/ix_values.yaml b/charts/organizr/2.0.0/ix_values.yaml index 643c73bbaf1..bb40951b9af 100644 --- a/charts/organizr/2.0.0/ix_values.yaml +++ b/charts/organizr/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: Always tag: latest +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/organizr/2.0.0/test_values.yaml b/charts/organizr/2.0.0/test_values.yaml index 965b7a63223..7d2fd8633de 100644 --- a/charts/organizr/2.0.0/test_values.yaml +++ b/charts/organizr/2.0.0/test_values.yaml @@ -9,6 +9,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/qbittorrent/2.0.0/charts/common-2.0.0.tgz b/charts/qbittorrent/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/qbittorrent/2.0.0/charts/common-2.0.0.tgz and b/charts/qbittorrent/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/qbittorrent/2.0.0/ix_values.yaml b/charts/qbittorrent/2.0.0/ix_values.yaml index 0bc17637ab8..5d2fd4b18be 100644 --- a/charts/qbittorrent/2.0.0/ix_values.yaml +++ b/charts/qbittorrent/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: latest +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/qbittorrent/2.0.0/test_values.yaml b/charts/qbittorrent/2.0.0/test_values.yaml index d9830ea376c..0f680b74b1d 100644 --- a/charts/qbittorrent/2.0.0/test_values.yaml +++ b/charts/qbittorrent/2.0.0/test_values.yaml @@ -8,8 +8,10 @@ image: strategy: type: Recreate +startAsRoot: true + env: {} - # TZ: UTC + # TZ: UTC # PUID: 1001 # PGID: 1001 # UMASK: 022 diff --git a/charts/radarr/2.0.0/charts/common-2.0.0.tgz b/charts/radarr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/radarr/2.0.0/charts/common-2.0.0.tgz and b/charts/radarr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/radarr/2.0.0/ix_values.yaml b/charts/radarr/2.0.0/ix_values.yaml index fe62b072041..7d075beba14 100644 --- a/charts/radarr/2.0.0/ix_values.yaml +++ b/charts/radarr/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-3.0.0.3989 +startAsRoot: true + probes: liveness: enabled: true diff --git a/charts/radarr/2.0.0/test_values.yaml b/charts/radarr/2.0.0/test_values.yaml index e5b218bc040..c7d84cd3f09 100644 --- a/charts/radarr/2.0.0/test_values.yaml +++ b/charts/radarr/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/readarr/2.0.0/charts/common-2.0.0.tgz b/charts/readarr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/readarr/2.0.0/charts/common-2.0.0.tgz and b/charts/readarr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/readarr/2.0.0/ix_values.yaml b/charts/readarr/2.0.0/ix_values.yaml index e33ef7e4ccc..263d4c7a33a 100644 --- a/charts/readarr/2.0.0/ix_values.yaml +++ b/charts/readarr/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: nightly +startAsRoot: true + probes: liveness: enabled: true diff --git a/charts/readarr/2.0.0/test_values.yaml b/charts/readarr/2.0.0/test_values.yaml index 8960b66262f..ef3e02563d4 100644 --- a/charts/readarr/2.0.0/test_values.yaml +++ b/charts/readarr/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/sabnzbd/2.0.0/charts/common-2.0.0.tgz b/charts/sabnzbd/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/sabnzbd/2.0.0/charts/common-2.0.0.tgz and b/charts/sabnzbd/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/sabnzbd/2.0.0/ix_values.yaml b/charts/sabnzbd/2.0.0/ix_values.yaml index a41e758885e..ba46914977e 100644 --- a/charts/sabnzbd/2.0.0/ix_values.yaml +++ b/charts/sabnzbd/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-3.1.0 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/sabnzbd/2.0.0/test_values.yaml b/charts/sabnzbd/2.0.0/test_values.yaml index 337f5e567d0..ee271c5875d 100644 --- a/charts/sabnzbd/2.0.0/test_values.yaml +++ b/charts/sabnzbd/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/sonarr/2.0.0/charts/common-2.0.0.tgz b/charts/sonarr/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/sonarr/2.0.0/charts/common-2.0.0.tgz and b/charts/sonarr/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/sonarr/2.0.0/ix_values.yaml b/charts/sonarr/2.0.0/ix_values.yaml index 32a7540a2bc..47f33baf9ac 100644 --- a/charts/sonarr/2.0.0/ix_values.yaml +++ b/charts/sonarr/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-3.0.4.993 +startAsRoot: true + probes: liveness: enabled: true diff --git a/charts/sonarr/2.0.0/test_values.yaml b/charts/sonarr/2.0.0/test_values.yaml index 2112ccdc2ef..f39e4b46d15 100644 --- a/charts/sonarr/2.0.0/test_values.yaml +++ b/charts/sonarr/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/tautulli/2.0.0/charts/common-2.0.0.tgz b/charts/tautulli/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/tautulli/2.0.0/charts/common-2.0.0.tgz and b/charts/tautulli/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/tautulli/2.0.0/ix_values.yaml b/charts/tautulli/2.0.0/ix_values.yaml index c3342c24a35..6297b11a59e 100644 --- a/charts/tautulli/2.0.0/ix_values.yaml +++ b/charts/tautulli/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: v2.6.6 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/tautulli/2.0.0/test_values.yaml b/charts/tautulli/2.0.0/test_values.yaml index 57336e7306d..cf12cf8815f 100644 --- a/charts/tautulli/2.0.0/test_values.yaml +++ b/charts/tautulli/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/traefik/2.0.0/charts/common-2.0.0.tgz b/charts/traefik/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/traefik/2.0.0/charts/common-2.0.0.tgz and b/charts/traefik/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/transmission/2.0.0/charts/common-2.0.0.tgz b/charts/transmission/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/transmission/2.0.0/charts/common-2.0.0.tgz and b/charts/transmission/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/transmission/2.0.0/ix_values.yaml b/charts/transmission/2.0.0/ix_values.yaml index 849c8f85f03..f1e3647c7e6 100644 --- a/charts/transmission/2.0.0/ix_values.yaml +++ b/charts/transmission/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: version-3.00-r2 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/transmission/2.0.0/test_values.yaml b/charts/transmission/2.0.0/test_values.yaml index 0f123f4aae9..702532bf3d6 100644 --- a/charts/transmission/2.0.0/test_values.yaml +++ b/charts/transmission/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: diff --git a/charts/truecommand/2.0.0/charts/common-2.0.0.tgz b/charts/truecommand/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/truecommand/2.0.0/charts/common-2.0.0.tgz and b/charts/truecommand/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/truecommand/2.0.0/ix_values.yaml b/charts/truecommand/2.0.0/ix_values.yaml index e88c99123f1..586e9f231ea 100644 --- a/charts/truecommand/2.0.0/ix_values.yaml +++ b/charts/truecommand/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: 1.3.2 +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/truecommand/2.0.0/test_values.yaml b/charts/truecommand/2.0.0/test_values.yaml index 93342033755..54b7fb77000 100644 --- a/charts/truecommand/2.0.0/test_values.yaml +++ b/charts/truecommand/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + services: main: port: @@ -40,9 +42,6 @@ persistence: ## TrueCharts Config - - - appVolumeMounts: data: enabled: true diff --git a/charts/tvheadend/2.0.0/charts/common-2.0.0.tgz b/charts/tvheadend/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/tvheadend/2.0.0/charts/common-2.0.0.tgz and b/charts/tvheadend/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/tvheadend/2.0.0/ix_values.yaml b/charts/tvheadend/2.0.0/ix_values.yaml index 1d54e5cb7d0..4b1ca609adf 100644 --- a/charts/tvheadend/2.0.0/ix_values.yaml +++ b/charts/tvheadend/2.0.0/ix_values.yaml @@ -9,6 +9,8 @@ image: pullPolicy: IfNotPresent tag: latest +startAsRoot: true + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/tvheadend/2.0.0/test_values.yaml b/charts/tvheadend/2.0.0/test_values.yaml index 971ae4ae535..5666a987722 100644 --- a/charts/tvheadend/2.0.0/test_values.yaml +++ b/charts/tvheadend/2.0.0/test_values.yaml @@ -8,6 +8,8 @@ image: strategy: type: Recreate +startAsRoot: true + # See https://github.com/linuxserver/docker-tvheadend#parameters env: {} # PUID: 1000 diff --git a/charts/unifi/2.0.0/charts/common-2.0.0.tgz b/charts/unifi/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/unifi/2.0.0/charts/common-2.0.0.tgz and b/charts/unifi/2.0.0/charts/common-2.0.0.tgz differ diff --git a/charts/unifi/2.0.0/ix_values.yaml b/charts/unifi/2.0.0/ix_values.yaml index d14aab2f201..92eaf0fd301 100644 --- a/charts/unifi/2.0.0/ix_values.yaml +++ b/charts/unifi/2.0.0/ix_values.yaml @@ -9,6 +9,13 @@ image: tag: 6.0.45 pullPolicy: IfNotPresent +startAsRoot: true + +envTpl: +# Permissions Settings + UNIFI_GID: "{{ .Values.PUID }}" + UNIFI_UID: "{{ .Values.PGID }}" + ## # Most other defaults are set in questions.yaml # For other options please refer to the wiki, default_values.yaml or the common library chart diff --git a/charts/unifi/2.0.0/test_values.yaml b/charts/unifi/2.0.0/test_values.yaml index 94e1ceb9daa..607fa260576 100644 --- a/charts/unifi/2.0.0/test_values.yaml +++ b/charts/unifi/2.0.0/test_values.yaml @@ -8,6 +8,13 @@ image: strategy: type: Recreate +startAsRoot: true + +envTpl: +# Permissions Settings + UNIFI_GID: "{{ .Values.PUID }}" + UNIFI_UID: "{{ .Values.PGID }}" + services: main: port: diff --git a/charts/zwavejs2mqtt/2.0.0/charts/common-2.0.0.tgz b/charts/zwavejs2mqtt/2.0.0/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/charts/zwavejs2mqtt/2.0.0/charts/common-2.0.0.tgz and b/charts/zwavejs2mqtt/2.0.0/charts/common-2.0.0.tgz differ diff --git a/docs/development/values-yaml.md b/docs/development/values-yaml.md index 056509c628c..3fe8b4c065c 100644 --- a/docs/development/values-yaml.md +++ b/docs/development/values-yaml.md @@ -15,6 +15,31 @@ This file contains config values that are not included in questions.yaml, but sh This file is, however, not very well checked by validation and CI. Use it when you absolutely have to. +One important setting in ix_values.yaml is the optional setting: `startAsRoot: true` +This setting is a compatibility toggle for containers that need to be started by root, often these containers use PUID and PGID to descalate (lower) away from root but require it to start. + +A minimal example ix_values.yaml would be: + +``` +## +# This file contains Values.yaml content that gets added to the output of questions.yaml +# It's ONLY meant for content that the user is NOT expected to change. +# Example: Everything under "image" is not included in questions.yaml but is included here. +## + +image: + repository: jacobalberty/unifi + tag: 6.0.45 + pullPolicy: IfNotPresent + + +## +# Most other defaults are set in questions.yaml +# For other options please refer to the wiki, default_values.yaml or the common library chart +## + +``` + ##### test_values.yaml diff --git a/library/common-test/charts/common-2.0.0.tgz b/library/common-test/charts/common-2.0.0.tgz index 380564a1c52..a4a492aafb3 100644 Binary files a/library/common-test/charts/common-2.0.0.tgz and b/library/common-test/charts/common-2.0.0.tgz differ diff --git a/library/common/templates/lib/controller/_pod.tpl b/library/common/templates/lib/controller/_pod.tpl index 497d639480b..e61a449426d 100644 --- a/library/common/templates/lib/controller/_pod.tpl +++ b/library/common/templates/lib/controller/_pod.tpl @@ -26,8 +26,12 @@ imagePullSecrets: {{- toYaml . | nindent 2 }} {{- end }} serviceAccountName: {{ include "common.names.serviceAccountName" . }} -{{- with .Values.podSecurityContext }} securityContext: +{{- if not .Values.startAsRoot }} + runAsUser: {{ .Values.PUID }} + runAsGroup: {{ .Values.PGID }} +{{- end }} +{{- with .Values.podSecurityContext }} {{- toYaml . | nindent 2 }} {{- end }} {{- with .Values.priorityClassName }} diff --git a/library/common/values.yaml b/library/common/values.yaml index 92ab0fbcd28..db281a18d4c 100644 --- a/library/common/values.yaml +++ b/library/common/values.yaml @@ -302,6 +302,7 @@ resources: {} PUID: 568 PGID: 568 UMASK: "002" +startAsRoot: false fixMountPermissions: true # appVolumeMounts: