Pass SecurityContext for container from values

Author: SimonWoidig

imgproxy/templates/deployment.yaml

@@ -122,6 +122,9 @@ spec:
               name: metrics
               protocol: TCP
             {{- end }}
+          {{- if .Values.resources.deployment.containerSecurityContext }}
+          securityContext: {{ $.Values.resources.deployment.containerSecurityContext | toYaml | nindent 12 }}
+          {{- end }}
           readinessProbe:
             httpGet:
               path: {{ .Values.env.IMGPROXY_PATH_PREFIX }}/health

imgproxy/values.yaml

@@ -151,12 +151,23 @@ resources:
     # It is set to 0 by default.
     minReadySeconds: ~
 
-    # A security context defines privilege and access control settings for the deployment.
+    # A security context defines privilege and access control settings for the deployment pod.
     # Check available settings in the documentation by link:
     # https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
     securityContext: {}
       # allowPrivilegeEscalation: false
       # runAsNonRoot: true
+    
+    # A container security context defines privilege and access control settings for the deployment container.
+    # Check available settings in the documentation by link:
+    # https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+    containerSecurityContext: {}
+      # capabilities:
+      #   drop:
+      #     - ALL
+      # readOnlyRootFilesystem: true
+      # allowPrivilegeEscalation: false
+      # runAsNonRoot: true
 
     # A custom amount of time (in seconds) to terminate the app after pre-stop hook is called,
     # or a TERM signal is received.