From f078717b578f62adc4e4a6fe6248d6a142e514a7 Mon Sep 17 00:00:00 2001
From: Paul Farver <paul.farver@lego.com>
Date: Mon, 4 Sep 2023 12:46:09 +0200
Subject: [PATCH] Support containerSecurityContext

---
 charts/influxdb/Chart.yaml                 | 2 +-
 charts/influxdb/README.md                  | 1 +
 charts/influxdb/templates/statefulset.yaml | 3 +++
 charts/influxdb/values.yaml                | 3 +++
 4 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/charts/influxdb/Chart.yaml b/charts/influxdb/Chart.yaml
index 6dfabd6b..1f549bce 100755
--- a/charts/influxdb/Chart.yaml
+++ b/charts/influxdb/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: influxdb
-version: 4.12.5
+version: 4.13.0
 appVersion: 1.8.10
 description: Scalable datastore for metrics, events, and real-time analytics.
 keywords:
diff --git a/charts/influxdb/README.md b/charts/influxdb/README.md
index 918b1701..c4269627 100644
--- a/charts/influxdb/README.md
+++ b/charts/influxdb/README.md
@@ -81,6 +81,7 @@ The following table lists configurable parameters, their descriptions, and their
 | affinity | [Affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) for pod assignment | {                                                                    |
 | tolerations | [Tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) for pod assignment | []                                                                   |
 | securityContext | [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for pod | {}                                                                   |
+| containerSecurityContext | [containerSecurityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for container | {}                                                                   |
 | env | environment variables for influxdb container | {}                                                                   |
 | volumes | `volumes` stanza(s) to be used in the main container | nil                                                                  |
 | mountPoints | `volumeMount` stanza(s) to be used in the main container | nil                                                                  |
diff --git a/charts/influxdb/templates/statefulset.yaml b/charts/influxdb/templates/statefulset.yaml
index f2b21c00..8d0be17d 100644
--- a/charts/influxdb/templates/statefulset.yaml
+++ b/charts/influxdb/templates/statefulset.yaml
@@ -145,6 +145,9 @@ spec:
           failureThreshold: {{ .Values.startupProbe.failureThreshold | default 6 }}
           periodSeconds: {{ .Values.startupProbe.periodSeconds | default 5 }}
         {{- end }}
+        {{- with .Values.containerSecurityContext }}
+        securityContext: {{ toYaml . | nindent 10 }}
+        {{- end }}
         volumeMounts:
         - name: {{ include "influxdb.fullname" . }}-data
           mountPath: /var/lib/influxdb
diff --git a/charts/influxdb/values.yaml b/charts/influxdb/values.yaml
index 73d35976..c307bb02 100644
--- a/charts/influxdb/values.yaml
+++ b/charts/influxdb/values.yaml
@@ -34,6 +34,9 @@ securityContext: {}
   # runAsUser: 999
   # runAsGroup: 999
 
+containerSecurityContext: {}
+  # readOnlyRootFilesystem: true
+
 startupProbe:
   enabled: false
   # path: "/ping"