From 5d52a9d429fdaaca60bb8f2566d1192e9b052ec8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20Stra=C3=9Fberger?= <m.strassberger@metaways.de>
Date: Thu, 13 Jun 2024 15:52:05 +0200
Subject: [PATCH] helm: disable privilege escalation

---
 charts/redisoperator/Chart.yaml  | 2 +-
 charts/redisoperator/values.yaml | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/charts/redisoperator/Chart.yaml b/charts/redisoperator/Chart.yaml
index db9f3777c..10006eae0 100644
--- a/charts/redisoperator/Chart.yaml
+++ b/charts/redisoperator/Chart.yaml
@@ -4,7 +4,7 @@ appVersion: 1.4.0
 apiVersion: v1
 description: A Helm chart for the Spotahome Redis Operator
 name: redis-operator
-version: 3.5.3
+version: 3.5.4
 home: https://github.com/saremox/redis-operator
 keywords:
   - "golang"
diff --git a/charts/redisoperator/values.yaml b/charts/redisoperator/values.yaml
index 7c8ca3a0d..5a1a0202b 100644
--- a/charts/redisoperator/values.yaml
+++ b/charts/redisoperator/values.yaml
@@ -53,6 +53,7 @@ container:
 # Container [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container).
 # See the [API reference](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1) for details.
 securityContext:
+  allowPrivilegeEscalation: false
   readOnlyRootFilesystem: true
   fsGroup: 1000
   runAsGroup: 1000