michaeljmarshall commented on issue #110: URL: https://github.com/apache/pulsar-helm-chart/issues/110#issuecomment-803793674
I proposed the following solution in https://github.com/apache/pulsar/pull/8796#issuecomment-802923466. It's copied here: > I think the easiest way to prevent a breaking change in the helm chart is to default to using the `root` user in the helm chart's deployment for the pulsar proxy. We could then add a configuration that allows users to opt in to running that container as a non root user. > > Essentially, we need to default a pulsar proxy pod's security context to the following: > > ```yaml > securityContext: > runAsUser: 0 > runAsGroup: 0 > ``` > > I believe all other pulsar containers should still be able to run as the non root user. > > (I am assuming that we want to prevent breaking changes here as the 2.8.0 release is only a minor version bump.) I'm happy to discuss alternatives. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
