From 6d7724c79071832008322a5b9c46f98a1e56dc43 Mon Sep 17 00:00:00 2001
From: pd2839 <pd2839@att.com>
Date: Tue, 26 Feb 2019 15:15:50 -0600
Subject: [PATCH] readOnlyFilesystem: true for neutron chart

Fix for adding readOnlyFilesystem flag at pod level

Change-Id: I9ba18101a4566329f288d77677d4255646935dd5
---
 neutron/templates/deployment-server.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml
index e9b6700553..944f87f5dc 100644
--- a/neutron/templates/deployment-server.yaml
+++ b/neutron/templates/deployment-server.yaml
@@ -49,6 +49,8 @@ spec:
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
     spec:
+      securityContext:
+        readOnlyRootFilesystem: true
 {{ dict "envAll" $envAll "application" "neutron" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
       affinity: