From 29518b303580a43649866d1ce28a9e2a14e9fe61 Mon Sep 17 00:00:00 2001
From: sonicaj <waqarsonic1@gmail.com>
Date: Mon, 1 Nov 2021 21:28:16 +0500
Subject: [PATCH] Allow configuring capabilities for container deployed via
 ix-chart

---
 charts/ix-chart/2109.0.0/default_values.yaml  | 37 -------------------
 test/ix-chart/2111.0.0/default_values.yaml    | 37 -------------------
 test/ix-chart/2111.0.0/questions.yaml         | 11 ++++++
 .../ix-chart/2111.0.0/templates/_workload.tpl |  6 ++-
 test/ix-chart/2111.0.0/test_values.yaml       |  3 ++
 test/ix-chart/2111.0.0/values.yaml            |  0
 6 files changed, 19 insertions(+), 75 deletions(-)
 delete mode 100644 charts/ix-chart/2109.0.0/default_values.yaml
 delete mode 100644 test/ix-chart/2111.0.0/default_values.yaml
 delete mode 100644 test/ix-chart/2111.0.0/values.yaml

diff --git a/charts/ix-chart/2109.0.0/default_values.yaml b/charts/ix-chart/2109.0.0/default_values.yaml
deleted file mode 100644
index af4b34a1d5..0000000000
--- a/charts/ix-chart/2109.0.0/default_values.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# Default values for ix-chart.
-
-image:
-  repository: debian
-  pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: "latest"
-
-# Restart / Update policy
-updateStrategy: RollingUpdate
-
-# Container CMD / entrypoint
-containerCommand: []
-containerArgs: []
-containerEnvironmentVariables: []
-
-# Network related configuration
-externalInterfaces: []
-portForwardingList: []
-hostNetwork: false
-dnsPolicy: Default
-dnsConfig:
-  nameservers: []
-  searches: []
-
-# Storage related configuration
-hostPathVolumes: []
-volumes: []
-
-# Probes
-# Liveness Probe
-livenessProbe: null
-
-# Workload type
-workloadType: "Deployment"
-
-gpuConfiguration: {}
diff --git a/test/ix-chart/2111.0.0/default_values.yaml b/test/ix-chart/2111.0.0/default_values.yaml
deleted file mode 100644
index af4b34a1d5..0000000000
--- a/test/ix-chart/2111.0.0/default_values.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# Default values for ix-chart.
-
-image:
-  repository: debian
-  pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: "latest"
-
-# Restart / Update policy
-updateStrategy: RollingUpdate
-
-# Container CMD / entrypoint
-containerCommand: []
-containerArgs: []
-containerEnvironmentVariables: []
-
-# Network related configuration
-externalInterfaces: []
-portForwardingList: []
-hostNetwork: false
-dnsPolicy: Default
-dnsConfig:
-  nameservers: []
-  searches: []
-
-# Storage related configuration
-hostPathVolumes: []
-volumes: []
-
-# Probes
-# Liveness Probe
-livenessProbe: null
-
-# Workload type
-workloadType: "Deployment"
-
-gpuConfiguration: {}
diff --git a/test/ix-chart/2111.0.0/questions.yaml b/test/ix-chart/2111.0.0/questions.yaml
index b42f39c472..b8f4d7b534 100644
--- a/test/ix-chart/2111.0.0/questions.yaml
+++ b/test/ix-chart/2111.0.0/questions.yaml
@@ -514,3 +514,14 @@ questions:
           schema:
             type: boolean
             default: false
+        - variable: capabilities
+          label: "Capabilities"
+          description: "With Linux capabilities, you can grant certain privileges to a process without granting all the privileges of the root user."
+          schema:
+            type: list
+            items:
+              - variable: capability
+                description: "Add Capability"
+                label: "Add Capability"
+                schema:
+                  type: string
diff --git a/test/ix-chart/2111.0.0/templates/_workload.tpl b/test/ix-chart/2111.0.0/templates/_workload.tpl
index 6f01bd382f..c4bf4ac786 100644
--- a/test/ix-chart/2111.0.0/templates/_workload.tpl
+++ b/test/ix-chart/2111.0.0/templates/_workload.tpl
@@ -56,7 +56,11 @@ containers:
 - name: {{ .Chart.Name }}
   {{- include "volumeMountsConfiguration" . | indent 2}}
   securityContext:
-    {{- toYaml .Values.securityContext | nindent 12 }}
+    privileged: {{ .Values.securityContext.privileged }}
+    {{ if .Values.securityContext.capabilities }}
+    capabilities:
+      add: {{ toYaml .Values.securityContext.capabilities | nindent 8 }}
+    {{ end }}
   image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default "latest" }}"
   imagePullPolicy: {{ .Values.image.pullPolicy }}
   {{- include "containerCommand" . | indent 2 }}
diff --git a/test/ix-chart/2111.0.0/test_values.yaml b/test/ix-chart/2111.0.0/test_values.yaml
index 426c5041bc..beccc104ea 100644
--- a/test/ix-chart/2111.0.0/test_values.yaml
+++ b/test/ix-chart/2111.0.0/test_values.yaml
@@ -37,3 +37,6 @@ livenessProbe: null
 workloadType: "Deployment"
 
 gpuConfiguration: {}
+securityContext:
+  privileged: false
+  capabilities: []
diff --git a/test/ix-chart/2111.0.0/values.yaml b/test/ix-chart/2111.0.0/values.yaml
deleted file mode 100644
index e69de29bb2..0000000000