From 680f9203120588b9198f9f40bad15d9422b53442 Mon Sep 17 00:00:00 2001
From: Steve Wilkerson <wilkers.steve@gmail.com>
Date: Thu, 3 Jan 2019 12:42:52 -0600
Subject: [PATCH] Grafana: Add pod security context for grafana user

This updates the Grafana chart to include the pod security context
on the grafana pod. This changes the pod's user from root to the
grafana user instead

Change-Id: Id64853640f1941001b83566865defe93227b4291
---
 grafana/templates/deployment.yaml | 1 +
 grafana/values.yaml               | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/grafana/templates/deployment.yaml b/grafana/templates/deployment.yaml
index a50b74334..b703792c3 100644
--- a/grafana/templates/deployment.yaml
+++ b/grafana/templates/deployment.yaml
@@ -44,6 +44,7 @@ spec:
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
         configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
     spec:
+{{ dict "envAll" $envAll "application" "grafana" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       serviceAccountName: {{ $serviceAccountName }}
       nodeSelector:
         {{ .Values.labels.grafana.node_selector_key }}: {{ .Values.labels.grafana.node_selector_value | quote }}
diff --git a/grafana/values.yaml b/grafana/values.yaml
index 47775ca7e..a65275285 100644
--- a/grafana/values.yaml
+++ b/grafana/values.yaml
@@ -43,6 +43,9 @@ labels:
     node_selector_value: enabled
 
 pod:
+  user:
+    grafana:
+      uid: 104
   affinity:
     anti:
       type: