Skip to content

[pull] main from coder:main #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 29, 2025
Merged

[pull] main from coder:main #117

merged 2 commits into from
Jul 29, 2025

Conversation

pull[bot]
Copy link

@pull pull bot commented Jul 29, 2025
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.3)

Can you help keep this open source service alive? 💖 Please sponsor : )

ausbru87 and others added 2 commits July 28, 2025 20:41
@ausbru87
feat(helm): add pod-level securityContext support for certificate mou…
faac753 
…nting (#19041)

**Add pod-level securityContext support to Coder Helm chart**

Adds `coder.podSecurityContext` field to enable pod-level security
settings, primarily to solve TLS certificate mounting permission issues.

**Problem**: When mounting TLS certificates from Kubernetes secrets, the
Coder process (UID 1000) cannot read the files due to restrictive
permissions.

**Solution**: Setting `podSecurityContext.fsGroup: 1000` ensures
Kubernetes sets group ownership of mounted volumes to GID 1000, allowing
the Coder process to read certificate files.

**Changes**:
- Added `podSecurityContext` field to values.yaml with documentation
- Updated `_coder.yaml` template to include pod-level security context
- Added test case and golden files
- Maintains backward compatibility (opt-in feature)

**Usage**:
```yaml
coder:
  podSecurityContext:
    fsGroup: 1000  # Enables TLS cert access
```

Fixes #19038
@jaaydenh @Emyrk @blink-so
feat: make dynamic parameters opt-in by default for new templates (#1…
1320b8d 
…9006)

resolves #18975 

---------

Co-authored-by: Steven Masley <stevenmasley@gmail.com>
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
@pull pull bot locked and limited conversation to collaborators Jul 29, 2025
@pull pull bot added the ⤵️ pull label Jul 29, 2025
@pull pull bot merged commit 1320b8d into jango-blockchained:main Jul 29, 2025
4 of 6 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
⤵️ pull
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ausbru87 @jaaydenh