From 97fca622769e7a2fff348a6fe2b71b39621d956c Mon Sep 17 00:00:00 2001
From: Dmitrii Didenko <dmitrii.didenko@finsight.com>
Date: Mon, 13 Sep 2021 15:34:27 +0300
Subject: [PATCH] Added security context to work with oom events

---
 charts/cadvisor/Chart.yaml               | 2 +-
 charts/cadvisor/templates/daemonset.yaml | 4 ++++
 charts/cadvisor/values.yaml              | 5 +++++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/charts/cadvisor/Chart.yaml b/charts/cadvisor/Chart.yaml
index ae27500..8e42c64 100644
--- a/charts/cadvisor/Chart.yaml
+++ b/charts/cadvisor/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 description: A chart for a Cadvisor deployment
 name: cadvisor
-version: 1.2.4
+version: 1.3.0
 appVersion: 0.39.2
 home: https://github.com/google/cadvisor
 sources:
diff --git a/charts/cadvisor/templates/daemonset.yaml b/charts/cadvisor/templates/daemonset.yaml
index 9ca1a50..6d761fd 100644
--- a/charts/cadvisor/templates/daemonset.yaml
+++ b/charts/cadvisor/templates/daemonset.yaml
@@ -48,6 +48,10 @@ spec:
           mountPath: {{ default .path .mount }}
           readOnly: true
         {{- end }}
+        {{ if .Values.podSecurityContext.create }}
+        securityContext:
+          privileged: {{ .Values.podSecurityContext.privileged }}
+        {{- end }}
         ports:
         - name: http
           containerPort: {{ .Values.container.port }}
diff --git a/charts/cadvisor/values.yaml b/charts/cadvisor/values.yaml
index e0e419d..5ef889f 100644
--- a/charts/cadvisor/values.yaml
+++ b/charts/cadvisor/values.yaml
@@ -58,6 +58,11 @@ podSecurityPolicy:
   create: false
   privileged: false
 
+# Specifies whether a securityContext should be created. Required for privileged operations.
+podSecurityContext:
+  create: false
+  privileged: false
+
 nodeSelector: {}
 
 tolerations: []