Using RapidFort with Helm Charts
Simplify App deployment by consolidating Kubernetes and adding a Helm Chart to your cluster, accelerating the deployment of containerized applications.
When using RapidFort with Helm Charts, we need to extend the permissions for the security context.
helm show values bitnami/mongodb | yq e .image-
docker pull bitnami/mongodb:4.4.6-debian-10-r8
docker tag bitnami/mongodb:4.4.6-debian-10-r8 <your_repository>/mongodb:4.4.6-deb-10-r8
rfstub <your_repository>/mongodb:4.4.6-debian-10-r8
docker push <your_repository>/mongodb:4.4.6-debian-10-r8-rfstub
helm install mongo bitnami/mongodb \
--set image.registry=<your_repository>\
--set image.repository=mongodb \
--set image.tag=4.4.6-debian-10-r8-rfstub \
--set image.pullPolicy=Always \
--set containerSecurityContext.allowPrivilegeEscalation=true \
--set containerSecurityContext.capabilities.drop="{all}" \
--set containerSecurityContext.capabilities.add="{NET_BIND_SERVICE,SYS_PTRACE,NET_RAW,DAC_OVERRIDE,SETUID,SETGIG,SYS_CHROOT,CHOWN}"
helm uninstall mongo
rfharden <your_repository>/mongodb:4.4.6-debian-10-r8-rfstub
docker push <your_repository>/mongodb:4.4.6-debian-10-r8-rfhardened
helm install mongo bitnami/mongodb \
--set image.registry=<your_repository>\
--set image.respostory=mongodb \
--set image.tab=4.4.6-debian-10-r8-rfhardened