add securityContext in magicleaps

magicleaps/helm-pkg/magicleaps/templates/backend/deployment.yaml

@@ -28,6 +28,10 @@ spec:
         - name: "backend"
           image: "{{ coalesce .Values.backend.image.registry .Values.global.registry "docker.io"}}/{{ coalesce .Values.backend.image.repository .Values.global.repository }}/{{ .Values.backend.image.name }}:{{ .Values.backend.image.tag | default "latest" }}"
           imagePullPolicy: {{ .Values.backend.image.imagePullPolicy | default "IfNotPresent" }}
+          {{- if .Values.backend.securityContext }}
+          securityContext:
+            {{- toYaml .Values.backend.securityContext | nindent 12 }}
+          {{- end }}
           ports:
             {{- range $port := .Values.backend.ports }}
             - containerPort: {{ $port.containerPort }}

magicleaps/helm-pkg/magicleaps/values.alpha.yaml

@@ -72,6 +72,12 @@ backend:
     name: magicleaps-backend
     tag: snapshot-004a6c7
     imagePullPolicy: IfNotPresent
+  securityContext:
+    privileged: true
+    runAsUser: 0
+    runAsGroup: 0
+    allowPrivilegeEscalation: true
+    readOnlyRootFilesystem: false
   ports:
   - name: http
     containerPort: 8081

magicleaps/helm-pkg/magicleaps/values.prod.yaml

@@ -72,6 +72,12 @@ backend:
     name: magicleaps-backend
     tag: 1.0.0
     imagePullPolicy: IfNotPresent
+  securityContext:
+    privileged: true
+    runAsUser: 0
+    runAsGroup: 0
+    allowPrivilegeEscalation: true
+    readOnlyRootFilesystem: false
   ports:
   - name: http
     containerPort: 8081

magicleaps/helm-pkg/magicleaps/values.yaml

@@ -73,6 +73,12 @@ backend:
     name: magicleaps-backend
     tag: 1.0.0
     imagePullPolicy: IfNotPresent
+  securityContext:
+    privileged: true
+    runAsUser: 0
+    runAsGroup: 0
+    allowPrivilegeEscalation: true
+    readOnlyRootFilesystem: false
   ports:
     - name: http
       containerPort: 8081