fix: set runAsNonRoot to false for wait-for-dependencies init container (#243)

hemanthsm · web-flow · commit 5db8c025ca2e · 2025-10-28T22:26:01.000+05:30
diff --git a/helm/trusted-workload/charts/cc-runtimeclass/templates/cc-runtimeclass-deployment.yaml b/helm/trusted-workload/charts/cc-runtimeclass/templates/cc-runtimeclass-deployment.yaml
@@ -28,7 +28,7 @@ spec:
               done &&
               echo "CRD found, upgrading parent-chart with cc-runtimeclass enabled"
           securityContext:
-            runAsNonRoot: true
+            runAsNonRoot: false
             readOnlyRootFilesystem: true
             allowPrivilegeEscalation: false
             seccompProfile:
diff --git a/helm/trusted-workload/charts/cc-runtimeclass/tests/cc-runtimeclass-deployment_test.yaml b/helm/trusted-workload/charts/cc-runtimeclass/tests/cc-runtimeclass-deployment_test.yaml
@@ -52,7 +52,7 @@ tests:
             echo "CRD found, upgrading parent-chart with cc-runtimeclass enabled"
       - equal:
           path: spec.template.spec.initContainers[0].securityContext.runAsNonRoot
-          value: true
+          value: false
       - equal:
           path: spec.template.spec.initContainers[0].securityContext.readOnlyRootFilesystem
           value: true
