From a7a6cfbb1274863d1abfeae2e198ce3bdd69cda4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorsten=20Ro=C3=9Fner?= <thorsten.rossner.extern@zendis.de>
Date: Tue, 25 Nov 2025 16:01:47 +0100
Subject: [PATCH] fix(static-files): Set missing `privileged: false` in
 `containerSecurityContext`

---
 .../values-opendesk-static-files.yaml.gotmpl             | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/helmfile/apps/opendesk-services/values-opendesk-static-files.yaml.gotmpl b/helmfile/apps/opendesk-services/values-opendesk-static-files.yaml.gotmpl
index 28e207f7..7fcb2982 100644
--- a/helmfile/apps/opendesk-services/values-opendesk-static-files.yaml.gotmpl
+++ b/helmfile/apps/opendesk-services/values-opendesk-static-files.yaml.gotmpl
@@ -92,12 +92,13 @@ containerSecurityContext:
     drop:
       - "ALL"
   enabled: true
-  runAsUser: 101
-  runAsGroup: 101
-  seccompProfile:
-    type: "RuntimeDefault"
+  privileged: false
   readOnlyRootFilesystem: true
   runAsNonRoot: true
+  runAsGroup: 101
+  runAsUser: 101
+  seccompProfile:
+    type: "RuntimeDefault"
   seLinuxOptions:
     {{ .Values.seLinuxOptions.opendeskStaticFiles | toYaml | nindent 4 }}