fix: set Coder read-only fs to null (#6207)

* fix: set Coder read-only fs to null * chore: readme fixes * chore: readme fixes v2
2025-07-23 21:32:07 +00:00 · 2023-02-14 12:04:16 -05:00
parent 80bde1e2c9
commit 15c862fcb5
1 changed files with 4 additions and 5 deletions
--- a/helm/values.yaml
+++ b/helm/values.yaml
@ -58,16 +58,15 @@ coder:
    # runs as an unprivileged user. If setting runAsUser to 0 (root), this
    # will need to be set to false.
    runAsNonRoot: true
-    # coder.securityContext.runAsUser -- Sets the user id of the pod.
+    # coder.securityContext.runAsUser -- Sets the user id of the container.
    # For security reasons, we recommend using a non-root user.
    runAsUser: 1000
-    # coder.securityContext.runAsGroup -- Sets the group id of the pod.
+    # coder.securityContext.runAsGroup -- Sets the group id of the container.
    # For security reasons, we recommend using a non-root group.
    runAsGroup: 1000
    # coder.securityContext.readOnlyRootFilesystem -- Mounts the container's
-    # root filesystem as read-only. It is recommended to leave this setting
-    # enabled in production. This will override the same setting in the pod
-    readOnlyRootFilesystem: true
+    # root filesystem as read-only.
+    readOnlyRootFilesystem: null
    # coder.securityContext.seccompProfile -- Sets the seccomp profile for
    # the coder container.
    seccompProfile: