aldwyn opened a new issue, #34498: URL: https://github.com/apache/airflow/issues/34498
### Official Helm Chart version 1.10.0 (latest released) ### Apache Airflow version 2.7.1 ### Kubernetes Version 1.26.7 ### Helm Chart configuration _No response_ ### Docker Image customizations _No response_ ### What happened When enabling `dagProcessor.logGroomerSidecar`, our OPA gatekeeper flags the `dag-processor-log-groomer` container with the appropriate non-root permissions. There is no way to set the `securityContexts` for this sidecar as it is not even enabled. ### What you think should happen instead The `securityContexts` setting for the `dag-processor-log-groomer` container should be configurable. ### How to reproduce In the Helm values, set `dagProcessor.logGroomerSidecar` to `true`. ### Anything else This problem occurs when there are OPA policies in place pertaining to strict `securityContexts` settings. ### Are you willing to submit PR? - [X] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
