From 81c8571224ab9cc60340f21f6f0170f3e335fa68 Mon Sep 17 00:00:00 2001
From: PrateekDodda <pd2839@att.com>
Date: Tue, 8 Sep 2020 15:35:57 -0500
Subject: [PATCH] Enable Apparmor to etcd chart

Added Apparmor Job to etcd

Change-Id: Ia1770ec44b0a3c186ee33a721d38b36120a3bc30
---
 etcd/templates/deployment.yaml | 1 +
 etcd/values.yaml               | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/etcd/templates/deployment.yaml b/etcd/templates/deployment.yaml
index 494ad5575..ed0bf0a2b 100644
--- a/etcd/templates/deployment.yaml
+++ b/etcd/templates/deployment.yaml
@@ -38,6 +38,7 @@ spec:
 {{ tuple $envAll "etcd" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
       annotations:
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+{{ dict "envAll" $envAll "podName" "etcd" "containerNames" (list "init" "etcd") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
         configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
     spec:
 {{ dict "envAll" $envAll "application" "etcd" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
diff --git a/etcd/values.yaml b/etcd/values.yaml
index 5e74a531f..b563ee586 100644
--- a/etcd/values.yaml
+++ b/etcd/values.yaml
@@ -59,6 +59,11 @@ pod:
         etcd:
           runAsUser: 0
           readOnlyRootFilesystem: false
+  mandatory_access_control:
+    type: apparmor
+    etcd:
+      init: runtime/default
+      etcd: runtime/default
   affinity:
     anti:
       type: