From 2339ca3d3dadd8c8dcdc8cc1225914a56a9105b4 Mon Sep 17 00:00:00 2001
From: jianxiaoguo <lijianguo1991@outlook.com>
Date: Fri, 8 May 2026 11:54:33 +0800
Subject: [PATCH] chore(charts): config securityContext

---
 .../victoriametrics/vmagent/vmagent-statefulset.yaml          | 4 ++++
 .../victoriametrics/vmstorage/vmstorage-statefulset.yaml      | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/charts/victoriametrics/templates/victoriametrics/vmagent/vmagent-statefulset.yaml b/charts/victoriametrics/templates/victoriametrics/vmagent/vmagent-statefulset.yaml
index 454b331..3880916 100644
--- a/charts/victoriametrics/templates/victoriametrics/vmagent/vmagent-statefulset.yaml
+++ b/charts/victoriametrics/templates/victoriametrics/vmagent/vmagent-statefulset.yaml
@@ -23,6 +23,10 @@ spec:
         podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmagent.podAntiAffinityPreset.type "component" "" "extraMatchLabels" .Values.vmagent.podAntiAffinityPreset.extraMatchLabels "topologyKey" "" "context" $) | nindent 10 }}
         nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmagent.nodeAffinityPreset.type "key" .Values.vmagent.nodeAffinityPreset.key "values" .Values.vmagent.nodeAffinityPreset.values ) | nindent 10 }}
       serviceAccount: drycc-victoriametrics-vmagent
+      securityContext:
+        fsGroup: 1001
+        runAsGroup: 1001
+        runAsUser: 1001
       initContainers:
       - name: drycc-victoriametrics-vmagent-init
         image: {{.Values.imageRegistry}}/{{.Values.imageOrg}}/python-dev:latest
diff --git a/charts/victoriametrics/templates/victoriametrics/vmstorage/vmstorage-statefulset.yaml b/charts/victoriametrics/templates/victoriametrics/vmstorage/vmstorage-statefulset.yaml
index 1d555be..b27a19b 100644
--- a/charts/victoriametrics/templates/victoriametrics/vmstorage/vmstorage-statefulset.yaml
+++ b/charts/victoriametrics/templates/victoriametrics/vmstorage/vmstorage-statefulset.yaml
@@ -23,6 +23,10 @@ spec:
         podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmstorage.podAffinityPreset.type "component" "" "extraMatchLabels" .Values.vmstorage.podAffinityPreset.extraMatchLabels "topologyKey" "" "context" $) | nindent 10 }}
         podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.vmstorage.podAntiAffinityPreset.type "component" "" "extraMatchLabels" .Values.vmstorage.podAntiAffinityPreset.extraMatchLabels "topologyKey" "" "context" $) | nindent 10 }}
         nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.vmstorage.nodeAffinityPreset.type "key" .Values.vmstorage.nodeAffinityPreset.key "values" .Values.vmstorage.nodeAffinityPreset.values ) | nindent 10 }}
+      securityContext:
+        fsGroup: 1001
+        runAsGroup: 1001
+        runAsUser: 1001
       containers:
       - name: drycc-victoriametrics-vmstorage
         image: {{.Values.imageRegistry}}/{{.Values.imageOrg}}/victoriametrics:{{.Values.imageTag}}