From 344788de318ab3f7af31434159425e46134db437 Mon Sep 17 00:00:00 2001
From: Jordan Dubrick <jdubrick@redhat.com>
Date: Wed, 6 Mar 2024 16:10:45 -0500
Subject: [PATCH 1/2] update timeout values for index server and registry
 viewer

Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
---
 deploy/chart/devfile-registry/templates/deployment.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/deploy/chart/devfile-registry/templates/deployment.yaml b/deploy/chart/devfile-registry/templates/deployment.yaml
index e022151c2..2c294c5b6 100644
--- a/deploy/chart/devfile-registry/templates/deployment.yaml
+++ b/deploy/chart/devfile-registry/templates/deployment.yaml
@@ -87,8 +87,8 @@ spec:
             port: 3000
             scheme: HTTP
           initialDelaySeconds: 30
-          periodSeconds: 1
-          timeoutSeconds: 10
+          periodSeconds: 10
+          timeoutSeconds: 20
         {{- end }}
         resources:
           limits:
@@ -121,7 +121,7 @@ spec:
             scheme: HTTP
           initialDelaySeconds: 15
           periodSeconds: 10
-          timeoutSeconds: 3
+          timeoutSeconds: 20
         readinessProbe:
           httpGet:
             path: /viewer
@@ -129,7 +129,7 @@ spec:
             scheme: HTTP
           initialDelaySeconds: 15
           periodSeconds: 10
-          timeoutSeconds: 3
+          timeoutSeconds: 20
         resources:
           limits:
             memory: {{ .Values.registryViewer.memoryLimit }}

From 00df100b232ecd47d14ba666d7b46dda47a2b213 Mon Sep 17 00:00:00 2001
From: Jordan Dubrick <jdubrick@redhat.com>
Date: Fri, 8 Mar 2024 12:58:55 -0500
Subject: [PATCH 2/2] add securitycontext and remove env file

Signed-off-by: Jordan Dubrick <jdubrick@redhat.com>
---
 .../devfile-registry/templates/deployment.yaml | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/deploy/chart/devfile-registry/templates/deployment.yaml b/deploy/chart/devfile-registry/templates/deployment.yaml
index 2c294c5b6..ecf1ce365 100644
--- a/deploy/chart/devfile-registry/templates/deployment.yaml
+++ b/deploy/chart/devfile-registry/templates/deployment.yaml
@@ -38,6 +38,13 @@ spec:
         release: "{{ .Release.Name }}"
         heritage: "{{ .Release.Service }}"
     spec:
+      {{- if .Values.persistence.enabled }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1001
+        runAsGroup: 2001
+        fsGroup: 3001
+      {{- end }}
       volumes:
         - name: devfile-registry-storage
         {{- if .Values.persistence.enabled }}
@@ -52,12 +59,6 @@ spec:
             items:
               - key: registry-config.yml
                 path: config.yml
-        - name: viewer-env-file
-          configMap:
-            name: {{ template "devfileregistry.fullname" . }}
-            items:
-              - key: .env.registry-viewer
-                path: .env.production
       containers:
       - image: "{{ .Values.devfileIndex.image }}:{{ .Values.devfileIndex.tag }}"
         imagePullPolicy: {{ .Values.devfileIndex.imagePullPolicy }}
@@ -147,11 +148,6 @@ spec:
                   "fqdn": "{{ template "devfileregistry.ingressUrl" . }}"
                 }
               ]
-        volumeMounts:
-          - name: viewer-env-file
-            mountPath: /app/.env.production
-            subPath: .env.production
-            readOnly: true
         securityContext:
           allowPrivilegeEscalation: false
           runAsNonRoot: true