<!-- Before you open the request please review the following guidelines and tips to help it be more easily integrated: - Describe the scope of your change - i.e. what the change does. - Describe any known limitations with your change. - Please run any tests or examples that can exercise your modified code. Thank you for contributing! We will try to review, test and integrate the change as soon as we can. --> ### Description of the change <!-- Describe the scope of your change - i.e. what the change does. --> This patch adds the ability to **customize the `SecurityContext`** for the `statefulset` of the Gitea Actions `act_runner`. This allows users to configure pod-level security settings, such as `fsGroup` and `fsGroupChangePolicy`. The patch introduces `statefulset.podSecurityContext` as a new configurable parameter. ### Benefits <!-- What benefits will be realized by the code change? --> This change makes the chart more configurable for different kinds of deployment scenarios. ### Possible drawbacks <!-- Describe any known limitations with your change --> ### Applicable issues <!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. --> - Fixes # ### Additional information <!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. --> * The patch only adds the ability to customize the `podSecurityContext` for the `statefulset`. It does not modify any other security settings or introduce new features beyond this customization. * The default value for `statefulset.podSecurityContext` is an empty object `{}`, meaning no security context is applied unless the user explicitly defines it. ### ⚠ BREAKING <!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. --> ### Checklist <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] --> - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Helm templating unittests are added (required when changing anything in `templates` folder) - [X] All added template resources MUST render a namespace in metadata Reviewed-on: #62 Reviewed-by: DaanSelen <daanselen@noreply.gitea.com> Co-authored-by: Stephen Sullivan <sjsullivan7@gmail.com> Co-committed-by: Stephen Sullivan <sjsullivan7@gmail.com>