Chart: Allow overriding redis's runAsUser option (#19681)

[tomasgatial]

closes: #19681

---

^ Add meaningful description above

Read the Pull Request Guidelines for more information.
In case of fundamental code change, Airflow Improvement Proposal (AIP) is needed.
In case of a new dependency, check compliance with the ASF 3rd Party License Policy.
In case of backwards incompatible changes please leave a note in UPDATING.md.

[boring-cyborg]

Congratulations on your first Pull Request and welcome to the Apache Airflow community! If you have any issues or are unsure about any anything please check our Contribution Guide (https://github.com/apache/airflow/blob/main/CONTRIBUTING.rst)
Here are some useful points:

• Pay attention to the quality of your code (flake8, mypy and type annotations). Our pre-commits will help you with that.
• In case of a new feature add useful documentation (in docstrings or in docs/ directory). Adding a new operator? Check this short guide Consider adding an example DAG that shows how users should use it.
• Consider using Breeze environment for testing locally, it’s a heavy docker but it ships with a working Airflow and a lot of integrations.
• Be patient and persistent. It might take some time to get a review or get the final approval from Committers.
• Please follow ASF Code of Conduct for all communication including (but not limited to) comments on Pull Requests, Mailing list and Slack.
• Be sure to read the Airflow Coding style.
  Apache Airflow is a community-driven project and together we are making it better 🚀.
  In case of doubts contact the developers at:
  Mailing List: [email protected]
  Slack: https://s.apache.org/airflow-slack

[potiuk]

I believe this should come as .Values.redis.uid parameter ?

For compatibiity with previous version also I tihnk this should have None default and the whole security-context section should be conditional based on the uid set, I think because someone upgrading the chart will already have a root-owned db in /data abwhen persistence is enabled and it might get non-accessible if "runAsUser" is used.

[tomasgatial]

Of course .Values.redis.uid , that was an oversight.

I see the issue with upgrading with existing redis data. What do you think of the solution below?

[potiuk]

Looks good. One more thing - we also have unit tests for the chart (chart/tests) - they are rather simple - you pass parameters and check if the rendered templates are as expected. It would be great to add tests for this change there.

[potiuk]

And I also recommend installing pre-commit - I think it will then generate documentation automatically from the schema (see https://github.com/apache/airflow/blob/main/STATIC_CODE_CHECKS.rst#pre-commit-hooks)
This will avoid unnecessary CI iterations.

[jedcunningham]

This should probably be added after #18249 is merged so we have one less deprecation to deal with.

[potiuk]

Sorry - needs rebase again (but we had some intermittent problems that should nearly be gone - so please - rebase).

[github-actions]

The PR is likely OK to be merged with just subset of tests for default Python and Database versions without running the full matrix of tests, because it does not modify the core of Airflow. If the committers decide that the full tests matrix is needed, they will add the label 'full tests needed'. Then you should rebase to the latest main or amend the last commit of the PR, and push it with --force-with-lease.

[jedcunningham]

@tomasgatial, #18249 has been merged. Can you refactor this to support both uid and a complete securityContext?

[jedcunningham]

Now that #18249 has been merged, we need to refactor this to support a securityContext instead, and optionally an explicit uid.

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 5 days if no further activity occurs. Thank you for your contributions.