From bca83b691ff5370ddd62ae66e178cd1ae0561974 Mon Sep 17 00:00:00 2001
From: Bence Csati <bence.csati@axoflow.com>
Date: Wed, 2 Apr 2025 10:57:00 +0200
Subject: [PATCH] feat: set default user and group

Signed-off-by: Bence Csati <bence.csati@axoflow.com>
---
 pkg/sdk/logging/api/v1beta1/fluentd_types.go | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/pkg/sdk/logging/api/v1beta1/fluentd_types.go b/pkg/sdk/logging/api/v1beta1/fluentd_types.go
index a3172a261..818fe5332 100644
--- a/pkg/sdk/logging/api/v1beta1/fluentd_types.go
+++ b/pkg/sdk/logging/api/v1beta1/fluentd_types.go
@@ -170,10 +170,19 @@ func (f *FluentdSpec) SetDefaults() error {
 			f.Security.RoleBasedAccessControlCreate = util.BoolPointer(true)
 		}
 		if f.Security.SecurityContext == nil {
-			f.Security.SecurityContext = &corev1.SecurityContext{}
+			f.Security.SecurityContext = &corev1.SecurityContext{
+				RunAsUser:    util.IntPointer64(100),
+				RunAsGroup:   util.IntPointer64(101),
+				RunAsNonRoot: util.BoolPointer(true),
+			}
 		}
 		if f.Security.PodSecurityContext == nil {
-			f.Security.PodSecurityContext = &corev1.PodSecurityContext{}
+			f.Security.PodSecurityContext = &corev1.PodSecurityContext{
+				RunAsUser:    util.IntPointer64(100),
+				RunAsGroup:   util.IntPointer64(101),
+				RunAsNonRoot: util.BoolPointer(true),
+				FSGroup:      util.IntPointer64(101),
+			}
 		}
 		if f.Security.PodSecurityContext.FSGroup == nil {
 			f.Security.PodSecurityContext.FSGroup = util.IntPointer64(101)