chart/redpanda: Set securityContext.runAsNonRoot to false for tuning container

[RafalKorepta]

All credits goes to @maksym-iv.

Fixes #1162

[chrisseto]

Can we backport this to at least v2.4.x?

And just to check, did we verify that this works as expected? There are no test cases where statefulset.podTemplate.spec.securityContext.runAsNonRoot is set to true.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR was closed because it has been stalled for 5 days with no activity.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[github-actions]

This PR is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[RafalKorepta]

I can confirm that running the following command:

helm install rk-test ./charts/redpanda/chart -f test.yaml

where the test.yaml file contains:

statefulset:
  podTemplate:
    spec:
      initContainers:
      - name: tuning
        securityContext:
          runAsNonRoot: true

results with the following error:

Error: container's runAsUser breaks non-root policy (pod: "rk-test-0_default(351e9a8d-b99a-4f5a-ad64-1281aff6f1c5)", container: tuning)

[github-actions]

💔 Some backports could not be created

Status	Branch	Result
✅	release/v2.4.x
❌	release/v2.3.x	An unhandled error occurred. Please see the logs for details
✅	release/v25.1.x
❌	release/v25.2.x	An unhandled error occurred. Please see the logs for details

Note: Successful backport PRs will be merged automatically after passing CI.

Manual backport

To create the backport manually run:

backport --pr 1165

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

[github-actions]

💔 Some backports could not be created

Status	Branch	Result
✅	release/v2.4.x
✅	release/v2.3.x
❌	release/v25.1.x	An unhandled error occurred. Please see the logs for details
✅	release/v25.2.x

Note: Successful backport PRs will be merged automatically after passing CI.

Manual backport

To create the backport manually run:

backport --pr 1165

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

[github-actions]

💔 Some backports could not be created

Status	Branch	Result
❌	release/v2.4.x	An unhandled error occurred. Please see the logs for details
✅	release/v2.3.x
✅	release/v25.1.x
✅	release/v25.2.x

Note: Successful backport PRs will be merged automatically after passing CI.

Manual backport

To create the backport manually run:

backport --pr 1165

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

[github-actions]

💚 All backports created successfully

Status	Branch	Result
✅	release/v2.4.x
✅	release/v2.3.x
✅	release/v25.1.x
✅	release/v25.2.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

[david-yu]

@RafalKorepta I think you forgot 25.3, I think 2.4.x and 2.3.x are optional to backport.

[github-actions]

💚 All backports created successfully

Status	Branch	Result
✅	release/v25.3.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details