From f2869e68cf63a829f397cab0953d9f0a116c755e Mon Sep 17 00:00:00 2001
From: "KHIYANI, RAHUL (rk0850)" <rk0850@att.com>
Date: Thu, 6 Feb 2020 17:12:07 -0600
Subject: [PATCH] Add apparmor profile to etcd chart

Change-Id: Ic17db9b9e96e6c47b6d970a8dd63ea338a8b4f7e
---
 charts/etcd/templates/daemonset-anchor.yaml | 1 +
 charts/etcd/values.yaml                     | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/charts/etcd/templates/daemonset-anchor.yaml b/charts/etcd/templates/daemonset-anchor.yaml
index 9be2b7f6..b6e12fec 100644
--- a/charts/etcd/templates/daemonset-anchor.yaml
+++ b/charts/etcd/templates/daemonset-anchor.yaml
@@ -39,6 +39,7 @@ spec:
   template:
     metadata:
       annotations:
+{{ dict "envAll" $envAll "podName" "etcd-anchor" "containerNames" (list "etcdctl") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
         scheduler.alpha.kubernetes.io/critical-pod: ''
       labels:
diff --git a/charts/etcd/values.yaml b/charts/etcd/values.yaml
index 9cdf2de9..b6e901a6 100644
--- a/charts/etcd/values.yaml
+++ b/charts/etcd/values.yaml
@@ -188,6 +188,8 @@ pod:
     # requires override for a specific use case e.g. calico-etcd or kubernetes-etcd
     example-etcd:
       etcd: localhost/docker-default
+    etcd-anchor:
+      etcdctl: runtime/default
   env:
     etcd:
       # can be used for tuning, e.g. https://etcd.io/docs/v3.4.0/tuning/