{{- define "lib.securityContext" -}}
{{- if not .Values.workload.securityContext -}}
# ---------------------------------------------------------------------
# Using the default security context, if it doesn't work for you,
# please update `.Values.workload.securityContext`
# ---------------------------------------------------------------------
securityContext:
  runAsUser: 1000
  runAsGroup: 3000
  fsGroup: 2000
{{- else -}}
{{- with .Values.workload.securityContext -}}
securityContext:
{{ toYaml . | indent 2 }}
{{- end }}
{{- end -}}
{{- end -}}

{{- define "lib.containerSecurityContext" -}}
securityContext:
{{- if  not .securityContext }}
  runAsUser: 2000
  allowPrivilegeEscalation: false
{{- else }}
{{- with .securityContext }}
{{ toYaml . | indent 2 }}
{{- end }}
{{- end -}}
{{- end -}}