From c63de4ce6d3410acc53635f932221b8af75fff28 Mon Sep 17 00:00:00 2001
From: Alokzh <zhalok24@gmail.com>
Date: Sun, 6 Jul 2025 08:46:54 +0530
Subject: [PATCH] fix(): added gRPC port configurtion & updated sidecar
 container security context

Signed-off-by: Alokzh <zhalok24@gmail.com>
---
 controllers/slicegateway/slicegateway.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/controllers/slicegateway/slicegateway.go b/controllers/slicegateway/slicegateway.go
index cbe9a95f1..e04c34521 100644
--- a/controllers/slicegateway/slicegateway.go
+++ b/controllers/slicegateway/slicegateway.go
@@ -225,6 +225,10 @@ func (r *SliceGwReconciler) deploymentForGatewayServer(g *kubeslicev1beta1.Slice
 								Value: "config",
 							},
 						},
+						Ports: []corev1.ContainerPort{{
+							Name:          "grpc",
+							ContainerPort: 5000,
+						}},
 						SecurityContext: &corev1.SecurityContext{
 							Privileged:               &privileged,
 							AllowPrivilegeEscalation: &privileged,
@@ -232,6 +236,9 @@ func (r *SliceGwReconciler) deploymentForGatewayServer(g *kubeslicev1beta1.Slice
 								Add: []corev1.Capability{
 									"NET_ADMIN",
 								},
+								Drop: []corev1.Capability{
+									"ALL",
+								},
 							},
 						},
 						VolumeMounts: []corev1.VolumeMount{
@@ -520,6 +527,10 @@ func (r *SliceGwReconciler) deploymentForGatewayClient(g *kubeslicev1beta1.Slice
 								Value: strconv.Itoa(remotePortNumber),
 							},
 						},
+						Ports: []corev1.ContainerPort{{
+							Name:          "grpc",
+							ContainerPort: 5000,
+						}},
 						SecurityContext: &corev1.SecurityContext{
 							Privileged:               &privileged,
 							AllowPrivilegeEscalation: &privileged,
@@ -527,6 +538,9 @@ func (r *SliceGwReconciler) deploymentForGatewayClient(g *kubeslicev1beta1.Slice
 								Add: []corev1.Capability{
 									"NET_ADMIN",
 								},
+								Drop: []corev1.Capability{
+									"ALL",
+								},
 							},
 						},
 						VolumeMounts: []corev1.VolumeMount{{