From e978fba298013c93422dfd1556bc1706db123620 Mon Sep 17 00:00:00 2001
From: Sarah Gibson <drsarahlgibson@gmail.com>
Date: Tue, 24 Oct 2023 13:35:50 +0100
Subject: [PATCH] [support] Set allowSnippetAnnotations to true

---
 helm-charts/support/values.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/helm-charts/support/values.yaml b/helm-charts/support/values.yaml
index 0fb0298104..97f6099380 100644
--- a/helm-charts/support/values.yaml
+++ b/helm-charts/support/values.yaml
@@ -41,6 +41,11 @@ ingress-nginx:
         # the default request of 90Mi. To protect it from being evicted by using
         # more memory than requested, we have increased the memory request.
         memory: 250Mi # chart's default is 90Mi
+    # allowSnippetAnnotations being set to false by default was the result of
+    # the below linked CVE. We should investigate if there are other ways we can
+    # use this type of config.
+    # https://github.com/kubernetes/ingress-nginx/issues/7837
+    allowSnippetAnnotations: true
 
 # prometheus is responsible for collecting metrics and informing grafana about
 # the metrics on request. It comes with several dependency charts, where we