diff --git a/build/package/Dockerfile b/build/package/Dockerfile
index 44877c0..e56654f 100644
--- a/build/package/Dockerfile
+++ b/build/package/Dockerfile
@@ -17,8 +17,9 @@ RUN ls cmd
 RUN go vet -v ./...
 RUN go test -v ./...
 
-WORKDIR /go/src/app/cmd
-RUN CGO_ENABLED=0 go build -o /go/bin/poker 
+WORKDIR /go/src/app
+RUN CGO_ENABLED=0 go build -o /go/bin/poker cmd/poker.go
+RUN CGO_ENABLED=0 go build -o /go/bin/groom cmd/groom/groom.go
 
 # for tty2web an image with a shell is required
 FROM alpine:3.17.2
@@ -30,11 +31,15 @@ ADD https://github.com/kost/tty2web/releases/download/v2.7.1/tty2web_linux_amd64
 
 COPY build/package/poker.sh /
 COPY build/package/clients.sh /
+COPY build/package/groom.sh /
+COPY build/package/groom-clients.sh /
 # prepare a script /clients.sh to launch the server as well as tty2web to welcome incoming clients
 # make the script and binary executable
 RUN chmod +x /tty2web \
     && chmod +x /clients.sh \
-    && chmod +x poker.sh
+    && chmod +x /groom.sh \
+    && chmod +x /groom-clients.sh \
+    && chmod +x /poker.sh
 
 RUN mkdir /log && chmod 777 /log
 RUN chown 1000:1000 /log
diff --git a/build/package/groom/Dockerfile b/build/package/debug/Dockerfile
similarity index 91%
rename from build/package/groom/Dockerfile
rename to build/package/debug/Dockerfile
index 6407e94..afeb1a3 100644
--- a/build/package/groom/Dockerfile
+++ b/build/package/debug/Dockerfile
@@ -7,8 +7,8 @@ LABEL org.opencontainers.image.licenses=MIT
 
 WORKDIR /go/src
 COPY . /go/src
-COPY build/package/groom/groom.sh /
-COPY build/package/groom/clients.sh /
+COPY build/package/groom.sh /
+COPY build/package/groom-clients.sh /
 RUN CGO_ENABLED=0 go install github.com/go-delve/delve/cmd/dlv@latest
 # download tty2web binary
 ADD https://github.com/kost/tty2web/releases/download/v2.7.1/tty2web_linux_amd64 /tty2web
@@ -23,7 +23,7 @@ RUN cp /go/bin/dlv / && \
     chmod +x /dlv && \
     chmod +x /groom && \
     chmod +x /groom.sh && \
-    chmod +x /clients.sh && \
+    chmod +x /groom-clients.sh && \
     chmod +x /tty2web
 
 RUN mkdir /log && chmod 777 /log
diff --git a/build/package/groom/clients.sh b/build/package/groom-clients.sh
similarity index 100%
rename from build/package/groom/clients.sh
rename to build/package/groom-clients.sh
diff --git a/build/package/groom/groom.sh b/build/package/groom.sh
similarity index 100%
rename from build/package/groom/groom.sh
rename to build/package/groom.sh
diff --git a/deployments/poker/templates/deployment.yaml b/deployments/poker/templates/deployment.yaml
index 4f42e35..2d6147b 100644
--- a/deployments/poker/templates/deployment.yaml
+++ b/deployments/poker/templates/deployment.yaml
@@ -38,11 +38,14 @@ spec:
               name: {{ $room | lower }}-port
               containerPort: {{ $.Values.tty2webPort | add $index }}
           securityContext:
+            # capabilities:
+            #   drop:
+            #     - all
             runAsUser: 1000
             runAsGroup: 1000
             readOnlyRootFilesystem: false
             allowPrivilegeEscalation: false
-            automountServiceAccountToker: false
+          # automountServiceAccountToker: false
           resources:
             requests:
               cpu: 50m
diff --git a/deployments/poker/templates/groom.yaml b/deployments/poker/templates/groom.yaml
index 8001664..c322766 100644
--- a/deployments/poker/templates/groom.yaml
+++ b/deployments/poker/templates/groom.yaml
@@ -28,7 +28,7 @@ spec:
           imagePullPolicy: {{ .Values.imagegroom.pullPolicy }}
           name: groom
           tty: true # this is required for tty2web to work
-          command: [ "/clients.sh" ]
+          command: [ "/groom-clients.sh" ]
           args: [ "{{ .Values.groomPort }}" ]
           readinessProbe:
             httpGet:
diff --git a/deployments/poker/values.yaml b/deployments/poker/values.yaml
index b0e3621..8038840 100644
--- a/deployments/poker/values.yaml
+++ b/deployments/poker/values.yaml
@@ -7,4 +7,9 @@ image:
   repository: ghcr.io/fc92/poker
   tag: main
   pullPolicy: IfNotPresent # default PullPolicy
+imagegroom:
+  repository: ghcr.io/fc92/poker
+  tag: main
+  pullPolicy: IfNotPresent # default PullPolicy
 externalDomain: poker.local # UPDATE required for target domain
+groomPort: 38888
diff --git a/internal/groom/helm.go b/internal/groom/helm.go
index bc0d485..6e122fb 100644
--- a/internal/groom/helm.go
+++ b/internal/groom/helm.go
@@ -7,12 +7,13 @@ import (
 	"errors"
 	"os"
 
-	"github.com/fc92/poker/internal/common"
 	"github.com/rs/zerolog/log"
 	"helm.sh/helm/v3/pkg/action"
 	"helm.sh/helm/v3/pkg/chartutil"
 	"helm.sh/helm/v3/pkg/cli"
 	"helm.sh/helm/v3/pkg/release"
+
+	"github.com/fc92/poker/internal/common"
 )
 
 const (