Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
Syntax3rror404 committed Aug 24, 2024
1 parent f8bc071 commit 2783b8e
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 1 deletion.
9 changes: 9 additions & 0 deletions chart/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,15 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- containerPort: {{ .Values.service.port }}
securityContext:
runAsNonRoot: {{ .Values.securityContext.runAsNonRoot }}
runAsUser: {{ .Values.securityContext.runAsUser }}
allowPrivilegeEscalation: {{ .Values.securityContext.allowPrivilegeEscalation }}
capabilities:
drop:
{{- toYaml .Values.securityContext.capabilities.drop | nindent 14 }}
seccompProfile:
type: {{ .Values.securityContext.seccompProfile.type }}
volumeMounts:
- name: home-volume
mountPath: /home/dev
Expand Down
12 changes: 11 additions & 1 deletion chart/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,14 @@ persistence:
size: 10Gi
storageClass: "longhorn"

resources: {}
resources: {}

securityContext:
runAsNonRoot: true
runAsUser: 1001
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault

0 comments on commit 2783b8e

Please sign in to comment.