scc

2026-02-02 14:17:31 +11:00
parent e731c0ac77
commit a5fed4a656
1 changed files with 2 additions and 2 deletions
--- a/manifests/deployment.yaml
+++ b/manifests/deployment.yaml
@@ -37,10 +37,10 @@ spec:
              memory: "512Mi"
              cpu: "250m"
          securityContext:
-            allowPrivilegeEscalation: true
+            allowPrivilegeEscalation: false
            capabilities:
              drop: ["ALL"]
-            runAsNonRoot: false
+            runAsNonRoot: true
            seccompProfile:
              type: RuntimeDefault
      volumes: