added runAsNonRoot, dropped caps and disallow priv escalation
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
This commit is contained in:
24
values.yaml
24
values.yaml
@@ -263,9 +263,17 @@ injector:
|
|||||||
# capabilities:
|
# capabilities:
|
||||||
# drop:
|
# drop:
|
||||||
# - ALL
|
# - ALL
|
||||||
|
#securityContext:
|
||||||
|
# pod: {}
|
||||||
|
# container: {}
|
||||||
securityContext:
|
securityContext:
|
||||||
pod: {}
|
pod:
|
||||||
container: {}
|
runAsNonRoot: true
|
||||||
|
container:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
capabilities:
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
|
||||||
resources: {}
|
resources: {}
|
||||||
# resources:
|
# resources:
|
||||||
@@ -1031,9 +1039,17 @@ server:
|
|||||||
# If not set, these will default to, and for OpenShift:
|
# If not set, these will default to, and for OpenShift:
|
||||||
# pod: {}
|
# pod: {}
|
||||||
# container: {}
|
# container: {}
|
||||||
|
#securityContext:
|
||||||
|
# pod: {}
|
||||||
|
# container: {}
|
||||||
securityContext:
|
securityContext:
|
||||||
pod: {}
|
pod:
|
||||||
container: {}
|
runAsNonRoot: true
|
||||||
|
container:
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
capabilities:
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
|
||||||
# Should the server pods run on the host network
|
# Should the server pods run on the host network
|
||||||
hostNetwork: false
|
hostNetwork: false
|
||||||
|
|||||||
Reference in New Issue
Block a user