added runAsNonRoot, dropped caps and disallow priv escalation
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
This commit is contained in:
24
values.yaml
24
values.yaml
@@ -263,9 +263,17 @@ injector:
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
#securityContext:
|
||||
# pod: {}
|
||||
# container: {}
|
||||
securityContext:
|
||||
pod: {}
|
||||
container: {}
|
||||
pod:
|
||||
runAsNonRoot: true
|
||||
container:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
|
||||
resources: {}
|
||||
# resources:
|
||||
@@ -1031,9 +1039,17 @@ server:
|
||||
# If not set, these will default to, and for OpenShift:
|
||||
# pod: {}
|
||||
# container: {}
|
||||
#securityContext:
|
||||
# pod: {}
|
||||
# container: {}
|
||||
securityContext:
|
||||
pod: {}
|
||||
container: {}
|
||||
pod:
|
||||
runAsNonRoot: true
|
||||
container:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
|
||||
# Should the server pods run on the host network
|
||||
hostNetwork: false
|
||||
|
||||
Reference in New Issue
Block a user