mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-07 16:01:37 +01:00
fix(helmfile): Add and document security context for components
This commit is contained in:
Thomas Kaltenbrunner
committed by
Thorsten Rossner
Thorsten Rossner
parent
7ef3a10577
commit
519db51be2
@@ -26,6 +26,7 @@ releases:
|
||||
chart: "intercom-service-repo/intercom-service"
|
||||
version: "2.0.1"
|
||||
values:
|
||||
- "values.yaml"
|
||||
- "values.gotmpl"
|
||||
installed: {{ .Values.intercom.enabled }}
|
||||
|
||||
|
||||
21
helmfile/apps/intercom-service/values.yaml
Normal file
21
helmfile/apps/intercom-service/values.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- "ALL"
|
||||
enabled: true
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
seccompProfile:
|
||||
type: "RuntimeDefault"
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
|
||||
podSecurityContext:
|
||||
enabled: true
|
||||
fsGroup: 1000
|
||||
fsGroupChangePolicy: "Always"
|
||||
...
|
||||
Reference in New Issue
Block a user