crowetic/mev-inspect-py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce security in k8 files

Browse Source
This commit is contained in:
Tomislav Mikulin 2022-01-10 20:52:45 +01:00
parent a29b12bf0a
commit 2703b008de
2 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
k8s/mev-inspect-workers/values.yaml
View File

@ -17,13 +17,14 @@ podAnnotations: {}
podSecurityContext: {} podSecurityContext: {}
# fsGroup: 2000 # fsGroup: 2000
securityContext: {} securityContext:
# capabilities: allowPrivilegeEscalation: false
# drop: capabilities:
# - ALL drop:
- ALL
# readOnlyRootFilesystem: true # readOnlyRootFilesystem: true
# runAsNonRoot: true runAsNonRoot: true
# runAsUser: 1000 runAsUser: 1000
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious

16
k8s/mev-inspect/values.yaml
View File

@ -17,13 +17,15 @@ podAnnotations: {}
podSecurityContext: {} podSecurityContext: {}
# fsGroup: 2000 # fsGroup: 2000
securityContext: {} securityContext:
# capabilities: allowPrivilegeEscalation: false
# drop: capabilities:
# - ALL drop:
# readOnlyRootFilesystem: true - all
# runAsNonRoot: true #readOnlyRootFilesystem: true
# runAsUser: 1000 runAsNonRoot: true
runAsUser: 1000
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious