crowetic/mev-inspect-py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #226 from tmikulin/improve-k8-security

Browse Source 
Enforce security in k8 files
This commit is contained in:
Luke Van Seters 2022-01-11 08:20:01 -05:00 committed by GitHub
commit a40e250464
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
k8s/mev-inspect-workers/values.yaml
View File

@ -17,13 +17,14 @@ podAnnotations: {}
podSecurityContext: {} podSecurityContext: {}
# fsGroup: 2000 # fsGroup: 2000
securityContext: {} securityContext:
# capabilities: allowPrivilegeEscalation: false
# drop: capabilities:
# - ALL drop:
- ALL
# readOnlyRootFilesystem: true # readOnlyRootFilesystem: true
# runAsNonRoot: true runAsNonRoot: true
# runAsUser: 1000 runAsUser: 1000
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious

16
k8s/mev-inspect/values.yaml
View File

@ -17,13 +17,15 @@ podAnnotations: {}
podSecurityContext: {} podSecurityContext: {}
# fsGroup: 2000 # fsGroup: 2000
securityContext: {} securityContext:
# capabilities: allowPrivilegeEscalation: false
# drop: capabilities:
# - ALL drop:
# readOnlyRootFilesystem: true - all
# runAsNonRoot: true #readOnlyRootFilesystem: true
# runAsUser: 1000 runAsNonRoot: true
runAsUser: 1000
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious