File tree Expand file tree Collapse file tree 2 files changed +20
-1
lines changed Expand file tree Collapse file tree 2 files changed +20
-1
lines changed Original file line number Diff line number Diff line change @@ -12,10 +12,22 @@ spec:
1212 labels :
1313 app : {{ .Release.Name }}
1414 spec :
15+ {{- if .Values.securityContext.enabled }}
16+ # Pod-level security settings
17+ securityContext :
18+ runAsUser : {{ .Values.securityContext.runAsUser }}
19+ runAsGroup : {{ .Values.securityContext.runAsGroup }}
20+ fsGroup : {{ .Values.securityContext.fsGroup }}
21+ {{- end }}
1522 containers :
1623 - name : {{ .Release.Name }}
1724 image : " {{ .Values.image.repository }}:{{ .Values.image.tag }}"
1825 imagePullPolicy : {{ .Values.image.pullPolicy }}
26+ {{- if .Values.securityContext.enabled }}
27+ # Container-level security settings
28+ securityContext :
29+ allowPrivilegeEscalation : {{ .Values.securityContext.allowPrivilegeEscalation }}
30+ {{- end }}
1931 ports :
2032 - containerPort : {{ .Values.service.targetPort }}
2133 env :
Original file line number Diff line number Diff line change @@ -11,4 +11,11 @@ service:
1111 port : 80
1212 targetPort : 3000
1313
14- namespace : " "
14+ namespace : " "
15+ securityContext :
16+ enabled : true
17+ runAsUser : 1000
18+ runAsGroup : 3000
19+ fsGroup : 2000
20+ allowPrivilegeEscalation : false
21+
You can’t perform that action at this time.
0 commit comments