Skip to content

Commit 62fa09c

Browse files
wkbrdwkbrd
authored
Update README.md
1 parent 93ea655 commit 62fa09c

File tree

1 file changed

+15
-0
lines changed

1 file changed

+15
-0
lines changed

README.md

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,21 @@ their default values.
6060
| `podAnnotations` | Annotations for pod | `{}` |
6161
| `podLabels` | Labels for pod | `{}` |
6262
| `podDisruptionBudget` | Pod disruption budget | `{}` |
63+
| `podSecurityContext.enabled` | Enabled Keycloak pods' Security Context | `true` |
64+
| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
65+
| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
66+
| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
67+
| `podSecurityContext.fsGroup` | Set Keycloak pod's Security Context fsGroup | `1001` |
68+
| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
69+
| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
70+
| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
71+
| `containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` |
72+
| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
73+
| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
74+
| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` |
75+
| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` |
76+
| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
77+
| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
6378
| `resources.limits.cpu` | Container requested CPU | `nil` |
6479
| `resources.limits.memory` | Container requested memory | `nil` |
6580
| `autoscaling.enabled` | Enable autoscaling using HorizontalPodAutoscaler | `false` |

0 commit comments

Comments
 (0)