easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add securityContext items and add pod security labes

Browse Source
This commit is contained in:
Matthias Loibl
2023-05-31 17:32:41 +01:00
parent 1706065791
commit 1e55a4057c
4 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
jsonnet/kube-prometheus/components/kube-rbac-proxy.libsonnet
View File

@@ -63,5 +63,6 @@ function(params) {
allowPrivilegeEscalation: false,
readOnlyRootFilesystem: true,
capabilities: { drop: ['ALL'] },
seccompProfile: { type: 'RuntimeDefault' },
},
}

2
jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet
View File

@@ -280,7 +280,9 @@ function(params) {
securityContext: {
allowPrivilegeEscalation: false,
readOnlyRootFilesystem: true,
runAsNonRoot: true,
capabilities: { drop: ['ALL'] },
seccompProfile: { type: 'RuntimeDefault' },
},
};