easylinux/kube-prometheus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Drop Linux capabilities

Browse Source 
Signed-off-by: GitHub <noreply@github.com>
This commit is contained in:
Arthur Silva Sens
2022-02-01 09:25:21 +00:00
committed by GitHub
parent 6bfb07aac2
commit 931af3241d
14 changed files with 58 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
manifests/blackboxExporter-deployment.yaml
View File

@@ -43,6 +43,9 @@ spec:
memory: 20Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 65534
@@ -64,6 +67,9 @@ spec:
memory: 20Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 65534
@@ -92,6 +98,9 @@ spec:
memory: 20Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65532
runAsNonRoot: true