herel/math-tables
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
Files
1d47b5490ee28666bac90b1bf1819518d1830903
math-tables/deploy/overlays/production/security-patch.yaml
T

31 lines
811 B
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: math-exercises-app
spec:
template:
spec:
# Additional security context for production
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000
# seccompProfile:
# type: RuntimeDefault
containers:
- name: math-exercises
# Additional security settings for production
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# Environment variables from S3 credentials secret
envFrom:
- secretRef:
name: s3-credentials
Reference in New Issue View Git Blame Copy Permalink