math-tables/deploy/overlays/production/security-patch.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: math-exercises-app
spec:
  template:
    spec:
      # Additional security context for production
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
        fsGroup: 2000
        seccompProfile:
          type: RuntimeDefault
      containers:
      - name: math-exercises
        # Additional security settings for production
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
          capabilities:
            drop:
              - ALL
            add:
              - NET_BIND_SERVICE