openstack/openstack-helm-infra
Code Issues Proposed changes

Adding missing readOnlyRootFilesystem flag for container security context

Browse Source 
Change-Id: Ibc8e259dabad9a162f43df0b7eb4d94e3f3e5c9b
This commit is contained in:
KHIYANI, RAHUL (rk0850) 2019-11-04 09:48:31 -06:00 committed by Rahul Khiyani
parent 81d2d687c8
commit 9d808c96fa
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mariadb/values.yaml
View File

@ -86,6 +86,7 @@ pod:
container:
server:
runAsUser: 0
readOnlyRootFilesystem: false
error_pages:
pod:
runAsUser: 65534
@ -100,12 +101,14 @@ pod:
exporter:
runAsUser: 99
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
prometheus_create_mysql_user:
pod:
runAsUser: 0
container:
main:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
tests:
pod:
runAsUser: 999