charts icon indicating copy to clipboard operation
charts copied to clipboard

Published 20 hours ago verified publisher icon chartmuseum

Chart-museum chart doesn't comply with 'restricted' Pod Security Standard

Open derbeneviv opened this issue 2 years ago • 0 comments

Current 'restricted' kubernetes pod policy standarts (https://kubernetes.io/docs/concepts/security/pod-security-standards/) require the following to be set up:

spec:
  template:
    spec:
      securityContext:
        runAsNonRoot: true
        seccompProfile:
          type: RuntimeDefault

Current helm chart contains setting for runAsNonRoot but not for seccompProfile

Suggestion: chart-museum should contain options to specify non-default seccompProfile.
Ideally, fully custom securityContext should be possible

I can do a pullrequest

derbeneviv avatar Jan 23 '23 12:01 derbeneviv