Enable SecurityContext on container level

[Shwethamuralikrishnaa]

Is your feature request related to a problem? Please describe. We are not able to define containerSecurityContext, this causes efs-csi-driver containers to get flagged by security scanner.

Describe the solution you'd like in detail The chart must support the containerSecurityContext.

Describe alternatives you've considered

Additional context

[pierluigilenoci]

@wongma7 @Ashley-wenyizha @RomanBednar can you please take a look?

[pierluigilenoci]

@wongma7 @Ashley-wenyizha @RomanBednar can you please take a look?

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle stale
• Mark this issue or PR as rotten with /lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[pierluigilenoci]

/remove-lifecycle stale

[pierluigilenoci]

@mskanth972 @mjsoyeon could you please take a look? @Ashley-wenyizha @dschunack @lmouhib who should I ask for feedback?

[dschunack]

/assign @jsafrane

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[pierluigilenoci]

/remove-lifecycle stale

[pierluigilenoci]

@jsafrane, any news on this?

[mskanth972]

Hi @pierluigilenoci, thanks for bringing here, we will plan to work on this soon and add the respected fields readOnlyRootFilesystem , allowPrivilegeEscalation under the security context.

[jsafrane]

/unassign Please don't assign me to random issues without my consent.

[RyanStan]

/kind enhancement

[k8s-ci-robot]

@RyanStan: The label(s) kind/enchancement cannot be applied, because the repository doesn't have them.

In response to this:

/kind enchancement

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[RyanStan]

/kind feature

[mskanth972]

Closing the issue as PR for enabling security context for container level is merged and will mark it in the coming release.

[mskanth972]

/close

[k8s-ci-robot]

@mskanth972: Closing this issue.

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.