aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
diff options
context:
space:
mode:
authorAndreas Geissler <andreas-geissler@telekom.de>2024-05-08 15:18:55 +0200
committerAndreas Geissler <andreas-geissler@telekom.de>2024-07-05 09:25:23 +0200
commitdc8c05476d316a16627d5b0934b69c3a9ecc38b7 (patch)
tree89c3b4a84a44c6e5db7086dfdc83630c17e6455b /kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
parent0f3311521a169a4774064f9c948460c955620f62 (diff)
[COMMON] Fix Kyverno Policies
common: - Add settings to common pod templates and fix Cassandra serviceMesh and MariaDB operator templates - Added template for mongodb - Empty lines to files added readinessCheck: - Add missing security settings mariadb-init: - add security settings in job cassandra: - Empty lines added to files mongodb: - make emptyDir volume size configurable others: - update chart dependency for mongodb in components - fix linter errors in all files Issue-ID: OOM-3295 Issue-ID: OOM-3296 Change-Id: Ieb64be337013e0477f7aaca9c75bb6a3f3264848 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Diffstat (limited to 'kubernetes/common/readinessCheck/templates/_readinessCheck.tpl')
-rw-r--r--kubernetes/common/readinessCheck/templates/_readinessCheck.tpl7
1 files changed, 7 insertions, 0 deletions
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 51791fec13..42f526148a 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -95,6 +95,13 @@
securityContext:
runAsUser: {{ $subchartDot.Values.user }}
runAsGroup: {{ $subchartDot.Values.group }}
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
command:
- /app/ready.py
args: