summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--kubernetes/common/common/templates/_pod.tpl21
1 files changed, 21 insertions, 0 deletions
diff --git a/kubernetes/common/common/templates/_pod.tpl b/kubernetes/common/common/templates/_pod.tpl
index d3fc25ad6e..de2548562d 100644
--- a/kubernetes/common/common/templates/_pod.tpl
+++ b/kubernetes/common/common/templates/_pod.tpl
@@ -47,3 +47,24 @@
{{- end }}
{{- end }}
{{- end -}}
+
+{{/*
+ Generate securityContext for pod
+*/}}
+{{- define "common.podSecurityContext" -}}
+securityContext:
+ runAsUser: {{ .Values.securityContext.user_id }}
+ runAsGroup: {{ .Values.securityContext.group_id }}
+ fsGroup: {{ .Values.securityContext.group_id }}
+{{- end }}
+
+{{/*
+ Generate securityContext for container
+*/}}
+{{- define "common.containerSecurityContext" -}}
+securityContext:
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+{{- end }}
+