aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/readinessCheck/templates/_readinessCheck.tpl')
-rw-r--r--kubernetes/common/readinessCheck/templates/_readinessCheck.tpl7
1 files changed, 7 insertions, 0 deletions
diff --git a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
index 51791fec13..42f526148a 100644
--- a/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
+++ b/kubernetes/common/readinessCheck/templates/_readinessCheck.tpl
@@ -95,6 +95,13 @@
securityContext:
runAsUser: {{ $subchartDot.Values.user }}
runAsGroup: {{ $subchartDot.Values.group }}
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
command:
- /app/ready.py
args: