Merge pull request #46 from rptaylor/kube-vip-provider-seccontext

define minimal securityContext for cloud provider
kube-vip · Oct 18, 2024 · f13d698 · f13d698
2 parents b4c12c0 + 1eb7e25
commit f13d698
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/charts/kube-vip-cloud-provider/templates/deployment.yaml b/charts/kube-vip-cloud-provider/templates/deployment.yaml
@@ -22,6 +22,10 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
+          securityContext:
+            allowPrivilegeEscalation: false
+            seccompProfile:
+              type: RuntimeDefault
       serviceAccountName: {{ include "kube-vip-cloud-provider.name" . }}
       {{- if .Values.nodeSelector }}
       nodeSelector: