fix(charts): missing security context in BPDM init containers

eclipse-tractusx · Oct 25, 2024 · 4ff8ebb · 4ff8ebb
1 parent 4f3dda4
commit 4ff8ebb
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/charts/bpdm/charts/bpdm-common/templates/_deployment.tpl b/charts/bpdm/charts/bpdm-common/templates/_deployment.tpl
@@ -83,6 +83,15 @@ spec:
       initContainers:
         - name: startup-delay
           image: busybox:1.28
+          securityContext:
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
+            runAsUser: 10001
+            runAsGroup: 10001
+            capabilities:
+              drop:
+                - ALL
           command: ['sh', '-c', "sleep {{ $.Values.startupDelaySeconds }}"]
       {{- with .Values.nodeSelector }}
       nodeSelector: