mirror of
https://github.com/bitnami/charts.git
synced 2026-03-01 06:58:20 +08:00
mount root fs r/o
This commit is contained in:
@@ -68,6 +68,10 @@ spec:
|
||||
{{- if .Values.resources }}
|
||||
resources: {{- toYaml .Values.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.securityContext.enabled }}
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }}
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.enabled }}
|
||||
- name: metrics
|
||||
image: {{ template "memcached.metrics.image" . }}
|
||||
|
||||
@@ -72,6 +72,10 @@ spec:
|
||||
{{- if .Values.resources }}
|
||||
resources: {{- toYaml .Values.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.securityContext.enabled }}
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: {{ .Values.securityContext.readOnlyRootFilesystem }}
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.enabled }}
|
||||
volumeMounts:
|
||||
- name: pv-data
|
||||
|
||||
@@ -98,6 +98,7 @@ securityContext:
|
||||
enabled: true
|
||||
fsGroup: 1001
|
||||
runAsUser: 1001
|
||||
readOnlyRootFilesystem: true
|
||||
|
||||
## Pod annotations
|
||||
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
||||
|
||||
@@ -98,6 +98,7 @@ securityContext:
|
||||
enabled: true
|
||||
fsGroup: 1001
|
||||
runAsUser: 1001
|
||||
readOnlyRootFilesystem: true
|
||||
|
||||
## Pod annotations
|
||||
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
||||
|
||||
Reference in New Issue
Block a user