kubernetes: introduce securityContext in the pod template (!37) · Merge requests · repos / cloud / toolforge / Webservice CLI

Arturo Borrero Gonzalez requested to merge arturo-104-kubernetes-introduc into main May 07, 2024

ntroduce a stricter pod template by including an explicit securityContext to limit what a pod can and cannot do.

This is part of the PSP migration. This will help us later when we start enforcing that these values are always present for used-defined workloads.

Anyway, the kubernetes defaults for these values may or may not be what we are expecting, so setting them explicitly should be fine even if not part of the PSP migration.

Bug: T362050 Signed-off-by: Arturo Borrero Gonzalez aborrero@wikimedia.org

Admin message

Admin message

kubernetes: introduce securityContext in the pod template

Merge request reports