From ab453500d24508bc1187af91a858df6362113920 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 15 Sep 2023 23:48:18 +0200
Subject: [PATCH] fix(dns): Final adjustment regarding securityContext

---
 apps/k8s01/dns/dns.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/k8s01/dns/dns.yaml b/apps/k8s01/dns/dns.yaml
index f4c29f82e..587e7ff19 100644
--- a/apps/k8s01/dns/dns.yaml
+++ b/apps/k8s01/dns/dns.yaml
@@ -50,6 +50,7 @@ spec:
               mountPath: "/etc/pki/dnsproxy"
               readOnly: true
           securityContext:
+            allowPrivilegeEscalation: false
             capabilities:
               drop:
                 - ALL
@@ -60,8 +61,9 @@ spec:
             secretName: ingress-dns-tls
             optional: false
       securityContext:
-        allowPrivilegeEscalation: false
         runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
         seccompProfile:
           type: RuntimeDefault
         sysctls:
-- 
GitLab