Skip to content
Snippets Groups Projects
Verified Commit bd5de3db authored by Sheogorath's avatar Sheogorath :european_castle:
Browse files

feat(mastodon): Try to move Mastodon to PSS restricted compliance

parent 6e5d13ef
No related branches found
No related tags found
No related merge requests found
Pipeline #18162 failed
Stage: lint
Stage: build
Hide whitespace changes
Inline Side-by-side
charts/mastodon/values.yaml
+ 5
1
View file @ bd5de3db
...@@ -163,7 +163,7 @@ mastodon: ...@@ -163,7 +163,7 @@ mastodon:
# -- Pod Security Context for Streaming Pods, overwrites .Values.podSecurityContext # -- Pod Security Context for Streaming Pods, overwrites .Values.podSecurityContext
podSecurityContext: {} podSecurityContext: {}
# -- (Streaming Container) Security Context for Streaming Pods, overwrites .Values.securityContext # -- (Streaming Container) Security Context for Streaming Pods, overwrites .Values.securityContext
securityContext: {} securityContext:
# -- (Streaming Container) Resources for Streaming Pods, overwrites .Values.resources # -- (Streaming Container) Resources for Streaming Pods, overwrites .Values.resources
resources: {} resources: {}
# limits: # limits:
...@@ -381,9 +381,13 @@ externalAuth: ...@@ -381,9 +381,13 @@ externalAuth:
# if you manually change the UID/GID environment variables, ensure these values # if you manually change the UID/GID environment variables, ensure these values
# match: # match:
podSecurityContext: podSecurityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 991 runAsUser: 991
runAsGroup: 991 runAsGroup: 991
fsGroup: 991 fsGroup: 991
seccompProfile:
type: "RuntimeDefault"
# @ignored # @ignored
securityContext: {} securityContext: {}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment