A lowly tech priest's attempt to please Mars
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix: set container security policy for authentik

+11 -5
+11 -5
kubernetes/apps/authentication/authentik/helmrelease.yaml
··· 51 51 name: authentik-cert 52 52 53 53 securityContext: 54 - allowPrivilegeEscalation: false 55 - capabilities: 56 - drop: 57 - - ALL 58 - readOnlyRootFilesystem: true 54 + runAsNonRoot: true 59 55 runAsGroup: 12019 60 56 runAsUser: 12019 61 57 seccompProfile: ··· 65 61 deploymentAnnotations: 66 62 postgres.proteus/init-db: authentik-init-db-secrets 67 63 postgres.proteus/init-db-ca-volume: service-certs 64 + 65 + containerSecurityContext: &containerSecurityContext 66 + allowPrivilegeEscalation: false 67 + capabilities: 68 + drop: 69 + - ALL 70 + 68 71 ingress: 69 72 enabled: false 70 73 https: false ··· 83 86 - "sso.${SECRET_HOST}" 84 87 85 88 https: false 89 + 90 + worker: 91 + containerSecurityContext: *containerSecurityContext