Deploy MenuBoard SEC-5 non-root image to GX10
This commit is contained in:
Andrew Stoltz
@@ -48,7 +48,7 @@
|
||||
}
|
||||
}
|
||||
],
|
||||
"image": "localhost/fc-menuboard-web:gx10-v1",
|
||||
"image": "localhost/fc-menuboard-web:v20260617-sec5-menuboard-303a636",
|
||||
"imagePullPolicy": "Never",
|
||||
"livenessProbe": {
|
||||
"failureThreshold": 3,
|
||||
@@ -83,12 +83,29 @@
|
||||
"timeoutSeconds": 5
|
||||
},
|
||||
"resources": {},
|
||||
"securityContext": {
|
||||
"allowPrivilegeEscalation": false,
|
||||
"capabilities": {
|
||||
"drop": [
|
||||
"ALL"
|
||||
]
|
||||
},
|
||||
"readOnlyRootFilesystem": true
|
||||
},
|
||||
"terminationMessagePath": "/dev/termination-log",
|
||||
"terminationMessagePolicy": "File",
|
||||
"volumeMounts": [
|
||||
{
|
||||
"mountPath": "/data",
|
||||
"name": "data"
|
||||
},
|
||||
{
|
||||
"mountPath": "/tmp",
|
||||
"name": "temp"
|
||||
},
|
||||
{
|
||||
"mountPath": "/app/logs",
|
||||
"name": "logs"
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -96,7 +113,13 @@
|
||||
"dnsPolicy": "ClusterFirst",
|
||||
"restartPolicy": "Always",
|
||||
"schedulerName": "default-scheduler",
|
||||
"securityContext": {},
|
||||
"securityContext": {
|
||||
"fsGroup": 1654,
|
||||
"fsGroupChangePolicy": "OnRootMismatch",
|
||||
"runAsGroup": 1654,
|
||||
"runAsNonRoot": true,
|
||||
"runAsUser": 1654
|
||||
},
|
||||
"terminationGracePeriodSeconds": 30,
|
||||
"volumes": [
|
||||
{
|
||||
@@ -104,6 +127,14 @@
|
||||
"persistentVolumeClaim": {
|
||||
"claimName": "menuboard-web-data"
|
||||
}
|
||||
},
|
||||
{
|
||||
"emptyDir": {},
|
||||
"name": "temp"
|
||||
},
|
||||
{
|
||||
"emptyDir": {},
|
||||
"name": "logs"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user