Grafana: Add container security context

This adds the container security context to grafana, which
explicitly sets allowPrivilegeEscalation to false

Change-Id: I3723a0c96699b9a517dafa2df08bf8cc916bf117
This commit is contained in:
Steve Wilkerson 2019-01-03 16:19:03 -06:00
parent 680f920312
commit bf5840fa7a

View File

@ -54,6 +54,8 @@ spec:
- name: grafana - name: grafana
{{ tuple $envAll "grafana" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll "grafana" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.grafana | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.grafana | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
allowPrivilegeEscalation: false
command: command:
- /tmp/grafana.sh - /tmp/grafana.sh
- start - start