feat(pod_security_context.yml): Add examle pod with securityContext (for Generali training)

ondrejsika · ondrejsika · commit d64964cd705d · 2023-11-28T18:07:09.000+01:00
diff --git a/pod_security_context.yml b/pod_security_context.yml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: simple-hello-world
+  labels:
+    app: simple-hello-world
+    svc: example
+spec:
+  containers:
+    - name: main
+      image: ondrejsika/training-example
+      ports:
+        - containerPort: 80
+      resources:
+        requests:
+          memory: 10Mi
+          cpu: 10m
+        limits:
+          memory: 20Mi
+          cpu: 20m
+      securityContext:
+        allowPrivilegeEscalation: false
+        capabilities:
+          drop:
+            - ALL
+        runAsNonRoot: true
+        runAsUser: 1000
+        seccompProfile:
+          type: RuntimeDefault
