feat(k8s): use secret as shared source for admin private key

2024-03-28 15:53:40 +01:00
parent 35717429a2
commit 7de166765b
18 changed files with 351 additions and 60 deletions
--- a/misc/k8s/kustomization/base/resources/bouncer-server/resources/deployment.yaml
+++ b/misc/k8s/kustomization/base/resources/bouncer-server/resources/deployment.yaml
@ -21,6 +21,10 @@ spec:
      containers:
        - name: bouncer-server
          image: bouncer
+          securityContext:
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 1000
          command:
            [
              "bouncer",