From 3e2aa22b8d4e97ad600f7971ad392c66e5600223 Mon Sep 17 00:00:00 2001
From: cmsassot <cmsassot@cadoles.com>
Date: Mon, 25 Mar 2024 13:51:55 +0100
Subject: [PATCH] feat(hydra-oidc): non root user deployment

---
 .../hydra-oidc/resources/hydra-oidc-deployment.yaml       | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml
index 42f3bc2..e4d1e7e 100644
--- a/components/hydra-oidc/resources/hydra-oidc-deployment.yaml
+++ b/components/hydra-oidc/resources/hydra-oidc-deployment.yaml
@@ -46,6 +46,10 @@ spec:
             - configMapRef:
                 name: hydra-oidc-env
           resources: {}
+          securityContext:
+            runAsNonRoot: true
+            runAsGroup: 1000
+            runAsUser: 1000
 
         - image: reg.cadoles.com/cmsassot/hydra-oidc-test:latest
           imagePullPolicy: Always
@@ -90,4 +94,8 @@ spec:
             - name: CADDY_APP_ROOT_PUBLIC
               value: "/app/public/"
           resources: {}
+          securityContext:
+            runAsNonRoot: true
+            runAsGroup: 1000
+            runAsUser: 1000
       restartPolicy: Always