This commit is contained in:
cmsassot 2024-03-26 10:50:58 +01:00
parent 85ec6f03c8
commit aaccecf5ba
3 changed files with 36 additions and 24 deletions

View File

@ -46,10 +46,10 @@ spec:
- configMapRef: - configMapRef:
name: hydra-oidc-env name: hydra-oidc-env
resources: {} resources: {}
securityContext: # securityContext:
runAsNonRoot: true # runAsNonRoot: true
runAsGroup: 1000 # runAsGroup: 1000
runAsUser: 1000 # runAsUser: 1000
- image: reg.cadoles.com/cmsassot/hydra-oidc-test:latest - image: reg.cadoles.com/cmsassot/hydra-oidc-test:latest
imagePullPolicy: Always imagePullPolicy: Always
@ -94,8 +94,8 @@ spec:
- name: CADDY_APP_ROOT_PUBLIC - name: CADDY_APP_ROOT_PUBLIC
value: "/app/public/" value: "/app/public/"
resources: {} resources: {}
securityContext: # securityContext:
runAsNonRoot: true # runAsNonRoot: true
runAsGroup: 1000 # runAsGroup: 1000
runAsUser: 1000 # runAsUser: 1000
restartPolicy: Always restartPolicy: Always

View File

@ -36,10 +36,10 @@ spec:
initialDelaySeconds: 10 initialDelaySeconds: 10
periodSeconds: 30 periodSeconds: 30
resources: {} resources: {}
securityContext: # securityContext:
runAsNonRoot: true # runAsNonRoot: true
runAsGroup: 1000 # runAsGroup: 1000
runAsUser: 1000 # runAsUser: 1000
envFrom: envFrom:
- configMapRef: - configMapRef:
name: hydra-sql-env name: hydra-sql-env
@ -98,10 +98,10 @@ spec:
- name: CADDY_APP_ROOT_PUBLIC - name: CADDY_APP_ROOT_PUBLIC
value: "/app/public/" value: "/app/public/"
resources: {} resources: {}
securityContext: # securityContext:
runAsNonRoot: true # runAsNonRoot: true
runAsGroup: 1000 # runAsGroup: 1000
runAsUser: 1000 # runAsUser: 1000
ports: ports:
- containerPort: 8080 - containerPort: 8080
volumeMounts: volumeMounts:

View File

@ -48,10 +48,10 @@ spec:
- mountPath: /app/config/hydra - mountPath: /app/config/hydra
name: hydra-dispatcher-apps name: hydra-dispatcher-apps
resources: {} resources: {}
securityContext: # securityContext:
runAsNonRoot: true # runAsNonRoot: true
runAsGroup: 1000 # runAsGroup: 1000
runAsUser: 1000 # runAsUser: 1000
- image: reg.cadoles.com/cmsassot/hydra-dispatcher-test:latest - image: reg.cadoles.com/cmsassot/hydra-dispatcher-test:latest
imagePullPolicy: Always imagePullPolicy: Always
name: hydra-dispatcher-nginx name: hydra-dispatcher-nginx
@ -95,12 +95,24 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
resources: {} resources: {}
securityContext: volumeMounts:
runAsNonRoot: true - name: caddy-data
runAsGroup: 1000 mountPath: /tmp/caddy
runAsUser: 1000 - name: caddy-var
mountPath: /var/caddy
# securityContext:
# runAsNonRoot: true
# runAsGroup: 1000
# runAsUser: 1000
restartPolicy: Always restartPolicy: Always
volumes: volumes:
- name: hydra-dispatcher-apps - name: hydra-dispatcher-apps
configMap: configMap:
name: hydra-dispatcher-apps name: hydra-dispatcher-apps
- name: caddy-data
emptyDir:
sizeLimit: 128Mi
- name: caddy-var
emptyDir:
sizeLimit: 256Mi