apiVersion: apps/v1 kind: Deployment metadata: name: werther namespace: default labels: app.kubernetes.io/name: werther app.kubernetes.io/instance: werther app.kubernetes.io/version: "v1.2.2" spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: werther app.kubernetes.io/instance: werther template: metadata: labels: app.kubernetes.io/name: werther app.kubernetes.io/instance: werther app.kubernetes.io/version: "v1.2.2" spec: containers: - name: werther image: "reg.cadoles.com/cadoles/werther:1.2.2-feat_ssl_ignore-a39445f" imagePullPolicy: IfNotPresent envFrom: - configMapRef: name: werther-env env: - name: WERTHER_WEB_DIR value: "/usr/share/werther/login/" - name: WERTHER_LDAP_BINDDN valueFrom: secretKeyRef: name: werther-ldap-sc key: WERTHER_LDAP_BINDDN - name: WERTHER_LDAP_BINDPW valueFrom: secretKeyRef: name: werther-ldap-sc key: WERTHER_LDAP_BINDPW ports: - containerPort: 8080 name: werther-http securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 100