diff --git a/deploy/chart/local-path-provisioner/values.yaml b/deploy/chart/local-path-provisioner/values.yaml index 674ffa23..b0651af2 100644 --- a/deploy/chart/local-path-provisioner/values.yaml +++ b/deploy/chart/local-path-provisioner/values.yaml @@ -97,10 +97,10 @@ podAnnotations: {} podSecurityContext: {} # runAsNonRoot: true -securityContext: {} +securityContext: + seccompProfile: + type: RuntimeDefault # allowPrivilegeEscalation: false - # seccompProfile: - # type: RuntimeDefault # capabilities: # drop: ["ALL"] # runAsUser: 65534 diff --git a/deploy/local-path-storage.yaml b/deploy/local-path-storage.yaml index d384314a..20be7480 100644 --- a/deploy/local-path-storage.yaml +++ b/deploy/local-path-storage.yaml @@ -106,6 +106,9 @@ spec: fieldPath: metadata.namespace - name: CONFIG_MOUNT_PATH value: /etc/config/ + securityContext: + seccompProfile: + type: RuntimeDefau volumes: - name: config-volume configMap: diff --git a/deploy/provisioner.yaml b/deploy/provisioner.yaml index dfe6e9ef..b1b23cc8 100644 --- a/deploy/provisioner.yaml +++ b/deploy/provisioner.yaml @@ -32,6 +32,9 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + securityContext: + seccompProfile: + type: RuntimeDefault volumes: - name: config-volume configMap: