mirrors/kube-prometheus
1
0
Fork 0
mirror of https://github.com/prometheus-operator/kube-prometheus.git synced 2025-11-07 11:31:02 +01:00
Code Issues Projects Releases Wiki Activity

jsonnet/kube-prometheus: kube-rbac-proxy should run as UID 65532

Browse Source
This commit is contained in:
paulfantom 2020-11-23 11:26:47 +01:00
parent 7f50004133
commit befa960a1e
No known key found for this signature in database
GPG Key ID: 12AE0185401674E7
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jsonnet/kube-prometheus/kube-rbac-proxy/container.libsonnet
View File

@ -41,7 +41,9 @@
{ name: krp.config.kubeRbacProxy.securePortName, containerPort: krp.config.kubeRbacProxy.securePort }, { name: krp.config.kubeRbacProxy.securePortName, containerPort: krp.config.kubeRbacProxy.securePort },
], ],
securityContext: { securityContext: {
runAsUser: 65534, runAsUser: 65532,
runAsGroup: 65532,
runAsNonRoot: true,
}, },
}], }],
}, },

5
jsonnet/kube-prometheus/node-exporter/node-exporter.libsonnet
View File

@ -103,6 +103,11 @@
{ name: 'https', containerPort: $._config.nodeExporter.port, hostPort: $._config.nodeExporter.port }, { name: 'https', containerPort: $._config.nodeExporter.port, hostPort: $._config.nodeExporter.port },
], ],
resources: $._config.resources['kube-rbac-proxy'], resources: $._config.resources['kube-rbac-proxy'],
securityContext: {
runAsUser: 65532,
runAsGroup: 65532,
runAsNonRoot: true,
},
}; };
{ {