github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-05-18 15:27:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
kubevela/references/docgen/def-doc/trait/securitycontext.eg.md
Thomas Schuetz 9f09436359
Some checks failed
Definition-Lint / definition-doc (push) Failing after 1m45s
CodeQL / Analyze (go) (push) Failing after 1m49s
E2E MultiCluster Test / detect-noop (push) Successful in 18s
E2E Test / detect-noop (push) Successful in 26s
Go / detect-noop (push) Successful in 21s
Registry / publish-core-images (push) Failing after 1m24s
license / Check for unapproved licenses (push) Failing after 2m53s
Unit-Test / detect-noop (push) Successful in 26s
E2E MultiCluster Test / e2e-multi-cluster-tests (v1.29) (push) Failing after 1m56s
E2E Test / e2e-tests (v1.29) (push) Failing after 1m24s
Sync SDK / sync_sdk (push) Failing after 23m1s
Go / staticcheck (push) Successful in 19m14s
Go / check-diff (push) Failing after 15m19s
Go / check-core-image-build (push) Failing after 4m25s
Go / lint (push) Failing after 21m4s
Go / check-cli-image-build (push) Failing after 3m26s
Unit-Test / unit-tests (push) Failing after 8m53s
Scorecards supply-chain security / Scorecards analysis (push) Failing after 20s
Go / check-windows (push) Has been cancelled
Feat: add securityContext and podSecurityContext traits (#6666) 
* feat: add securityContext and podSecurityContext traits

Signed-off-by: Thomas Schuetz <thomas.schuetz@t-sc.eu>
Signed-off-by: Thomas Schütz <thomas.schuetz@karriere.at>

* Fix: broken runner config for workglow (#6669)

Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
Signed-off-by: Thomas Schütz <thomas.schuetz@karriere.at>

* fix: fix spaces at for statements

Signed-off-by: Thomas Schütz <thomas.schuetz@karriere.at>

---------

Signed-off-by: Thomas Schuetz <thomas.schuetz@t-sc.eu>
Signed-off-by: Thomas Schütz <thomas.schuetz@karriere.at>
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
Co-authored-by: Anoop Gopalakrishnan <2038273+anoop2811@users.noreply.github.com>
2025-01-10 22:24:22 +05:30

761 B
Raw Permalink Blame History 

apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
  name: podtato-head
spec:
  components:
    - name: podtato-head-frontend
      type: webservice
      properties:
        image: ghcr.io/podtato-head/podtato-server:v0.3.1
        ports:
          - port: 8080
            expose: true
        cpu: "0.1"
        memory: "32Mi"
      traits:
        - type: securitycontext
          properties:
            # drops all capabilities
            dropCapabilities:
              - ALL
            # runs container as non-root user
            runAsNonRoot: true
            # ensures that the container runs unprivileged
            privileged: false
            # runs container in read-only mode
            readOnlyRootFilesystem: false
Reference in New Issue View Git Blame Copy Permalink