From c29e84292fbc3719d53a77f20cbfe59daa3a4ace Mon Sep 17 00:00:00 2001
From: Jeroen Rijken <jeroen.rijken@xs4all.nl>
Date: Fri, 3 Mar 2023 18:01:26 +0100
Subject: [PATCH] Set securityContext

Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
---
 charts/crowdsec/templates/tests/test_lapi_up.yaml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/charts/crowdsec/templates/tests/test_lapi_up.yaml b/charts/crowdsec/templates/tests/test_lapi_up.yaml
index 4f6a3de..fd5b820 100644
--- a/charts/crowdsec/templates/tests/test_lapi_up.yaml
+++ b/charts/crowdsec/templates/tests/test_lapi_up.yaml
@@ -16,4 +16,16 @@ spec:
       - -ec
       - |
         curl -XGET http://{{ .Release.Name }}-service:8080/health
-  restartPolicy: Never
\ No newline at end of file
+    securityContext:
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+          - ALL
+      privileged: false
+      readOnlyRootFilesystem: true
+      runAsGroup: {{ .Values.securityContext.runAsGroup | default "10000" }}
+      runAsNonRoot: true
+      runAsUser: {{ .Values.securityContext.runAsUser | default "10000" }}
+      seccompProfile:
+        type: RuntimeDefault
+  restartPolicy: Never