Currently, the securityContext can only be defined for the nxrm-app container here
In our enterprise environment, security policies have been enforced and the Helm deployment fails because the sidecar log containers don't comply with those policies.
Can a securityContext be also defined at pod level?
Edit:
I have set readOnlyRootFilesystem & allowPrivilegeEscalation at pod level in a modified Helm chart, but the property did not seem to be inherited by the "log" containers (MS Defender would still complain about it).
Therefore, we would also need to be able to define a securityContext for the "log" containers.
jackmtpt
commented
5 months ago
Currently, the securityContext can only be defined for the nxrm-app container here
In our enterprise environment, security policies have been enforced and the Helm deployment fails because the sidecar log containers don't comply with those policies.
Can a securityContext be also defined at pod level?
It is also related to this issue: https://github.com/sonatype/nxrm3-ha-repository/issues/36
Edit: I have set readOnlyRootFilesystem & allowPrivilegeEscalation at pod level in a modified Helm chart, but the property did not seem to be inherited by the "log" containers (MS Defender would still complain about it). Therefore, we would also need to be able to define a securityContext for the "log" containers.