From 28ddcaa22e1b6cdf2db64cb383f9f5026a0c0ff1 Mon Sep 17 00:00:00 2001
From: dntosas <ntosas@gmail.com>
Date: Wed, 17 Jul 2024 15:54:41 +0300
Subject: [PATCH] feat(chart): improve default containerSecurityContext

Signed-off-by: dntosas <ntosas@gmail.com>
---
 charts/capi2argo-cluster-operator/values.yaml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/charts/capi2argo-cluster-operator/values.yaml b/charts/capi2argo-cluster-operator/values.yaml
index 8f41f744..3e56142b 100644
--- a/charts/capi2argo-cluster-operator/values.yaml
+++ b/charts/capi2argo-cluster-operator/values.yaml
@@ -54,7 +54,17 @@ rbac:
   clusterRole: true
   apiVersion: v1
 
-containerSecurityContext: {}
+containerSecurityContext:
+  runAsNonRoot: true
+  runAsUser: 1001
+  privileged: false
+  allowPrivilegeEscalation: false
+  seccompProfile:
+    type: RuntimeDefault
+  capabilities:
+    drop:
+    - ALL
+    
 podSecurityContext:
   enabled: true
   fsGroup: 1001