From 0eaaf6d577707960c93473844f28dfa9df0bc47c Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Sun, 14 Jan 2024 19:37:57 +0100
Subject: [PATCH] Improve deployment security

---
 yaml/deployment.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/yaml/deployment.yaml b/yaml/deployment.yaml
index 5fee94a..8fb5563 100644
--- a/yaml/deployment.yaml
+++ b/yaml/deployment.yaml
@@ -65,6 +65,8 @@ spec:
               cpu: "0.01"
           securityContext:
             allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            readOnlyRootFilesystem: true
             capabilities:
               drop:
               - ALL