Skip to content

Security contexts

OpenShift requires your workloads to run as non-root. In order for this to work, your deployments must contain the explicit declarations to this end:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend
spec:
  # ...
  template:
    #...
    spec:
      securityContext:
        runAsNonRoot: true
        supplementalGroups: [ ]
        supplementalGroupsPolicy: Strict
        seccompProfile:
          type: RuntimeDefault
      containers:
        - # ...