Allow restricting container syscalls for Kuberhealthy pods in Helm chart #1109
Labels
do-not-close
Prevents issues from being automatically closed if stale
feature request
A request for a specific feature to be added to Kuberhealthy
good first issue
Good for newcomers
Describe the feature you would like and why you want it
Cluster administrators may wish to take advantage of
seccompProfile
in order to restrict the syscalls that the kuberhealthy-spawned containers are able to make. Details of whatseccompProfile
does and how to enable it are documented here: https://kubernetes.io/docs/tutorials/security/seccomp/For example, some clusters may enforce
seccompProfile
on all pods deployed to the cluster in order to meet security or compliance goals.It would be helpful if the helm chart is capable of allowing for
seccompProfile
configuration.PR
PR is submitted for this issue as #1110
The text was updated successfully, but these errors were encountered: