From 84c3fb32f39306810b27fe33a36588bb6110201f Mon Sep 17 00:00:00 2001
From: Marco Ebert <marco@giantswarm.io>
Date: Wed, 4 Oct 2023 15:05:04 +0200
Subject: [PATCH] Values: Tighten
 `controller.extraModules.containerSecurityContext`.

---
 charts/ingress-nginx/values.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml
index a50383dee..f8866454e 100644
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@@ -590,7 +590,15 @@ controller:
   #   image: registry.k8s.io/ingress-nginx/mytestmodule
   #   distroless: false
   #   containerSecurityContext:
+  #     runAsNonRoot: true
+  #     runAsUser: <user-id>
   #     allowPrivilegeEscalation: false
+  #     seccompProfile:
+  #       type: RuntimeDefault
+  #     capabilities:
+  #       drop:
+  #       - ALL
+  #     readOnlyRootFilesystem: true
   #   resources: {}
   #
   # The image must contain a `/usr/local/bin/init_module.sh` executable, which