The security-context trait specifies the security context for the containers that will be deployed on Kubernetes. This trait modifies the underlying pod spec in the spec.template. path
The following snippet shows an example application with a component and a security-context trait.
apiVersion: core.oam.dev/v1beta1 kind: Application metadata: name: my-app annotations: version: "v0.0.1" description: "My application" spec: components: - name: busybox type: worker properties: image: my-app-image:v1.0.0 traits: - type: security-context properties: runAsUser: 1000 # (Optional) userID that will be used to execute the container processes. runAsGroup: 1000 # (Optional) group ID that will be used to execute the container processes. fsGroup: 1000 # (Optional) group ID that will be the owner for the volumes mounted on the containers.