Security-context
The security-context trait specifies the security context for the containers that will be deployed on Kubernetes. This trait modifies the underlying pod spec in the spec.template. path
The following snippet shows an example application with a component and a security-context trait.
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: my-app
annotations:
version: "v0.0.1"
description: "My application"
spec:
components:
- name: busybox
type: worker
properties:
image: my-app-image:v1.0.0
traits:
- type: security-context
properties:
runAsUser: 1000 # (Optional) userID that will be used to execute the container processes.
runAsGroup: 1000 # (Optional) group ID that will be used to execute the container processes.
fsGroup: 1000 # (Optional) group ID that will be the owner for the volumes mounted on the containers.