We want to change the
spec.initContainers[*].securityContext in the vault-agent-init container that runs as a init container to inject secrets into application pod. We are using Vault helm chart to deploy vault and it has securityContext configuration for injector pod and vault statefulset. Couldn’t find anything to configure the same for the init containers here.
I can see that the pod has the below securityContext
securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1000 runAsNonRoot: true runAsUser: 100
which is missing
seccompProfile: type: RuntimeDefault
based on the restricted pod security standards
Need to know a way to add the seccompProfile to the init container