From 151844e26ad737f6227af6b15b67a9f633b7e33a Mon Sep 17 00:00:00 2001
From: Prateek Dodda <prateek.reddy.dodda@att.com>
Date: Wed, 6 Nov 2019 15:25:35 -0600
Subject: [PATCH] Implement Security Context for Haproxy

Implement readOnlyRootFilesystem:true for init container

Change-Id: I736b0ffd349379d6ceb6ca599021fcbe9eb54923
---
 charts/haproxy/values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml
index f8d40a16..7d39f39b 100644
--- a/charts/haproxy/values.yaml
+++ b/charts/haproxy/values.yaml
@@ -92,6 +92,8 @@ pod:
       container:
         haproxy_perms:
           runAsUser: 0
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
   lifecycle:
     upgrades:
       daemonsets: