3 anos atrás · e0a310dcb0
--- a/kubernetes/opencost.yaml
+++ b/kubernetes/opencost.yaml
@@ -159,6 +159,14 @@ spec:
 
				             - name: CLUSTER_ID
			
 
				               value: "cluster-one" # Default cluster ID to use if cluster_id is not set in Prometheus metrics.
			
 
				           imagePullPolicy: Always
			
 
				+          securityContext:
			
 
				+            allowPrivilegeEscalation: false
			
 
				+            capabilities:
			
 
				+              drop:
			
 
				+                - ALL
			
 
				+            privileged: false
			
 
				+            readOnlyRootFilesystem: true
			
 
				+            runAsUser: 1001
			
 
				         - image: quay.io/kubecost1/opencost-ui:latest
			
 
				           name: opencost-ui
			
 
				           resources: