Andrey f65051966c feat: add run_as_non_root=True to Kubernetes Starter template (#16512) ...

This document sounds like `run_as_non_root=True` should be enabled for
workspaces.

https://coder.com/docs/install/kubernetes#kubernetes-security-reference
> All containers must run as non-root user
>  - Control plane - ...
> - Workspaces - Workspace pod UID is [set in the Terraform template
here](f57ce97b5a/examples/templates/kubernetes/main.tf (L274-L276)),
and are not required to run as root.

Administrators of the Kubernetes of a cluster I am working on have added
a security check on it, and prevent creating pods, without
`run_as_non_root=True`. So, I need to set it every time I create a
template.

According to the docs used with `run_as_user=1000` it should not have
negative effects and could be safely added.
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.26/

2025-02-12 10:58:33 -05:00

..

jfrog

chore: adopt markdownlint and markdown-table-formatter for *.md (#15831)

2025-01-03 13:12:59 +00:00

lima

chore: update docs links (#14221)

2024-08-17 11:51:13 +00:00

monitoring/dashboards/grafana

chore: use tabs for prettier and biome (#14283)

2024-08-15 14:53:53 -06:00

parameters

fix(examples): add keep_locally to docker_image resources (#16012)

2025-01-02 13:17:53 +00:00

parameters-dynamic-options

chore: use latest code-server in examples (#14030)

2024-07-26 21:53:17 +00:00

templates

feat: add run_as_non_root=True to Kubernetes Starter template (#16512)

2025-02-12 10:58:33 -05:00

workspace-tags

fix(provisioner/terraform/tfparse): allow empty values in coder_workspace_tag defaults (#16303)

2025-01-28 09:11:39 +00:00

examples_test.go

ci: fix go tests not running if examples are updated (#15514)

2024-11-14 14:20:51 +00:00

examples.gen.json

chore: unify azure-linux and azure-windows templates (#16039)

2025-01-06 09:24:16 +04:00

examples.go

chore: add template ID disclaimer (#15770)

2024-12-06 17:37:35 +01:00