Security: Enable Pod Security Standards and container security contexts

## Priority: HIGH

## Description
No pod security policies are configured, and 6/8 services run without security contexts. This allows containers to run as root and with unnecessary capabilities.

## Impact
- Containers running as root increase attack surface
- No resource limits could lead to DoS
- Missing security controls for compliance

## Required Actions
1. Add securityContext to all deployments:
   - runAsNonRoot: true
   - runAsUser: 1000
   - readOnlyRootFilesystem: true where possible
2. Set resource limits on all containers
3. Enable Pod Security Standards at namespace level
4. Add readiness and liveness probes

## Acceptance Criteria
- [ ] All containers run as non-root
- [ ] Resource limits defined for CPU and memory
- [ ] Pod Security Standards enforced
- [ ] Health probes configured

## References
- CIS Kubernetes Benchmark 5.3.2
- Original finding in SECURITY-REVIEW.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security: Enable Pod Security Standards and container security contexts #2

Priority: HIGH

Description

Impact

Required Actions

Acceptance Criteria

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security: Enable Pod Security Standards and container security contexts #2

Description

Priority: HIGH

Description

Impact

Required Actions

Acceptance Criteria

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions