Sets basic security context for postgres and bumps chart version

Signed-off-by: Sebastian Kawelke <sebastian.kawelke@l3montree.com>

Author: seb-kw

charts/devguard/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.13.1
+version: 0.13.2
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.

charts/devguard/templates/postgresql/postgresql-deployment.yaml

@@ -16,10 +16,15 @@ spec:
       labels:
         app: postgresql
         version: "{{ .Chart.AppVersion }}"
+    automountServiceAccountToken: false
     spec:
       containers:
       - image: "{{ .Values.api.image.repository }}/postgresql:{{ .Chart.AppVersion }}"
         name: postgresql
+        securityContext:
+          seccompProfile:
+            type: RuntimeDefault
+          allowPrivilegeEscalation: false
         ports:
         - containerPort: 5432
           protocol: TCP