From 7dcf73920129cbc02b57903bef1abeb739a67633 Mon Sep 17 00:00:00 2001
From: ktech810 <ktech810@gmail.com>
Date: Mon, 16 Mar 2026 11:55:48 -0700
Subject: [PATCH] Update db-deployment.yaml - security context

---
 k8s-specifications/db-deployment.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/k8s-specifications/db-deployment.yaml b/k8s-specifications/db-deployment.yaml
index 7c3948212..e1a7e39bd 100644
--- a/k8s-specifications/db-deployment.yaml
+++ b/k8s-specifications/db-deployment.yaml
@@ -28,6 +28,12 @@ spec:
         volumeMounts:
         - mountPath: /var/lib/postgresql/data
           name: db-data
+        securityContext:
+          runAsNonRoot: true
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+              - ALL
       volumes:
       - name: db-data
         emptyDir: {}