Some security audit tools (GCP SCC) rises a concern if spec.template.spec.securityContext.runAsNonRoot != true, however setting it to true will cause STS pod to fail with CreateContainerConfigError: Error: container's runAsUser breaks non-root policy... error .
Enforcing runAsNonRoot: false for tuning container should fix the issue.
Some security audit tools (GCP SCC) rises a concern if
spec.template.spec.securityContext.runAsNonRoot != true, however setting it totruewill cause STS pod to fail withCreateContainerConfigError: Error: container's runAsUser breaks non-root policy...error .Enforcing
runAsNonRoot: falsefor tuning container should fix the issue.