apps(teable): Running as non-root, and moved storage to seaweedfs-storage

apps/teable/deployment.yaml

@@ -51,6 +51,16 @@ spec:
             limits:
               cpu: 1000m
               memory: 1024Mi
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
       containers:
         - name: teable
           image: ghcr.io/teableio/teable:sha-257d098af67e9260b6abb09da0e08eafef34ae08
@@ -110,3 +120,13 @@ spec:
           volumeMounts:
           - name: valkey-data
             mountPath: "/data"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault

apps/teable/pvc.yaml

@@ -6,7 +6,7 @@ metadata:
 spec:
   accessModes:
     - ReadWriteOnce
-  storageClassName: s3yuyuko
   resources:
     requests:
-      storage: 2Gi
+      storage: 5Gi
+  storageClassName: seaweedfs-storage