enhanced security

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>

charts/postgres-operator/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: postgres-operator
 description: Postgres Operator creates and manages PostgreSQL clusters running in Kubernetes
-version: 1.7.2
+version: 1.7.3
 appVersion: 1.7.1
 home: https://github.com/zalando/postgres-operator
 sources:

charts/postgres-operator/values.yaml

@@ -394,6 +394,9 @@ securityContext:
   runAsNonRoot: true
   readOnlyRootFilesystem: true
   allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+      - ALL
 
 # Affinity for pod assignment
 # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity