Flyte enables production-grade orchestration for machine learning workflows and data processing created to accelerate local workflows to production.

Flyte

Dear all,
I have a question regarding setting the securityContext for flyte workloads - including the sidecar containers.

One way of changing the securitycontext of the pod/containers is through defining a pod template in python:
`pod_template_data_management = Pod(`
    `pod_spec=V1PodSpec(`
        `containers=[`
            `V1Container(`
                `name="primary",`
                            # omitted for brevity
                *`security_context = V1SecurityContext(`*
                    *`allow_privilege_escalation = False,`*
                    *`capabilities = V1Capabilities(`*
                        *`drop = ["SYS_PTRACE", "ALL"]`*
                    *`),`*
                    *`privileged = False,`*
                    *`run_as_non_root = True`*
                *`),`*
            `),`
        `],`
        *`security_context = V1PodSecurityContext(`*
            *`run_as_non_root = True,`*
            *`seccomp_profile = V1SeccompProfile(`*
                *`type = "RuntimeDefault"`*
            *`),`*
            *`run_as_user = 1000`*
        *`)`*
    `),`
`)`

and then using it in a task definition like this:
`download_data_from_minio = ContainerTask(`
    `name="DownloadData",`
    `image=myimage,`
    `command=["python", "-m", "src.download_data"],`
        # omitted for brevity
    *`pod_template=pod_template_data_management,`*
`)`