17 lines
584 B
YAML
17 lines
584 B
YAML
# Namespace definitions for dexorder AI platform
|
|
# - default: gateway, web, and infrastructure services
|
|
# - dexorder-sandboxes: per-user sandbox containers (isolated, restricted)
|
|
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: dexorder-sandboxes
|
|
labels:
|
|
app.kubernetes.io/part-of: dexorder
|
|
dexorder.io/type: sandboxes
|
|
# Enforce restricted pod security standards
|
|
pod-security.kubernetes.io/enforce: restricted
|
|
pod-security.kubernetes.io/enforce-version: latest
|
|
pod-security.kubernetes.io/audit: restricted
|
|
pod-security.kubernetes.io/warn: restricted
|