How to set default security context on cluster?

Hi,

how can I query and set the default securityContext which is used for deployments?
I want to set runAsNonRoot: true as default.

Next question: can I set it differently for namespaces?
Regards, Andreas

Not sure this is best (or only?) option, but you can use pod security policies. You can specify that and mutate the pod spec for it (or refuse to run the pod if, instead of the default security context, tries to explicitly execute as root)