intel-device-plugins-for-ku.../deployments/fpga_admissionwebhook/manager/manager.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: webhook
  namespace: system
  labels:
    control-plane: controller-manager
spec:
  selector:
    matchLabels:
      control-plane: controller-manager
  replicas: 1
  template:
    metadata:
      labels:
        control-plane: controller-manager
    spec:
      containers:
      - image: intel/intel-fpga-admissionwebhook:devel
        imagePullPolicy: IfNotPresent
        name: manager
        securityContext:
          runAsNonRoot: true
          runAsUser: 65532
          runAsGroup: 65532
          readOnlyRootFilesystem: true
        resources:
          limits:
            cpu: 100m
            memory: 30Mi
          requests:
            cpu: 100m
            memory: 20Mi
      terminationGracePeriodSeconds: 10