diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..1f725c9
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,8 @@
+language: bash
+install:
+  - curl -sLf -o kubeaudit.tar.gz  https://github.com/Shopify/kubeaudit/releases/download/v0.7.0/kubeaudit_0.7.0_linux_amd64.tar.gz
+  - tar -zxvf kubeaudit.tar.gz
+  - chmod +x kubeaudit
+script:
+  -  ./kubeaudit nonroot -f deployment.yaml &> errors
+  - if [ -s errors ] ; then cat errors; exit -1; fi
diff --git a/deployment.yaml b/deployment.yaml
index 5fc3833..420f9e4 100644
--- a/deployment.yaml
+++ b/deployment.yaml
@@ -1,3 +1,4 @@
+# hacked
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -16,7 +17,9 @@ spec:
       containers:
       - command:
         - /app/sample-app
-        image: gitopsbook/sample-app:v0.1
+        image: gitopsbook/sample-app:v0.2
         name: sample-app
         ports:
         - containerPort: 8080
+        securityContext:
+          runAsNonRoot: true