innohub/k3s
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

pod security - privileged

Browse Source
This commit is contained in:
titusvermesan
2024-10-21 13:47:48 +02:00
parent 0d99e74d90
commit d6ee8a7f4e
1 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
argocd/apps/minio/minio.yaml
View File

@@ -45,18 +45,20 @@ spec:
- name: apiIngress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls - name: apiIngress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
value: 'true' value: 'true'
forceString: true forceString: true
- name: containerSecurityContext.allowPrivilegeEscalation # - name: containerSecurityContext.allowPrivilegeEscalation
value: 'false' # value: 'false'
- name: containerSecurityContext.capabilities.drop # - name: containerSecurityContext.capabilities.drop
value: 'ALL' # value: 'ALL'
- name: containerSecurityContext.runAsNonRoot # - name: containerSecurityContext.runAsNonRoot
value: 'true' # value: 'true'
- name: containerSecurityContext.seccompProfile.type # - name: containerSecurityContext.seccompProfile.type
value: 'RuntimeDefault' # value: 'RuntimeDefault'
chart: minio chart: minio
destination: destination:
server: 'https://kubernetes.default.svc' server: 'https://kubernetes.default.svc'
namespace: minio namespace: minio
labels:
pod-security.kubernetes.io/enforce: privileged
syncPolicy: syncPolicy:
automated: automated:
selfHeal: true selfHeal: true